| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im AnhangWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.06.2013, 16:52
| #1 |
| |  GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hallo, es hat den Laptop meiner Schwiegereltern erwischt. Konnte das System mit F8 im abg. Modus mit Eingabeaufforderung starten und OTL (SafeListe, alle Benutzer, LOP) laufen lassen. Die Logs befinden sich im Anhang. Wäre schön, wenn sich das jemand anschauen könnte. Danke vorab, Christian |
|
10.06.2013, 16:59
| #2 |
| /// Malware-holic   | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hi,
__________________otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKU\S-1-5-21-3474468613-1772881083-2037395652-1000..\Run: [ctfmon32.exe] C:\ProgramData\iv6zfo.dat (Корпорация Майкрософт)
[2013.06.10 00:14:43 | 000,182,272 | ---- | C] (Корпорация Майкрософт) -- C:\ProgramData\iv6zfo.dat
[2013.06.10 00:14:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013.06.10 17:24:57 | 095,023,320 | ---- | M] () -- C:\ProgramData\ofz6vi.pad
[2013.06.10 00:15:08 | 000,000,152 | ---- | M] () -- C:\ProgramData\ofz6vi.reg
[2013.06.10 00:15:08 | 000,000,057 | ---- | M] () -- C:\ProgramData\ofz6vi.bat
[2013.06.10 00:14:47 | 000,002,670 | ---- | M] () -- C:\ProgramData\ofz6vi.js
[2013.06.10 00:14:47 | 000,001,031 | ---- | M] () -- C:\Users\Carmen Roewer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
:files
:Commands
[emptytemp]
starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
10.06.2013, 17:46
| #3 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hallo,
__________________das ging ja schnell, hier das neue Log: Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3474468613-1772881083-2037395652-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon32.exe deleted successfully.
C:\ProgramData\iv6zfo.dat moved successfully.
File C:\ProgramData\iv6zfo.dat not found.
C:\ProgramData\rundll32.exe moved successfully.
C:\ProgramData\ofz6vi.pad moved successfully.
C:\ProgramData\ofz6vi.reg moved successfully.
C:\ProgramData\ofz6vi.bat moved successfully.
C:\ProgramData\ofz6vi.js moved successfully.
C:\Users\Carmen Roewer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk moved successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Carmen Roewer
->Temp folder emptied: 2395255294 bytes
->Temporary Internet Files folder emptied: 1250807330 bytes
->Java cache emptied: 32834821 bytes
->Flash cache emptied: 151555 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 537959403 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50562 bytes
RecycleBin emptied: 1235756934 bytes
Total Files Cleaned = 5.200,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06102013_181418
Files\Folders moved on Reboot...
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_D7F16701-C634-4A36-92FA-7FA8FDEFB88F.0\7AC64F0F. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_D724A49A-31BC-471C-A374-D1852EA9FB89.0\6F156B50. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_D190E423-A974-4424-ADA3-60FE8E3BE1EE.0\CDCC132D. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_B33A414A-DE60-4700-95A6-9D0D9A4FB341.0\81D12E31. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_6362DB44-A287-4D8C-A696-EFD2C23D27D5.0\FD2AACD2. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_5C471125-4A25-45A1-8AFA-2076F2B88E21.0\F2943C87. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_54BEC859-EC67-4CE7-A83F-7336CA95C7E6.0\94FFB069. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_132F6D7F-69EB-49A0-98F6-9450B4D15646.0\FB613ABF. not found!
File\Folder C:\Users\Carmen Roewer\AppData\Local\Temp\Low\OICE_07BE59DA-D847-4055-9658-23A5D5AE1D43.0\AEF58DFA. not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
10.06.2013, 17:47
| #4 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Weiter bitte mit dem Upload
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 07:02
| #5 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Guten Morgen, Upload erfolgreich. Gruß Christian |
|
11.06.2013, 09:48
| #6 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang THX Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang |
|
11.06.2013, 11:12
| #7 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Keine Bedrohungen gefunden: Code:
ATTFilter 12:09:59.0668 1988 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
12:10:01.0680 1988 ============================================================
12:10:01.0680 1988 Current date / time: 2013/06/11 12:10:01.0680
12:10:01.0680 1988 SystemInfo:
12:10:01.0680 1988
12:10:01.0680 1988 OS Version: 6.1.7601 ServicePack: 1.0
12:10:01.0680 1988 Product type: Workstation
12:10:01.0680 1988 ComputerName: xxx
12:10:01.0696 1988 UserName: xxx
12:10:01.0696 1988 Windows directory: C:\Windows
12:10:01.0696 1988 System windows directory: C:\Windows
12:10:01.0696 1988 Running under WOW64
12:10:01.0696 1988 Processor architecture: Intel x64
12:10:01.0696 1988 Number of processors: 2
12:10:01.0696 1988 Page size: 0x1000
12:10:01.0696 1988 Boot type: Normal boot
12:10:01.0696 1988 ============================================================
12:10:03.0084 1988 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:03.0100 1988 ============================================================
12:10:03.0100 1988 \Device\Harddisk0\DR0:
12:10:03.0100 1988 MBR partitions:
12:10:03.0100 1988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:10:03.0100 1988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
12:10:03.0100 1988 ============================================================
12:10:03.0131 1988 C: <-> \Device\Harddisk0\DR0\Partition2
12:10:03.0131 1988 ============================================================
12:10:03.0131 1988 Initialize success
12:10:03.0131 1988 ============================================================
12:10:13.0942 4332 ============================================================
12:10:13.0942 4332 Scan started
12:10:13.0942 4332 Mode: Manual;
12:10:13.0942 4332 ============================================================
12:10:15.0128 4332 ================ Scan system memory ========================
12:10:15.0128 4332 System memory - ok
12:10:15.0128 4332 ================ Scan services =============================
12:10:15.0330 4332 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:10:15.0346 4332 1394ohci - ok
12:10:15.0377 4332 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:10:15.0393 4332 ACPI - ok
12:10:15.0424 4332 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:10:15.0424 4332 AcpiPmi - ok
12:10:15.0580 4332 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:10:15.0580 4332 AdobeActiveFileMonitor7.0 - ok
12:10:15.0752 4332 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:10:15.0752 4332 AdobeARMservice - ok
12:10:15.0876 4332 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:10:15.0892 4332 AdobeFlashPlayerUpdateSvc - ok
12:10:15.0954 4332 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:10:15.0986 4332 adp94xx - ok
12:10:16.0032 4332 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:10:16.0064 4332 adpahci - ok
12:10:16.0079 4332 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:10:16.0095 4332 adpu320 - ok
12:10:16.0142 4332 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:10:16.0142 4332 AeLookupSvc - ok
12:10:16.0204 4332 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:10:16.0235 4332 AFD - ok
12:10:16.0266 4332 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:10:16.0266 4332 agp440 - ok
12:10:16.0282 4332 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:10:16.0298 4332 ALG - ok
12:10:16.0313 4332 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:10:16.0329 4332 aliide - ok
12:10:16.0344 4332 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:10:16.0344 4332 amdide - ok
12:10:16.0376 4332 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:10:16.0376 4332 AmdK8 - ok
12:10:16.0391 4332 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:10:16.0391 4332 AmdPPM - ok
12:10:16.0438 4332 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:10:16.0454 4332 amdsata - ok
12:10:16.0485 4332 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:10:16.0500 4332 amdsbs - ok
12:10:16.0516 4332 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:10:16.0516 4332 amdxata - ok
12:10:16.0594 4332 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:10:16.0610 4332 AppID - ok
12:10:16.0625 4332 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:10:16.0641 4332 AppIDSvc - ok
12:10:16.0672 4332 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
12:10:16.0672 4332 Appinfo - ok
12:10:16.0703 4332 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:10:16.0719 4332 arc - ok
12:10:16.0734 4332 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:10:16.0750 4332 arcsas - ok
12:10:16.0890 4332 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:10:16.0890 4332 aspnet_state - ok
12:10:16.0922 4332 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:10:16.0937 4332 AsyncMac - ok
12:10:16.0953 4332 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:10:16.0953 4332 atapi - ok
12:10:17.0015 4332 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:10:17.0031 4332 AudioEndpointBuilder - ok
12:10:17.0062 4332 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:10:17.0078 4332 AudioSrv - ok
12:10:17.0265 4332 [ B0A3876AF08B4CBE7044BB1721E8A86E ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
12:10:17.0280 4332 AVKProxy - ok
12:10:17.0390 4332 [ 8507922E170A23ACBC20DA53CE7AF7E5 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
12:10:17.0390 4332 AVKService - ok
12:10:17.0499 4332 [ 0255C17C2DCA5FE8A99CE03A7CC6886E ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
12:10:17.0530 4332 AVKWCtl - ok
12:10:17.0592 4332 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:10:17.0592 4332 AxInstSV - ok
12:10:17.0655 4332 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:10:17.0686 4332 b06bdrv - ok
12:10:17.0733 4332 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:10:17.0748 4332 b57nd60a - ok
12:10:17.0780 4332 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:10:17.0780 4332 BDESVC - ok
12:10:17.0795 4332 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:10:17.0811 4332 Beep - ok
12:10:17.0858 4332 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:10:17.0873 4332 BFE - ok
12:10:17.0936 4332 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:10:17.0951 4332 BITS - ok
12:10:17.0967 4332 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:10:17.0967 4332 blbdrive - ok
12:10:18.0029 4332 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:10:18.0029 4332 bowser - ok
12:10:18.0060 4332 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:10:18.0060 4332 BrFiltLo - ok
12:10:18.0076 4332 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:10:18.0092 4332 BrFiltUp - ok
12:10:18.0138 4332 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:10:18.0138 4332 Browser - ok
12:10:18.0170 4332 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:10:18.0185 4332 Brserid - ok
12:10:18.0201 4332 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:10:18.0201 4332 BrSerWdm - ok
12:10:18.0216 4332 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:10:18.0216 4332 BrUsbMdm - ok
12:10:18.0232 4332 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:10:18.0232 4332 BrUsbSer - ok
12:10:18.0294 4332 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:10:18.0294 4332 BthEnum - ok
12:10:18.0326 4332 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:10:18.0326 4332 BTHMODEM - ok
12:10:18.0388 4332 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:10:18.0388 4332 BthPan - ok
12:10:18.0450 4332 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:10:18.0528 4332 BTHPORT - ok
12:10:18.0606 4332 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:10:18.0606 4332 bthserv - ok
12:10:18.0684 4332 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:10:18.0684 4332 BTHUSB - ok
12:10:18.0747 4332 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:10:18.0747 4332 btwaudio - ok
12:10:18.0794 4332 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:10:18.0794 4332 btwavdt - ok
12:10:18.0918 4332 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:10:18.0934 4332 btwdins - ok
12:10:18.0950 4332 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:10:18.0950 4332 btwl2cap - ok
12:10:18.0965 4332 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:10:18.0965 4332 btwrchid - ok
12:10:19.0012 4332 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:10:19.0012 4332 cdfs - ok
12:10:19.0059 4332 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:10:19.0059 4332 cdrom - ok
12:10:19.0106 4332 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:10:19.0106 4332 CertPropSvc - ok
12:10:19.0137 4332 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:10:19.0152 4332 circlass - ok
12:10:19.0184 4332 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:10:19.0199 4332 CLFS - ok
12:10:19.0277 4332 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:10:19.0277 4332 clr_optimization_v2.0.50727_32 - ok
12:10:19.0324 4332 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:10:19.0340 4332 clr_optimization_v2.0.50727_64 - ok
12:10:19.0433 4332 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:10:19.0433 4332 clr_optimization_v4.0.30319_32 - ok
12:10:19.0464 4332 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:10:19.0464 4332 clr_optimization_v4.0.30319_64 - ok
12:10:19.0480 4332 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:10:19.0480 4332 CmBatt - ok
12:10:19.0511 4332 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:10:19.0511 4332 cmdide - ok
12:10:19.0620 4332 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
12:10:19.0667 4332 CNG - ok
12:10:19.0698 4332 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:10:19.0698 4332 Compbatt - ok
12:10:19.0730 4332 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:10:19.0730 4332 CompositeBus - ok
12:10:19.0745 4332 COMSysApp - ok
12:10:19.0776 4332 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:10:19.0792 4332 crcdisk - ok
12:10:19.0854 4332 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:10:19.0854 4332 CryptSvc - ok
12:10:19.0917 4332 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:10:19.0917 4332 DcomLaunch - ok
12:10:19.0964 4332 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:10:19.0964 4332 defragsvc - ok
12:10:19.0995 4332 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:10:20.0010 4332 DfsC - ok
12:10:20.0057 4332 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:10:20.0057 4332 Dhcp - ok
12:10:20.0073 4332 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:10:20.0073 4332 discache - ok
12:10:20.0104 4332 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:10:20.0104 4332 Disk - ok
12:10:20.0166 4332 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:10:20.0166 4332 Dnscache - ok
12:10:20.0198 4332 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:10:20.0198 4332 dot3svc - ok
12:10:20.0229 4332 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:10:20.0229 4332 DPS - ok
12:10:20.0291 4332 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:10:20.0291 4332 drmkaud - ok
12:10:20.0369 4332 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:10:20.0385 4332 DXGKrnl - ok
12:10:20.0416 4332 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:10:20.0416 4332 EapHost - ok
12:10:20.0556 4332 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:10:20.0681 4332 ebdrv - ok
12:10:20.0728 4332 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:10:20.0728 4332 EFS - ok
12:10:20.0806 4332 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:10:20.0837 4332 ehRecvr - ok
12:10:20.0884 4332 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:10:20.0884 4332 ehSched - ok
12:10:20.0931 4332 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:10:20.0962 4332 elxstor - ok
12:10:21.0071 4332 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
12:10:21.0071 4332 EPSON_PM_RPCV4_01 - ok
12:10:21.0102 4332 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:10:21.0102 4332 ErrDev - ok
12:10:21.0165 4332 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:10:21.0165 4332 EventSystem - ok
12:10:21.0212 4332 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:10:21.0212 4332 exfat - ok
12:10:21.0243 4332 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:10:21.0258 4332 fastfat - ok
12:10:21.0305 4332 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:10:21.0321 4332 Fax - ok
12:10:21.0336 4332 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:10:21.0352 4332 fdc - ok
12:10:21.0368 4332 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:10:21.0368 4332 fdPHost - ok
12:10:21.0383 4332 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:10:21.0383 4332 FDResPub - ok
12:10:21.0399 4332 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:10:21.0414 4332 FileInfo - ok
12:10:21.0430 4332 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:10:21.0430 4332 Filetrace - ok
12:10:21.0508 4332 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:10:21.0524 4332 FLEXnet Licensing Service - ok
12:10:21.0539 4332 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:10:21.0570 4332 flpydisk - ok
12:10:21.0617 4332 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:10:21.0633 4332 FltMgr - ok
12:10:21.0695 4332 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
12:10:21.0726 4332 FontCache - ok
12:10:21.0773 4332 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:10:21.0789 4332 FontCache3.0.0.0 - ok
12:10:21.0836 4332 [ F808A603B3CADDC324D9CD1C4F824042 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
12:10:21.0836 4332 FPSensor - ok
12:10:21.0867 4332 [ 86555A5CCED136B20B8B1C18814DBC63 ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys
12:10:21.0867 4332 FPWinIo - ok
12:10:21.0882 4332 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:10:21.0882 4332 FsDepends - ok
12:10:21.0929 4332 [ FA6026BFFAA0F1C6A9736E92C3CCCC8F ] fspad_wlh64 C:\Windows\system32\DRIVERS\fspad_wlh64.sys
12:10:21.0945 4332 fspad_wlh64 - ok
12:10:21.0992 4332 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:10:21.0992 4332 Fs_Rec - ok
12:10:22.0085 4332 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:10:22.0085 4332 fvevol - ok
12:10:22.0132 4332 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:10:22.0132 4332 gagp30kx - ok
12:10:22.0210 4332 [ 70F2B7C787602C857525FD1939EF680A ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
12:10:22.0210 4332 GDBehave - ok
12:10:22.0335 4332 [ 9B510AF4A6A63261F5C9A961A7508963 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
12:10:22.0366 4332 GDFwSvc - ok
12:10:22.0413 4332 [ 185B4958BF8CCC6FFA0EEA5C0E7F65F6 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
12:10:22.0413 4332 GDMnIcpt - ok
12:10:22.0428 4332 [ D826B9C59DE0B310C9E560763560D8F9 ] GdNetMon C:\Windows\system32\drivers\GdNetMon64.sys
12:10:22.0428 4332 GdNetMon - ok
12:10:22.0475 4332 [ A7DBC5E8767E70DBF59114F826D4B1B6 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
12:10:22.0475 4332 GDPkIcpt - ok
12:10:22.0600 4332 [ B6BF441373ADC1596D8BB1D61281814D ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
12:10:22.0616 4332 GDScan - ok
12:10:22.0662 4332 [ A59E3E53FA5BA6355A300B31782D2E34 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
12:10:22.0662 4332 gdwfpcd - ok
12:10:22.0725 4332 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:10:22.0740 4332 gpsvc - ok
12:10:22.0772 4332 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:10:22.0787 4332 hcw85cir - ok
12:10:22.0834 4332 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:10:22.0865 4332 HdAudAddService - ok
12:10:22.0912 4332 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:10:22.0912 4332 HDAudBus - ok
12:10:22.0943 4332 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:10:22.0943 4332 HidBatt - ok
12:10:22.0990 4332 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:10:22.0990 4332 HidBth - ok
12:10:23.0021 4332 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:10:23.0021 4332 HidIr - ok
12:10:23.0052 4332 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:10:23.0068 4332 hidserv - ok
12:10:23.0084 4332 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:10:23.0084 4332 HidUsb - ok
12:10:23.0115 4332 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:10:23.0115 4332 hkmsvc - ok
12:10:23.0177 4332 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:10:23.0193 4332 HomeGroupListener - ok
12:10:23.0224 4332 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:10:23.0240 4332 HomeGroupProvider - ok
12:10:23.0271 4332 [ 3BCB98418BF3CFFB152109D3B10B1C85 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
12:10:23.0286 4332 HookCentre - ok
12:10:23.0302 4332 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:10:23.0302 4332 HpSAMD - ok
12:10:23.0349 4332 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:10:23.0364 4332 HTTP - ok
12:10:23.0380 4332 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:10:23.0380 4332 hwpolicy - ok
12:10:23.0411 4332 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:10:23.0411 4332 i8042prt - ok
12:10:23.0474 4332 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:10:23.0536 4332 iaStorV - ok
12:10:23.0692 4332 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:10:23.0692 4332 IDriverT - ok
12:10:23.0770 4332 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:10:23.0832 4332 idsvc - ok
12:10:23.0942 4332 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:10:23.0957 4332 iirsp - ok
12:10:24.0020 4332 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:10:24.0035 4332 IKEEXT - ok
12:10:24.0144 4332 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:10:24.0176 4332 IntcAzAudAddService - ok
12:10:24.0191 4332 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:10:24.0191 4332 intelide - ok
12:10:24.0222 4332 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:10:24.0222 4332 intelppm - ok
12:10:24.0254 4332 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:10:24.0254 4332 IPBusEnum - ok
12:10:24.0269 4332 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:10:24.0269 4332 IpFilterDriver - ok
12:10:24.0332 4332 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:10:24.0347 4332 iphlpsvc - ok
12:10:24.0378 4332 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:10:24.0378 4332 IPMIDRV - ok
12:10:24.0394 4332 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:10:24.0394 4332 IPNAT - ok
12:10:24.0425 4332 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:10:24.0425 4332 IRENUM - ok
12:10:24.0425 4332 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:10:24.0441 4332 isapnp - ok
12:10:24.0456 4332 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:10:24.0456 4332 iScsiPrt - ok
12:10:24.0488 4332 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:10:24.0503 4332 kbdclass - ok
12:10:24.0534 4332 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:10:24.0550 4332 kbdhid - ok
12:10:24.0581 4332 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:10:24.0581 4332 KeyIso - ok
12:10:24.0644 4332 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:10:24.0644 4332 KSecDD - ok
12:10:24.0690 4332 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:10:24.0737 4332 KSecPkg - ok
12:10:24.0753 4332 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:10:24.0753 4332 ksthunk - ok
12:10:24.0800 4332 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:10:24.0815 4332 KtmRm - ok
12:10:24.0971 4332 [ 4C68F3754CC0D1C77293A0E9F7AD17ED ] KUSBusByTCP C:\Windows\syswow64\Drivers\KUSBusByTCP.sys
12:10:24.0971 4332 KUSBusByTCP - ok
12:10:24.0987 4332 [ 58E8866C4BEA18F834ADA526C508DE16 ] KUSBusByTCPMasterBus C:\Windows\syswow64\Drivers\KUSBusByTCPMasterBus.sys
12:10:24.0987 4332 KUSBusByTCPMasterBus - ok
12:10:25.0034 4332 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:10:25.0049 4332 LanmanServer - ok
12:10:25.0065 4332 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:10:25.0080 4332 LanmanWorkstation - ok
12:10:25.0112 4332 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:10:25.0112 4332 lltdio - ok
12:10:25.0158 4332 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:10:25.0174 4332 lltdsvc - ok
12:10:25.0221 4332 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:10:25.0221 4332 lmhosts - ok
12:10:25.0268 4332 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:10:25.0268 4332 LSI_FC - ok
12:10:25.0299 4332 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:10:25.0314 4332 LSI_SAS - ok
12:10:25.0330 4332 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:10:25.0330 4332 LSI_SAS2 - ok
12:10:25.0361 4332 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:10:25.0361 4332 LSI_SCSI - ok
12:10:25.0392 4332 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:10:25.0392 4332 luafv - ok
12:10:25.0470 4332 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:10:25.0486 4332 Mcx2Svc - ok
12:10:25.0517 4332 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:10:25.0517 4332 megasas - ok
12:10:25.0564 4332 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:10:25.0580 4332 MegaSR - ok
12:10:25.0642 4332 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:10:25.0658 4332 MMCSS - ok
12:10:25.0673 4332 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:10:25.0689 4332 Modem - ok
12:10:25.0704 4332 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:10:25.0704 4332 monitor - ok
12:10:25.0736 4332 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:10:25.0751 4332 mouclass - ok
12:10:25.0782 4332 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:10:25.0782 4332 mouhid - ok
12:10:25.0798 4332 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:10:25.0814 4332 mountmgr - ok
12:10:25.0829 4332 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:10:25.0845 4332 mpio - ok
12:10:25.0860 4332 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:10:25.0860 4332 mpsdrv - ok
12:10:25.0892 4332 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:10:25.0907 4332 MpsSvc - ok
12:10:25.0923 4332 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:10:25.0923 4332 MRxDAV - ok
12:10:25.0985 4332 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:10:25.0985 4332 mrxsmb - ok
12:10:26.0016 4332 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:10:26.0032 4332 mrxsmb10 - ok
12:10:26.0079 4332 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:10:26.0094 4332 mrxsmb20 - ok
12:10:26.0110 4332 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:10:26.0110 4332 msahci - ok
12:10:26.0141 4332 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:10:26.0141 4332 msdsm - ok
12:10:26.0172 4332 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:10:26.0172 4332 MSDTC - ok
12:10:26.0204 4332 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:10:26.0219 4332 Msfs - ok
12:10:26.0235 4332 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:10:26.0235 4332 mshidkmdf - ok
12:10:26.0250 4332 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:10:26.0250 4332 msisadrv - ok
12:10:26.0313 4332 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:10:26.0313 4332 MSiSCSI - ok
12:10:26.0328 4332 msiserver - ok
12:10:26.0360 4332 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:10:26.0375 4332 MSKSSRV - ok
12:10:26.0406 4332 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:10:26.0406 4332 MSPCLOCK - ok
12:10:26.0422 4332 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:10:26.0422 4332 MSPQM - ok
12:10:26.0453 4332 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:10:26.0469 4332 MsRPC - ok
12:10:26.0484 4332 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:10:26.0484 4332 mssmbios - ok
12:10:26.0516 4332 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:10:26.0516 4332 MSTEE - ok
12:10:26.0578 4332 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:10:26.0578 4332 MTConfig - ok
12:10:26.0609 4332 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:10:26.0609 4332 Mup - ok
12:10:26.0640 4332 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:10:26.0656 4332 napagent - ok
12:10:26.0703 4332 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:10:26.0718 4332 NativeWifiP - ok
12:10:26.0859 4332 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
12:10:26.0874 4332 NAUpdate - ok
12:10:26.0952 4332 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:10:26.0968 4332 NDIS - ok
12:10:26.0999 4332 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:10:26.0999 4332 NdisCap - ok
12:10:27.0030 4332 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:10:27.0030 4332 NdisTapi - ok
12:10:27.0062 4332 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:10:27.0077 4332 Ndisuio - ok
12:10:27.0093 4332 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:10:27.0108 4332 NdisWan - ok
12:10:27.0124 4332 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:10:27.0124 4332 NDProxy - ok
12:10:27.0155 4332 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:10:27.0155 4332 NetBIOS - ok
12:10:27.0171 4332 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:10:27.0186 4332 NetBT - ok
12:10:27.0218 4332 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:10:27.0218 4332 Netlogon - ok
12:10:27.0264 4332 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:10:27.0280 4332 Netman - ok
12:10:27.0342 4332 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:10:27.0342 4332 NetMsmqActivator - ok
12:10:27.0374 4332 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:10:27.0374 4332 NetPipeActivator - ok
12:10:27.0405 4332 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:10:27.0405 4332 netprofm - ok
12:10:27.0420 4332 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:10:27.0420 4332 NetTcpActivator - ok
12:10:27.0436 4332 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:10:27.0436 4332 NetTcpPortSharing - ok
12:10:27.0670 4332 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
12:10:27.0826 4332 netw5v64 - ok
12:10:27.0842 4332 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:10:27.0857 4332 nfrd960 - ok
12:10:27.0935 4332 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:10:27.0935 4332 NlaSvc - ok
12:10:27.0998 4332 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:10:27.0998 4332 Npfs - ok
12:10:28.0013 4332 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:10:28.0013 4332 nsi - ok
12:10:28.0029 4332 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:10:28.0044 4332 nsiproxy - ok
12:10:28.0122 4332 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:10:28.0138 4332 Ntfs - ok
12:10:28.0169 4332 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:10:28.0169 4332 Null - ok
12:10:28.0263 4332 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:10:28.0278 4332 NVHDA - ok
12:10:28.0731 4332 [ 993D73A8090C957230DE4E14AA9C5DFF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:10:28.0965 4332 nvlddmkm - ok
12:10:29.0043 4332 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:10:29.0074 4332 nvraid - ok
12:10:29.0261 4332 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:10:29.0745 4332 nvstor - ok
12:10:29.0823 4332 [ C367AD646714E03E14F24F39EC206736 ] NVSvc C:\Windows\system32\nvvsvc.exe
12:10:29.0839 4332 NVSvc - ok
12:10:29.0932 4332 [ 44407283382D82C64C9195DE686D4205 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:10:29.0932 4332 nvUpdatusService - ok
12:10:29.0995 4332 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:10:29.0995 4332 nv_agp - ok
12:10:30.0010 4332 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:10:30.0026 4332 ohci1394 - ok
12:10:30.0073 4332 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:10:30.0073 4332 ose - ok
12:10:30.0307 4332 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:10:30.0353 4332 osppsvc - ok
12:10:30.0400 4332 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:10:30.0416 4332 p2pimsvc - ok
12:10:30.0447 4332 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:10:30.0463 4332 p2psvc - ok
12:10:30.0494 4332 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:10:30.0494 4332 Parport - ok
12:10:30.0525 4332 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:10:30.0556 4332 partmgr - ok
12:10:30.0587 4332 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:10:30.0587 4332 PcaSvc - ok
12:10:30.0619 4332 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:10:30.0634 4332 pci - ok
12:10:30.0665 4332 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:10:30.0665 4332 pciide - ok
12:10:30.0697 4332 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:10:30.0712 4332 pcmcia - ok
12:10:30.0728 4332 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:10:30.0728 4332 pcw - ok
12:10:30.0775 4332 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:10:30.0790 4332 PEAUTH - ok
12:10:30.0821 4332 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:10:30.0821 4332 PerfHost - ok
12:10:30.0884 4332 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:10:30.0915 4332 pla - ok
12:10:30.0993 4332 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:10:31.0009 4332 PlugPlay - ok
12:10:31.0024 4332 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:10:31.0040 4332 PNRPAutoReg - ok
12:10:31.0087 4332 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:10:31.0087 4332 PNRPsvc - ok
12:10:31.0336 4332 [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:10:31.0336 4332 Point64 - ok
12:10:31.0383 4332 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:10:31.0399 4332 PolicyAgent - ok
12:10:31.0445 4332 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:10:31.0445 4332 Power - ok
12:10:31.0492 4332 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:10:31.0508 4332 PptpMiniport - ok
12:10:31.0523 4332 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:10:31.0539 4332 Processor - ok
12:10:31.0633 4332 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:10:31.0648 4332 ProfSvc - ok
12:10:31.0664 4332 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:10:31.0664 4332 ProtectedStorage - ok
12:10:31.0679 4332 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:10:31.0695 4332 Psched - ok
12:10:31.0726 4332 PxHelp20 - ok
12:10:31.0789 4332 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:10:31.0804 4332 PxHlpa64 - ok
12:10:31.0867 4332 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:10:31.0945 4332 ql2300 - ok
12:10:31.0976 4332 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:10:31.0991 4332 ql40xx - ok
12:10:32.0023 4332 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:10:32.0054 4332 QWAVE - ok
12:10:32.0069 4332 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:10:32.0069 4332 QWAVEdrv - ok
12:10:32.0101 4332 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:10:32.0101 4332 RasAcd - ok
12:10:32.0147 4332 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:10:32.0147 4332 RasAgileVpn - ok
12:10:32.0179 4332 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:10:32.0179 4332 RasAuto - ok
12:10:32.0210 4332 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:10:32.0210 4332 Rasl2tp - ok
12:10:32.0241 4332 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:10:32.0272 4332 RasMan - ok
12:10:32.0288 4332 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:10:32.0288 4332 RasPppoe - ok
12:10:32.0335 4332 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:10:32.0335 4332 RasSstp - ok
12:10:32.0366 4332 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:10:32.0366 4332 rdbss - ok
12:10:32.0381 4332 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:10:32.0397 4332 rdpbus - ok
12:10:32.0413 4332 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:10:32.0413 4332 RDPCDD - ok
12:10:32.0459 4332 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:10:32.0459 4332 RDPENCDD - ok
12:10:32.0475 4332 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:10:32.0475 4332 RDPREFMP - ok
12:10:32.0584 4332 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:10:32.0584 4332 RdpVideoMiniport - ok
12:10:32.0647 4332 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:10:32.0647 4332 RDPWD - ok
12:10:32.0693 4332 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:10:32.0693 4332 rdyboost - ok
12:10:32.0725 4332 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:10:32.0725 4332 RemoteAccess - ok
12:10:32.0756 4332 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:10:32.0771 4332 RemoteRegistry - ok
12:10:32.0803 4332 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:10:32.0803 4332 RFCOMM - ok
12:10:32.0834 4332 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:10:32.0849 4332 RpcEptMapper - ok
12:10:32.0881 4332 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:10:32.0881 4332 RpcLocator - ok
12:10:32.0912 4332 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:10:32.0912 4332 RpcSs - ok
12:10:32.0959 4332 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:10:32.0959 4332 rspndr - ok
12:10:33.0021 4332 [ 44ED82612403021E36998E1ECB1198F1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:10:33.0021 4332 RSUSBSTOR - ok
12:10:33.0068 4332 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:10:33.0083 4332 RTL8167 - ok
12:10:33.0083 4332 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:10:33.0099 4332 SamSs - ok
12:10:33.0115 4332 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:10:33.0115 4332 sbp2port - ok
12:10:33.0317 4332 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:10:33.0317 4332 SCardSvr - ok
12:10:33.0333 4332 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:10:33.0333 4332 scfilter - ok
12:10:33.0380 4332 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:10:33.0395 4332 Schedule - ok
12:10:33.0427 4332 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:10:33.0427 4332 SCPolicySvc - ok
12:10:33.0427 4332 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:10:33.0442 4332 SDRSVC - ok
12:10:33.0473 4332 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:10:33.0473 4332 secdrv - ok
12:10:33.0489 4332 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:10:33.0489 4332 seclogon - ok
12:10:33.0520 4332 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:10:33.0520 4332 SENS - ok
12:10:33.0551 4332 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:10:33.0551 4332 SensrSvc - ok
12:10:33.0567 4332 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:10:33.0567 4332 Serenum - ok
12:10:33.0598 4332 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:10:33.0614 4332 Serial - ok
12:10:33.0629 4332 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:10:33.0629 4332 sermouse - ok
12:10:33.0661 4332 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:10:33.0661 4332 SessionEnv - ok
12:10:33.0676 4332 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:10:33.0676 4332 sffdisk - ok
12:10:33.0692 4332 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:10:33.0692 4332 sffp_mmc - ok
12:10:33.0707 4332 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:10:33.0723 4332 sffp_sd - ok
12:10:33.0723 4332 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:10:33.0723 4332 sfloppy - ok
12:10:33.0770 4332 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:10:33.0770 4332 SharedAccess - ok
12:10:33.0801 4332 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:10:33.0801 4332 ShellHWDetection - ok
12:10:33.0817 4332 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:10:33.0817 4332 SiSRaid2 - ok
12:10:33.0832 4332 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:10:33.0848 4332 SiSRaid4 - ok
12:10:33.0879 4332 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:10:33.0879 4332 Smb - ok
12:10:33.0910 4332 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:10:33.0910 4332 SNMPTRAP - ok
12:10:33.0926 4332 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:10:33.0926 4332 spldr - ok
12:10:33.0988 4332 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:10:34.0004 4332 Spooler - ok
12:10:34.0097 4332 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:10:34.0144 4332 sppsvc - ok
12:10:34.0160 4332 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:10:34.0160 4332 sppuinotify - ok
12:10:34.0222 4332 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:10:34.0222 4332 srv - ok
12:10:34.0300 4332 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:10:34.0316 4332 srv2 - ok
12:10:34.0363 4332 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:10:34.0363 4332 srvnet - ok
12:10:34.0409 4332 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:10:34.0409 4332 SSDPSRV - ok
12:10:34.0425 4332 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:10:34.0425 4332 SstpSvc - ok
12:10:34.0597 4332 [ 17FC2EAD763F0237457817A753A5A676 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:10:34.0675 4332 Stereo Service - ok
12:10:34.0706 4332 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:10:34.0706 4332 stexstor - ok
12:10:34.0768 4332 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:10:34.0784 4332 stisvc - ok
12:10:34.0799 4332 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:10:34.0799 4332 swenum - ok
12:10:34.0815 4332 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:10:34.0846 4332 swprv - ok
12:10:34.0924 4332 [ F1F996AE360812D829E08E77E60379B0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:10:34.0924 4332 SynTP - ok
12:10:34.0971 4332 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:10:34.0987 4332 SysMain - ok
12:10:35.0002 4332 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:10:35.0018 4332 TabletInputService - ok
12:10:35.0033 4332 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:10:35.0033 4332 TapiSrv - ok
12:10:35.0049 4332 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:10:35.0049 4332 TBS - ok
12:10:35.0408 4332 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:10:35.0423 4332 Tcpip - ok
12:10:35.0517 4332 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:10:35.0517 4332 TCPIP6 - ok
12:10:35.0595 4332 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:10:35.0595 4332 tcpipreg - ok
12:10:35.0642 4332 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:10:35.0642 4332 TDPIPE - ok
12:10:35.0720 4332 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:10:35.0720 4332 TDTCP - ok
12:10:35.0751 4332 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:10:35.0767 4332 tdx - ok
12:10:35.0782 4332 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:10:35.0782 4332 TermDD - ok
12:10:35.0829 4332 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:10:35.0860 4332 TermService - ok
12:10:35.0876 4332 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:10:35.0876 4332 Themes - ok
12:10:35.0891 4332 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:10:35.0907 4332 THREADORDER - ok
12:10:35.0938 4332 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:10:35.0954 4332 TrkWks - ok
12:10:36.0016 4332 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:10:36.0016 4332 TrustedInstaller - ok
12:10:36.0032 4332 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:10:36.0047 4332 tssecsrv - ok
12:10:36.0094 4332 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:10:36.0125 4332 TsUsbFlt - ok
12:10:36.0157 4332 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:10:36.0188 4332 TsUsbGD - ok
12:10:36.0235 4332 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:10:36.0235 4332 tunnel - ok
12:10:36.0250 4332 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:10:36.0266 4332 uagp35 - ok
12:10:36.0297 4332 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:10:36.0313 4332 udfs - ok
12:10:36.0359 4332 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:10:36.0359 4332 UI0Detect - ok
12:10:36.0406 4332 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:10:36.0406 4332 uliagpkx - ok
12:10:36.0437 4332 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:10:36.0437 4332 umbus - ok
12:10:36.0453 4332 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:10:36.0469 4332 UmPass - ok
12:10:36.0484 4332 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:10:36.0500 4332 upnphost - ok
12:10:36.0531 4332 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:10:36.0547 4332 usbccgp - ok
12:10:36.0593 4332 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:10:36.0593 4332 usbcir - ok
12:10:36.0625 4332 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:10:36.0625 4332 usbehci - ok
12:10:36.0656 4332 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:10:36.0718 4332 usbhub - ok
12:10:36.0734 4332 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:10:36.0734 4332 usbohci - ok
12:10:36.0749 4332 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:10:36.0765 4332 usbprint - ok
12:10:36.0812 4332 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:10:36.0827 4332 usbscan - ok
12:10:36.0859 4332 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:10:36.0859 4332 USBSTOR - ok
12:10:36.0890 4332 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:10:36.0890 4332 usbuhci - ok
12:10:36.0921 4332 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:10:36.0937 4332 UxSms - ok
12:10:36.0952 4332 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:10:36.0952 4332 VaultSvc - ok
12:10:36.0983 4332 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:10:36.0983 4332 vdrvroot - ok
12:10:37.0015 4332 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:10:37.0061 4332 vds - ok
12:10:37.0077 4332 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:10:37.0077 4332 vga - ok
12:10:37.0108 4332 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:10:37.0108 4332 VgaSave - ok
12:10:37.0171 4332 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:10:37.0233 4332 vhdmp - ok
12:10:37.0327 4332 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:10:37.0342 4332 viaide - ok
12:10:37.0358 4332 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:10:37.0358 4332 volmgr - ok
12:10:37.0373 4332 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:10:37.0389 4332 volmgrx - ok
12:10:37.0405 4332 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:10:37.0420 4332 volsnap - ok
12:10:37.0436 4332 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:10:37.0436 4332 vsmraid - ok
12:10:37.0529 4332 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:10:37.0623 4332 VSS - ok
12:10:37.0654 4332 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:10:37.0654 4332 vwifibus - ok
12:10:37.0701 4332 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:10:37.0717 4332 W32Time - ok
12:10:37.0763 4332 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:10:37.0763 4332 WacomPen - ok
12:10:37.0810 4332 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:10:37.0810 4332 WANARP - ok
12:10:37.0857 4332 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:10:37.0857 4332 Wanarpv6 - ok
12:10:37.0966 4332 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:10:37.0997 4332 WatAdminSvc - ok
12:10:38.0060 4332 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:10:38.0122 4332 wbengine - ok
12:10:38.0153 4332 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:10:38.0169 4332 WbioSrvc - ok
12:10:38.0200 4332 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:10:38.0231 4332 wcncsvc - ok
12:10:38.0247 4332 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:10:38.0247 4332 WcsPlugInService - ok
12:10:38.0294 4332 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:10:38.0294 4332 Wd - ok
12:10:38.0356 4332 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:10:38.0403 4332 Wdf01000 - ok
12:10:38.0419 4332 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:10:38.0434 4332 WdiServiceHost - ok
12:10:38.0434 4332 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:10:38.0450 4332 WdiSystemHost - ok
12:10:38.0481 4332 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:10:38.0481 4332 WebClient - ok
12:10:38.0497 4332 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:10:38.0497 4332 Wecsvc - ok
12:10:38.0528 4332 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:10:38.0528 4332 wercplsupport - ok
12:10:38.0590 4332 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:10:38.0606 4332 WerSvc - ok
12:10:38.0621 4332 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:10:38.0621 4332 WfpLwf - ok
12:10:38.0668 4332 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:10:38.0668 4332 WIMMount - ok
12:10:38.0684 4332 WinDefend - ok
12:10:38.0715 4332 WinHttpAutoProxySvc - ok
12:10:38.0777 4332 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:10:38.0824 4332 Winmgmt - ok
12:10:38.0902 4332 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:10:38.0980 4332 WinRM - ok
12:10:39.0058 4332 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:10:39.0074 4332 WinUsb - ok
12:10:39.0121 4332 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:10:39.0136 4332 Wlansvc - ok
12:10:39.0355 4332 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:10:39.0355 4332 WmiAcpi - ok
12:10:39.0542 4332 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:10:39.0573 4332 wmiApSrv - ok
12:10:39.0698 4332 WMPNetworkSvc - ok
12:10:39.0776 4332 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:10:39.0791 4332 WPCSvc - ok
12:10:39.0823 4332 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:10:39.0823 4332 WPDBusEnum - ok
12:10:39.0869 4332 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:10:39.0869 4332 ws2ifsl - ok
12:10:39.0901 4332 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:10:39.0901 4332 wscsvc - ok
12:10:39.0916 4332 WSearch - ok
12:10:40.0057 4332 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:10:40.0103 4332 wuauserv - ok
12:10:40.0150 4332 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:10:40.0150 4332 WudfPf - ok
12:10:40.0181 4332 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:10:40.0181 4332 WUDFRd - ok
12:10:40.0244 4332 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:10:40.0259 4332 wudfsvc - ok
12:10:40.0291 4332 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:10:40.0306 4332 WwanSvc - ok
12:10:40.0353 4332 [ BAA813A76F5DB6CC3C2CEAB7D82B6972 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
12:10:40.0369 4332 X10Hid - ok
12:10:40.0431 4332 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
12:10:40.0431 4332 x10nets - ok
12:10:40.0493 4332 [ A4B2A8751A8F96134BE6063B8A759116 ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
12:10:40.0509 4332 XUIF - ok
12:10:40.0525 4332 ================ Scan global ===============================
12:10:40.0587 4332 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:10:40.0649 4332 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:10:40.0712 4332 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:10:40.0743 4332 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:10:40.0774 4332 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:10:40.0790 4332 [Global] - ok
12:10:40.0790 4332 ================ Scan MBR ==================================
12:10:40.0790 4332 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:10:41.0102 4332 \Device\Harddisk0\DR0 - ok
12:10:41.0102 4332 ================ Scan VBR ==================================
12:10:41.0102 4332 [ 0497BBFD3F57F7E13A7F358538CA22C1 ] \Device\Harddisk0\DR0\Partition1
12:10:41.0102 4332 \Device\Harddisk0\DR0\Partition1 - ok
12:10:41.0133 4332 [ 4619D85B84C456A25548034B4A111007 ] \Device\Harddisk0\DR0\Partition2
12:10:41.0133 4332 \Device\Harddisk0\DR0\Partition2 - ok
12:10:41.0133 4332 ============================================================
12:10:41.0133 4332 Scan finished
12:10:41.0133 4332 ============================================================
12:10:41.0164 4056 Detected object count: 0
12:10:41.0164 4056 Actual detected object count: 0
|
|
11.06.2013, 11:58
| #8 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang bitte nach Anleitung konfigurieren, erneut scannen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 12:24
| #9 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Sorry, 3x unsigned File: Code:
ATTFilter 13:21:14.0701 4216 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
13:21:16.0744 4216 ============================================================
13:21:16.0744 4216 Current date / time: 2013/06/11 13:21:16.0744
13:21:16.0744 4216 SystemInfo:
13:21:16.0744 4216
13:21:16.0744 4216 OS Version: 6.1.7601 ServicePack: 1.0
13:21:16.0744 4216 Product type: Workstation
13:21:16.0744 4216 ComputerName: xxx
13:21:16.0744 4216 UserName: xxx
13:21:16.0744 4216 Windows directory: C:\Windows
13:21:16.0744 4216 System windows directory: C:\Windows
13:21:16.0744 4216 Running under WOW64
13:21:16.0744 4216 Processor architecture: Intel x64
13:21:16.0744 4216 Number of processors: 2
13:21:16.0744 4216 Page size: 0x1000
13:21:16.0744 4216 Boot type: Normal boot
13:21:16.0744 4216 ============================================================
13:21:19.0053 4216 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:19.0115 4216 ============================================================
13:21:19.0115 4216 \Device\Harddisk0\DR0:
13:21:19.0131 4216 MBR partitions:
13:21:19.0131 4216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:21:19.0131 4216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
13:21:19.0131 4216 ============================================================
13:21:19.0147 4216 C: <-> \Device\Harddisk0\DR0\Partition2
13:21:19.0147 4216 ============================================================
13:21:19.0147 4216 Initialize success
13:21:19.0147 4216 ============================================================
13:21:49.0941 1996 ============================================================
13:21:49.0941 1996 Scan started
13:21:49.0941 1996 Mode: Manual; SigCheck; TDLFS;
13:21:49.0941 1996 ============================================================
13:21:51.0158 1996 ================ Scan system memory ========================
13:21:51.0158 1996 System memory - ok
13:21:51.0158 1996 ================ Scan services =============================
13:21:51.0376 1996 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:21:51.0735 1996 1394ohci - ok
13:21:51.0766 1996 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:21:51.0813 1996 ACPI - ok
13:21:51.0829 1996 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:21:51.0875 1996 AcpiPmi - ok
13:21:52.0031 1996 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
13:21:52.0094 1996 AdobeActiveFileMonitor7.0 - ok
13:21:52.0265 1996 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:21:52.0328 1996 AdobeARMservice - ok
13:21:52.0453 1996 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:21:52.0515 1996 AdobeFlashPlayerUpdateSvc - ok
13:21:52.0609 1996 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:21:52.0687 1996 adp94xx - ok
13:21:52.0733 1996 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:21:52.0765 1996 adpahci - ok
13:21:52.0796 1996 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:21:52.0827 1996 adpu320 - ok
13:21:52.0858 1996 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:21:52.0936 1996 AeLookupSvc - ok
13:21:52.0999 1996 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:21:53.0045 1996 AFD - ok
13:21:53.0061 1996 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:21:53.0092 1996 agp440 - ok
13:21:53.0123 1996 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:21:53.0155 1996 ALG - ok
13:21:53.0170 1996 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:21:53.0201 1996 aliide - ok
13:21:53.0217 1996 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:21:53.0248 1996 amdide - ok
13:21:53.0279 1996 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:21:53.0326 1996 AmdK8 - ok
13:21:53.0342 1996 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:21:53.0373 1996 AmdPPM - ok
13:21:53.0420 1996 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:21:53.0482 1996 amdsata - ok
13:21:53.0513 1996 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:21:53.0576 1996 amdsbs - ok
13:21:53.0591 1996 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:21:53.0623 1996 amdxata - ok
13:21:53.0669 1996 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:21:53.0825 1996 AppID - ok
13:21:53.0857 1996 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:21:53.0919 1996 AppIDSvc - ok
13:21:53.0950 1996 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
13:21:54.0013 1996 Appinfo - ok
13:21:54.0044 1996 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:21:54.0075 1996 arc - ok
13:21:54.0091 1996 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:21:54.0122 1996 arcsas - ok
13:21:54.0278 1996 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:21:54.0340 1996 aspnet_state - ok
13:21:54.0387 1996 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:21:54.0481 1996 AsyncMac - ok
13:21:54.0512 1996 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:21:54.0543 1996 atapi - ok
13:21:54.0574 1996 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:21:54.0668 1996 AudioEndpointBuilder - ok
13:21:54.0699 1996 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:21:54.0777 1996 AudioSrv - ok
13:21:54.0980 1996 [ B0A3876AF08B4CBE7044BB1721E8A86E ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
13:21:55.0058 1996 AVKProxy - ok
13:21:55.0167 1996 [ 8507922E170A23ACBC20DA53CE7AF7E5 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
13:21:55.0245 1996 AVKService - ok
13:21:55.0354 1996 [ 0255C17C2DCA5FE8A99CE03A7CC6886E ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
13:21:55.0448 1996 AVKWCtl - ok
13:21:55.0479 1996 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:21:55.0526 1996 AxInstSV - ok
13:21:55.0573 1996 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:21:55.0651 1996 b06bdrv - ok
13:21:55.0697 1996 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:21:55.0791 1996 b57nd60a - ok
13:21:55.0822 1996 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:21:55.0869 1996 BDESVC - ok
13:21:55.0885 1996 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:21:55.0947 1996 Beep - ok
13:21:55.0994 1996 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:21:56.0072 1996 BFE - ok
13:21:56.0119 1996 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:21:56.0181 1996 BITS - ok
13:21:56.0212 1996 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:21:56.0243 1996 blbdrive - ok
13:21:56.0306 1996 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:21:56.0399 1996 bowser - ok
13:21:56.0431 1996 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:21:56.0477 1996 BrFiltLo - ok
13:21:56.0493 1996 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:21:56.0540 1996 BrFiltUp - ok
13:21:56.0587 1996 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:21:56.0665 1996 Browser - ok
13:21:56.0680 1996 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:21:56.0743 1996 Brserid - ok
13:21:56.0758 1996 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:21:56.0836 1996 BrSerWdm - ok
13:21:56.0852 1996 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:21:56.0899 1996 BrUsbMdm - ok
13:21:56.0914 1996 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:21:56.0992 1996 BrUsbSer - ok
13:21:57.0039 1996 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:21:57.0117 1996 BthEnum - ok
13:21:57.0148 1996 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:21:57.0179 1996 BTHMODEM - ok
13:21:57.0226 1996 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:21:57.0304 1996 BthPan - ok
13:21:57.0382 1996 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:21:57.0460 1996 BTHPORT - ok
13:21:57.0507 1996 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:21:57.0601 1996 bthserv - ok
13:21:57.0647 1996 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:21:57.0725 1996 BTHUSB - ok
13:21:57.0772 1996 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
13:21:57.0819 1996 btwaudio - ok
13:21:57.0866 1996 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
13:21:57.0913 1996 btwavdt - ok
13:21:58.0022 1996 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:21:58.0115 1996 btwdins - ok
13:21:58.0131 1996 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
13:21:58.0162 1996 btwl2cap - ok
13:21:58.0162 1996 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
13:21:58.0193 1996 btwrchid - ok
13:21:58.0240 1996 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:21:58.0318 1996 cdfs - ok
13:21:58.0349 1996 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:21:58.0381 1996 cdrom - ok
13:21:58.0412 1996 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:21:58.0490 1996 CertPropSvc - ok
13:21:58.0521 1996 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:21:58.0599 1996 circlass - ok
13:21:58.0615 1996 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:21:58.0661 1996 CLFS - ok
13:21:58.0755 1996 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:21:58.0802 1996 clr_optimization_v2.0.50727_32 - ok
13:21:58.0864 1996 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:21:58.0911 1996 clr_optimization_v2.0.50727_64 - ok
13:21:58.0989 1996 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:21:59.0051 1996 clr_optimization_v4.0.30319_32 - ok
13:21:59.0067 1996 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:21:59.0098 1996 clr_optimization_v4.0.30319_64 - ok
13:21:59.0114 1996 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:21:59.0176 1996 CmBatt - ok
13:21:59.0192 1996 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:21:59.0223 1996 cmdide - ok
13:21:59.0285 1996 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
13:21:59.0363 1996 CNG - ok
13:21:59.0395 1996 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:21:59.0457 1996 Compbatt - ok
13:21:59.0488 1996 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:21:59.0535 1996 CompositeBus - ok
13:21:59.0551 1996 COMSysApp - ok
13:21:59.0582 1996 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:21:59.0613 1996 crcdisk - ok
13:21:59.0660 1996 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:21:59.0753 1996 CryptSvc - ok
13:21:59.0816 1996 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:21:59.0941 1996 DcomLaunch - ok
13:21:59.0972 1996 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:22:00.0097 1996 defragsvc - ok
13:22:00.0143 1996 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:22:00.0268 1996 DfsC - ok
13:22:00.0299 1996 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:22:00.0346 1996 Dhcp - ok
13:22:00.0362 1996 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:22:00.0424 1996 discache - ok
13:22:00.0455 1996 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:22:00.0487 1996 Disk - ok
13:22:00.0533 1996 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:22:00.0611 1996 Dnscache - ok
13:22:00.0627 1996 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:22:00.0721 1996 dot3svc - ok
13:22:00.0736 1996 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:22:00.0814 1996 DPS - ok
13:22:00.0845 1996 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:22:00.0908 1996 drmkaud - ok
13:22:00.0970 1996 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:22:01.0033 1996 DXGKrnl - ok
13:22:01.0048 1996 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:22:01.0157 1996 EapHost - ok
13:22:01.0282 1996 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:22:01.0423 1996 ebdrv - ok
13:22:01.0469 1996 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:22:01.0532 1996 EFS - ok
13:22:01.0610 1996 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:22:01.0672 1996 ehRecvr - ok
13:22:01.0719 1996 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:22:01.0813 1996 ehSched - ok
13:22:01.0859 1996 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:22:01.0937 1996 elxstor - ok
13:22:02.0047 1996 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
13:22:02.0140 1996 EPSON_PM_RPCV4_01 - ok
13:22:02.0156 1996 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:22:02.0203 1996 ErrDev - ok
13:22:02.0265 1996 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:22:02.0359 1996 EventSystem - ok
13:22:02.0374 1996 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:22:02.0437 1996 exfat - ok
13:22:02.0452 1996 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:22:02.0515 1996 fastfat - ok
13:22:02.0561 1996 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:22:02.0608 1996 Fax - ok
13:22:02.0655 1996 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:22:02.0717 1996 fdc - ok
13:22:02.0733 1996 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:22:02.0811 1996 fdPHost - ok
13:22:02.0811 1996 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:22:02.0889 1996 FDResPub - ok
13:22:02.0920 1996 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:22:02.0951 1996 FileInfo - ok
13:22:02.0967 1996 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:22:03.0014 1996 Filetrace - ok
13:22:03.0092 1996 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:22:03.0154 1996 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:22:03.0154 1996 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:22:03.0170 1996 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:22:03.0232 1996 flpydisk - ok
13:22:03.0248 1996 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:22:03.0295 1996 FltMgr - ok
13:22:03.0373 1996 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
13:22:03.0419 1996 FontCache - ok
13:22:03.0482 1996 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:22:03.0529 1996 FontCache3.0.0.0 - ok
13:22:03.0575 1996 [ F808A603B3CADDC324D9CD1C4F824042 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
13:22:03.0638 1996 FPSensor - ok
13:22:03.0653 1996 [ 86555A5CCED136B20B8B1C18814DBC63 ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys
13:22:03.0685 1996 FPWinIo - ok
13:22:03.0700 1996 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:22:03.0731 1996 FsDepends - ok
13:22:03.0778 1996 [ FA6026BFFAA0F1C6A9736E92C3CCCC8F ] fspad_wlh64 C:\Windows\system32\DRIVERS\fspad_wlh64.sys
13:22:03.0825 1996 fspad_wlh64 - ok
13:22:03.0872 1996 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:22:03.0919 1996 Fs_Rec - ok
13:22:03.0981 1996 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:22:04.0059 1996 fvevol - ok
13:22:04.0106 1996 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:22:04.0137 1996 gagp30kx - ok
13:22:04.0215 1996 [ 70F2B7C787602C857525FD1939EF680A ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
13:22:04.0262 1996 GDBehave - ok
13:22:04.0402 1996 [ 9B510AF4A6A63261F5C9A961A7508963 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
13:22:04.0465 1996 GDFwSvc - ok
13:22:04.0511 1996 [ 185B4958BF8CCC6FFA0EEA5C0E7F65F6 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
13:22:04.0558 1996 GDMnIcpt - ok
13:22:04.0574 1996 [ D826B9C59DE0B310C9E560763560D8F9 ] GdNetMon C:\Windows\system32\drivers\GdNetMon64.sys
13:22:04.0605 1996 GdNetMon - ok
13:22:04.0636 1996 [ A7DBC5E8767E70DBF59114F826D4B1B6 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
13:22:04.0683 1996 GDPkIcpt - ok
13:22:04.0761 1996 [ B6BF441373ADC1596D8BB1D61281814D ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
13:22:04.0839 1996 GDScan - ok
13:22:04.0886 1996 [ A59E3E53FA5BA6355A300B31782D2E34 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
13:22:04.0933 1996 gdwfpcd - ok
13:22:04.0964 1996 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:22:05.0042 1996 gpsvc - ok
13:22:05.0073 1996 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:22:05.0120 1996 hcw85cir - ok
13:22:05.0167 1996 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:22:05.0229 1996 HdAudAddService - ok
13:22:05.0276 1996 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:22:05.0369 1996 HDAudBus - ok
13:22:05.0385 1996 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:22:05.0432 1996 HidBatt - ok
13:22:05.0463 1996 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:22:05.0557 1996 HidBth - ok
13:22:05.0588 1996 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:22:05.0635 1996 HidIr - ok
13:22:05.0666 1996 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:22:05.0744 1996 hidserv - ok
13:22:05.0775 1996 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:22:05.0837 1996 HidUsb - ok
13:22:05.0853 1996 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:22:05.0915 1996 hkmsvc - ok
13:22:05.0947 1996 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:22:06.0025 1996 HomeGroupListener - ok
13:22:06.0056 1996 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:22:06.0118 1996 HomeGroupProvider - ok
13:22:06.0149 1996 [ 3BCB98418BF3CFFB152109D3B10B1C85 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
13:22:06.0181 1996 HookCentre - ok
13:22:06.0212 1996 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:22:06.0259 1996 HpSAMD - ok
13:22:06.0305 1996 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:22:06.0446 1996 HTTP - ok
13:22:06.0477 1996 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:22:06.0539 1996 hwpolicy - ok
13:22:06.0571 1996 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:22:06.0617 1996 i8042prt - ok
13:22:06.0649 1996 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:22:06.0695 1996 iaStorV - ok
13:22:06.0805 1996 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:22:06.0836 1996 IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:22:06.0836 1996 IDriverT - detected UnsignedFile.Multi.Generic (1)
13:22:06.0914 1996 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:22:06.0976 1996 idsvc - ok
13:22:07.0007 1996 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:22:07.0039 1996 iirsp - ok
13:22:07.0085 1996 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:22:07.0179 1996 IKEEXT - ok
13:22:07.0288 1996 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:22:07.0351 1996 IntcAzAudAddService - ok
13:22:07.0366 1996 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:22:07.0397 1996 intelide - ok
13:22:07.0413 1996 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:22:07.0491 1996 intelppm - ok
13:22:07.0491 1996 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:22:07.0585 1996 IPBusEnum - ok
13:22:07.0600 1996 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:22:07.0647 1996 IpFilterDriver - ok
13:22:07.0709 1996 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:22:07.0787 1996 iphlpsvc - ok
13:22:07.0803 1996 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:22:07.0865 1996 IPMIDRV - ok
13:22:07.0897 1996 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:22:07.0990 1996 IPNAT - ok
13:22:08.0021 1996 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:22:08.0084 1996 IRENUM - ok
13:22:08.0099 1996 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:22:08.0131 1996 isapnp - ok
13:22:08.0162 1996 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:22:08.0193 1996 iScsiPrt - ok
13:22:08.0224 1996 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:22:08.0255 1996 kbdclass - ok
13:22:08.0287 1996 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:22:08.0318 1996 kbdhid - ok
13:22:08.0333 1996 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:22:08.0365 1996 KeyIso - ok
13:22:08.0427 1996 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:22:08.0474 1996 KSecDD - ok
13:22:08.0521 1996 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:22:08.0583 1996 KSecPkg - ok
13:22:08.0599 1996 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:22:08.0677 1996 ksthunk - ok
13:22:08.0723 1996 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:22:08.0770 1996 KtmRm - ok
13:22:08.0926 1996 [ 4C68F3754CC0D1C77293A0E9F7AD17ED ] KUSBusByTCP C:\Windows\syswow64\Drivers\KUSBusByTCP.sys
13:22:08.0973 1996 KUSBusByTCP - ok
13:22:08.0989 1996 [ 58E8866C4BEA18F834ADA526C508DE16 ] KUSBusByTCPMasterBus C:\Windows\syswow64\Drivers\KUSBusByTCPMasterBus.sys
13:22:09.0020 1996 KUSBusByTCPMasterBus - ok
13:22:09.0067 1996 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:22:09.0207 1996 LanmanServer - ok
13:22:09.0223 1996 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:22:09.0301 1996 LanmanWorkstation - ok
13:22:09.0347 1996 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:22:09.0457 1996 lltdio - ok
13:22:09.0488 1996 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:22:09.0613 1996 lltdsvc - ok
13:22:09.0644 1996 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:22:09.0753 1996 lmhosts - ok
13:22:09.0784 1996 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:22:09.0815 1996 LSI_FC - ok
13:22:09.0831 1996 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:22:09.0862 1996 LSI_SAS - ok
13:22:09.0878 1996 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:22:09.0909 1996 LSI_SAS2 - ok
13:22:09.0940 1996 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:22:09.0971 1996 LSI_SCSI - ok
13:22:09.0971 1996 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:22:10.0049 1996 luafv - ok
13:22:10.0081 1996 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:22:10.0143 1996 Mcx2Svc - ok
13:22:10.0174 1996 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:22:10.0205 1996 megasas - ok
13:22:10.0221 1996 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:22:10.0268 1996 MegaSR - ok
13:22:10.0299 1996 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:22:10.0361 1996 MMCSS - ok
13:22:10.0377 1996 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:22:10.0455 1996 Modem - ok
13:22:10.0471 1996 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:22:10.0549 1996 monitor - ok
13:22:10.0564 1996 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:22:10.0595 1996 mouclass - ok
13:22:10.0627 1996 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:22:10.0658 1996 mouhid - ok
13:22:10.0673 1996 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:22:10.0705 1996 mountmgr - ok
13:22:10.0720 1996 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:22:10.0751 1996 mpio - ok
13:22:10.0767 1996 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:22:10.0829 1996 mpsdrv - ok
13:22:10.0876 1996 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:22:10.0939 1996 MpsSvc - ok
13:22:10.0954 1996 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:22:11.0001 1996 MRxDAV - ok
13:22:11.0048 1996 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:22:11.0126 1996 mrxsmb - ok
13:22:11.0141 1996 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:22:11.0173 1996 mrxsmb10 - ok
13:22:11.0219 1996 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:22:11.0266 1996 mrxsmb20 - ok
13:22:11.0282 1996 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:22:11.0313 1996 msahci - ok
13:22:11.0344 1996 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:22:11.0375 1996 msdsm - ok
13:22:11.0391 1996 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:22:11.0438 1996 MSDTC - ok
13:22:11.0453 1996 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:22:11.0531 1996 Msfs - ok
13:22:11.0547 1996 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:22:11.0609 1996 mshidkmdf - ok
13:22:11.0609 1996 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:22:11.0641 1996 msisadrv - ok
13:22:11.0672 1996 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:22:11.0734 1996 MSiSCSI - ok
13:22:11.0734 1996 msiserver - ok
13:22:11.0765 1996 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:22:11.0875 1996 MSKSSRV - ok
13:22:11.0906 1996 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:22:12.0031 1996 MSPCLOCK - ok
13:22:12.0046 1996 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:22:12.0124 1996 MSPQM - ok
13:22:12.0140 1996 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:22:12.0187 1996 MsRPC - ok
13:22:12.0202 1996 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:22:12.0233 1996 mssmbios - ok
13:22:12.0249 1996 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:22:12.0311 1996 MSTEE - ok
13:22:12.0327 1996 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:22:12.0358 1996 MTConfig - ok
13:22:12.0389 1996 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:22:12.0421 1996 Mup - ok
13:22:12.0452 1996 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:22:12.0530 1996 napagent - ok
13:22:12.0623 1996 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:22:12.0686 1996 NativeWifiP - ok
13:22:12.0826 1996 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
13:22:12.0873 1996 NAUpdate - ok
13:22:12.0935 1996 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:22:12.0982 1996 NDIS - ok
13:22:13.0029 1996 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:22:13.0076 1996 NdisCap - ok
13:22:13.0107 1996 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:22:13.0169 1996 NdisTapi - ok
13:22:13.0185 1996 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:22:13.0247 1996 Ndisuio - ok
13:22:13.0263 1996 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:22:13.0341 1996 NdisWan - ok
13:22:13.0341 1996 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:22:13.0419 1996 NDProxy - ok
13:22:13.0435 1996 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:22:13.0497 1996 NetBIOS - ok
13:22:13.0513 1996 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:22:13.0575 1996 NetBT - ok
13:22:13.0606 1996 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:22:13.0638 1996 Netlogon - ok
13:22:13.0669 1996 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:22:13.0778 1996 Netman - ok
13:22:13.0825 1996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:22:13.0872 1996 NetMsmqActivator - ok
13:22:13.0918 1996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:22:13.0965 1996 NetPipeActivator - ok
13:22:13.0981 1996 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:22:14.0059 1996 netprofm - ok
13:22:14.0059 1996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:22:14.0090 1996 NetTcpActivator - ok
13:22:14.0090 1996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:22:14.0121 1996 NetTcpPortSharing - ok
13:22:14.0293 1996 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:22:14.0402 1996 netw5v64 - ok
13:22:14.0449 1996 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:22:14.0496 1996 nfrd960 - ok
13:22:14.0605 1996 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:22:14.0683 1996 NlaSvc - ok
13:22:14.0698 1996 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:22:14.0761 1996 Npfs - ok
13:22:14.0792 1996 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:22:14.0901 1996 nsi - ok
13:22:14.0917 1996 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:22:14.0995 1996 nsiproxy - ok
13:22:15.0088 1996 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:22:15.0166 1996 Ntfs - ok
13:22:15.0198 1996 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:22:15.0244 1996 Null - ok
13:22:15.0322 1996 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:22:15.0385 1996 NVHDA - ok
13:22:15.0759 1996 [ 993D73A8090C957230DE4E14AA9C5DFF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:22:15.0978 1996 nvlddmkm - ok
13:22:16.0040 1996 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:22:16.0071 1996 nvraid - ok
13:22:16.0087 1996 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:22:16.0118 1996 nvstor - ok
13:22:16.0180 1996 [ C367AD646714E03E14F24F39EC206736 ] NVSvc C:\Windows\system32\nvvsvc.exe
13:22:16.0227 1996 NVSvc - ok
13:22:16.0321 1996 [ 44407283382D82C64C9195DE686D4205 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:22:16.0383 1996 nvUpdatusService - ok
13:22:16.0446 1996 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:22:16.0492 1996 nv_agp - ok
13:22:16.0508 1996 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:22:16.0586 1996 ohci1394 - ok
13:22:16.0617 1996 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:22:16.0664 1996 ose - ok
13:22:16.0836 1996 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:22:16.0945 1996 osppsvc - ok
13:22:16.0992 1996 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:22:17.0070 1996 p2pimsvc - ok
13:22:17.0101 1996 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:22:17.0132 1996 p2psvc - ok
13:22:17.0163 1996 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:22:17.0241 1996 Parport - ok
13:22:17.0288 1996 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:22:17.0335 1996 partmgr - ok
13:22:17.0397 1996 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:22:17.0506 1996 PcaSvc - ok
13:22:17.0522 1996 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:22:17.0553 1996 pci - ok
13:22:17.0569 1996 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:22:17.0616 1996 pciide - ok
13:22:17.0631 1996 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:22:17.0662 1996 pcmcia - ok
13:22:17.0694 1996 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:22:17.0725 1996 pcw - ok
13:22:17.0740 1996 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:22:17.0818 1996 PEAUTH - ok
13:22:17.0850 1996 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:22:17.0881 1996 PerfHost - ok
13:22:17.0959 1996 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:22:18.0068 1996 pla - ok
13:22:18.0130 1996 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:22:18.0240 1996 PlugPlay - ok
13:22:18.0255 1996 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:22:18.0302 1996 PNRPAutoReg - ok
13:22:18.0318 1996 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:22:18.0364 1996 PNRPsvc - ok
13:22:18.0427 1996 [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:22:18.0489 1996 Point64 - ok
13:22:18.0520 1996 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:22:18.0661 1996 PolicyAgent - ok
13:22:18.0708 1996 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:22:18.0770 1996 Power - ok
13:22:18.0801 1996 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:22:18.0910 1996 PptpMiniport - ok
13:22:18.0926 1996 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:22:18.0973 1996 Processor - ok
13:22:19.0020 1996 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:22:19.0082 1996 ProfSvc - ok
13:22:19.0098 1996 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:22:19.0144 1996 ProtectedStorage - ok
13:22:19.0160 1996 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:22:19.0238 1996 Psched - ok
13:22:19.0269 1996 PxHelp20 - ok
13:22:19.0316 1996 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:22:19.0363 1996 PxHlpa64 - ok
13:22:19.0425 1996 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:22:19.0519 1996 ql2300 - ok
13:22:19.0550 1996 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:22:19.0581 1996 ql40xx - ok
13:22:19.0597 1996 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:22:19.0644 1996 QWAVE - ok
13:22:19.0659 1996 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:22:19.0706 1996 QWAVEdrv - ok
13:22:19.0722 1996 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:22:19.0800 1996 RasAcd - ok
13:22:19.0846 1996 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:22:19.0924 1996 RasAgileVpn - ok
13:22:19.0940 1996 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:22:20.0018 1996 RasAuto - ok
13:22:20.0034 1996 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:22:20.0112 1996 Rasl2tp - ok
13:22:20.0143 1996 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:22:20.0205 1996 RasMan - ok
13:22:20.0221 1996 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:22:20.0283 1996 RasPppoe - ok
13:22:20.0314 1996 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:22:20.0377 1996 RasSstp - ok
13:22:20.0408 1996 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:22:20.0502 1996 rdbss - ok
13:22:20.0533 1996 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:22:20.0595 1996 rdpbus - ok
13:22:20.0626 1996 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:22:20.0689 1996 RDPCDD - ok
13:22:20.0689 1996 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:22:20.0767 1996 RDPENCDD - ok
13:22:20.0767 1996 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:22:20.0829 1996 RDPREFMP - ok
13:22:20.0907 1996 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:22:20.0970 1996 RdpVideoMiniport - ok
13:22:21.0016 1996 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:22:21.0094 1996 RDPWD - ok
13:22:21.0126 1996 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:22:21.0172 1996 rdyboost - ok
13:22:21.0188 1996 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:22:21.0266 1996 RemoteAccess - ok
13:22:21.0297 1996 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:22:21.0438 1996 RemoteRegistry - ok
13:22:21.0469 1996 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:22:21.0562 1996 RFCOMM - ok
13:22:21.0594 1996 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:22:21.0656 1996 RpcEptMapper - ok
13:22:21.0672 1996 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:22:21.0750 1996 RpcLocator - ok
13:22:21.0781 1996 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:22:21.0843 1996 RpcSs - ok
13:22:21.0906 1996 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:22:22.0015 1996 rspndr - ok
13:22:22.0062 1996 [ 44ED82612403021E36998E1ECB1198F1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
13:22:22.0140 1996 RSUSBSTOR - ok
13:22:22.0186 1996 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:22:22.0233 1996 RTL8167 - ok
13:22:22.0280 1996 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:22:22.0327 1996 SamSs - ok
13:22:22.0342 1996 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:22:22.0374 1996 sbp2port - ok
13:22:22.0405 1996 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:22:22.0483 1996 SCardSvr - ok
13:22:22.0514 1996 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:22:22.0561 1996 scfilter - ok
13:22:22.0592 1996 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:22:22.0670 1996 Schedule - ok
13:22:22.0701 1996 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:22:22.0764 1996 SCPolicySvc - ok
13:22:22.0764 1996 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:22:22.0810 1996 SDRSVC - ok
13:22:22.0842 1996 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:22:22.0904 1996 secdrv - ok
13:22:22.0920 1996 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:22:22.0982 1996 seclogon - ok
13:22:22.0982 1996 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:22:23.0044 1996 SENS - ok
13:22:23.0060 1996 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:22:23.0107 1996 SensrSvc - ok
13:22:23.0122 1996 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:22:23.0154 1996 Serenum - ok
13:22:23.0169 1996 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:22:23.0247 1996 Serial - ok
13:22:23.0278 1996 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:22:23.0325 1996 sermouse - ok
13:22:23.0341 1996 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:22:23.0419 1996 SessionEnv - ok
13:22:23.0434 1996 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:22:23.0466 1996 sffdisk - ok
13:22:23.0481 1996 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:22:23.0528 1996 sffp_mmc - ok
13:22:23.0544 1996 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:22:23.0590 1996 sffp_sd - ok
13:22:23.0606 1996 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:22:23.0637 1996 sfloppy - ok
13:22:23.0684 1996 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:22:23.0746 1996 SharedAccess - ok
13:22:23.0762 1996 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:22:23.0824 1996 ShellHWDetection - ok
13:22:23.0856 1996 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:22:23.0887 1996 SiSRaid2 - ok
13:22:23.0902 1996 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:22:23.0934 1996 SiSRaid4 - ok
13:22:23.0965 1996 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:22:24.0058 1996 Smb - ok
13:22:24.0090 1996 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:22:24.0183 1996 SNMPTRAP - ok
13:22:24.0214 1996 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:22:24.0277 1996 spldr - ok
13:22:24.0339 1996 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:22:24.0402 1996 Spooler - ok
13:22:24.0511 1996 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:22:24.0620 1996 sppsvc - ok
13:22:24.0636 1996 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:22:24.0682 1996 sppuinotify - ok
13:22:24.0745 1996 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:22:24.0823 1996 srv - ok
13:22:24.0885 1996 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:22:24.0948 1996 srv2 - ok
13:22:24.0994 1996 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:22:25.0057 1996 srvnet - ok
13:22:25.0088 1996 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:22:25.0166 1996 SSDPSRV - ok
13:22:25.0166 1996 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:22:25.0228 1996 SstpSvc - ok
13:22:25.0353 1996 [ 17FC2EAD763F0237457817A753A5A676 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:22:25.0416 1996 Stereo Service - ok
13:22:25.0447 1996 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:22:25.0478 1996 stexstor - ok
13:22:25.0556 1996 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:22:25.0650 1996 stisvc - ok
13:22:25.0665 1996 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:22:25.0712 1996 swenum - ok
13:22:25.0728 1996 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:22:25.0790 1996 swprv - ok
13:22:25.0868 1996 [ F1F996AE360812D829E08E77E60379B0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:22:25.0930 1996 SynTP - ok
13:22:25.0993 1996 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:22:26.0118 1996 SysMain - ok
13:22:26.0133 1996 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:22:26.0196 1996 TabletInputService - ok
13:22:26.0196 1996 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:22:26.0258 1996 TapiSrv - ok
13:22:26.0274 1996 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:22:26.0336 1996 TBS - ok
13:22:26.0430 1996 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:22:26.0508 1996 Tcpip - ok
13:22:26.0586 1996 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:22:26.0679 1996 TCPIP6 - ok
13:22:26.0726 1996 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:22:26.0773 1996 tcpipreg - ok
13:22:26.0788 1996 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:22:26.0866 1996 TDPIPE - ok
13:22:26.0929 1996 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:22:27.0007 1996 TDTCP - ok
13:22:27.0038 1996 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:22:27.0163 1996 tdx - ok
13:22:27.0178 1996 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:22:27.0210 1996 TermDD - ok
13:22:27.0241 1996 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:22:27.0303 1996 TermService - ok
13:22:27.0319 1996 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:22:27.0366 1996 Themes - ok
13:22:27.0381 1996 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:22:27.0444 1996 THREADORDER - ok
13:22:27.0475 1996 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:22:27.0537 1996 TrkWks - ok
13:22:27.0600 1996 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:22:27.0678 1996 TrustedInstaller - ok
13:22:27.0693 1996 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:22:27.0756 1996 tssecsrv - ok
13:22:27.0802 1996 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:22:27.0896 1996 TsUsbFlt - ok
13:22:27.0943 1996 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:22:28.0005 1996 TsUsbGD - ok
13:22:28.0036 1996 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:22:28.0114 1996 tunnel - ok
13:22:28.0130 1996 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:22:28.0161 1996 uagp35 - ok
13:22:28.0177 1996 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:22:28.0270 1996 udfs - ok
13:22:28.0302 1996 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:22:28.0333 1996 UI0Detect - ok
13:22:28.0364 1996 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:22:28.0395 1996 uliagpkx - ok
13:22:28.0411 1996 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:22:28.0473 1996 umbus - ok
13:22:28.0504 1996 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:22:28.0551 1996 UmPass - ok
13:22:28.0567 1996 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:22:28.0660 1996 upnphost - ok
13:22:28.0676 1996 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:22:28.0707 1996 usbccgp - ok
13:22:28.0738 1996 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:22:28.0770 1996 usbcir - ok
13:22:28.0785 1996 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:22:28.0816 1996 usbehci - ok
13:22:28.0848 1996 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:22:28.0941 1996 usbhub - ok
13:22:28.0957 1996 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:22:29.0004 1996 usbohci - ok
13:22:29.0019 1996 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:22:29.0097 1996 usbprint - ok
13:22:29.0144 1996 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:22:29.0206 1996 usbscan - ok
13:22:29.0238 1996 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:22:29.0300 1996 USBSTOR - ok
13:22:29.0316 1996 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:22:29.0362 1996 usbuhci - ok
13:22:29.0394 1996 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:22:29.0518 1996 UxSms - ok
13:22:29.0534 1996 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:22:29.0565 1996 VaultSvc - ok
13:22:29.0612 1996 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:22:29.0659 1996 vdrvroot - ok
13:22:29.0690 1996 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:22:29.0768 1996 vds - ok
13:22:29.0784 1996 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:22:29.0815 1996 vga - ok
13:22:29.0830 1996 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:22:29.0893 1996 VgaSave - ok
13:22:29.0924 1996 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:22:29.0955 1996 vhdmp - ok
13:22:29.0971 1996 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:22:30.0002 1996 viaide - ok
13:22:30.0018 1996 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:22:30.0049 1996 volmgr - ok
13:22:30.0080 1996 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:22:30.0111 1996 volmgrx - ok
13:22:30.0127 1996 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:22:30.0158 1996 volsnap - ok
13:22:30.0189 1996 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:22:30.0220 1996 vsmraid - ok
13:22:30.0298 1996 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:22:30.0376 1996 VSS - ok
13:22:30.0392 1996 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:22:30.0470 1996 vwifibus - ok
13:22:30.0517 1996 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:22:30.0610 1996 W32Time - ok
13:22:30.0642 1996 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:22:30.0720 1996 WacomPen - ok
13:22:30.0751 1996 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:22:30.0844 1996 WANARP - ok
13:22:30.0860 1996 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:22:30.0922 1996 Wanarpv6 - ok
13:22:31.0032 1996 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:22:31.0094 1996 WatAdminSvc - ok
13:22:31.0172 1996 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:22:31.0234 1996 wbengine - ok
13:22:31.0250 1996 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:22:31.0297 1996 WbioSrvc - ok
13:22:31.0312 1996 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:22:31.0375 1996 wcncsvc - ok
13:22:31.0390 1996 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:22:31.0437 1996 WcsPlugInService - ok
13:22:31.0468 1996 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:22:31.0531 1996 Wd - ok
13:22:31.0593 1996 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:22:31.0656 1996 Wdf01000 - ok
13:22:31.0671 1996 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:22:31.0718 1996 WdiServiceHost - ok
13:22:31.0734 1996 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:22:31.0765 1996 WdiSystemHost - ok
13:22:31.0780 1996 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:22:31.0827 1996 WebClient - ok
13:22:31.0843 1996 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:22:31.0905 1996 Wecsvc - ok
13:22:31.0921 1996 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:22:31.0983 1996 wercplsupport - ok
13:22:31.0999 1996 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:22:32.0061 1996 WerSvc - ok
13:22:32.0077 1996 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:22:32.0124 1996 WfpLwf - ok
13:22:32.0155 1996 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:22:32.0186 1996 WIMMount - ok
13:22:32.0202 1996 WinDefend - ok
13:22:32.0217 1996 WinHttpAutoProxySvc - ok
13:22:32.0280 1996 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:22:32.0358 1996 Winmgmt - ok
13:22:32.0436 1996 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:22:32.0545 1996 WinRM - ok
13:22:32.0623 1996 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:22:32.0701 1996 WinUsb - ok
13:22:32.0748 1996 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:22:32.0826 1996 Wlansvc - ok
13:22:32.0841 1996 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:22:32.0872 1996 WmiAcpi - ok
13:22:32.0904 1996 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:22:32.0950 1996 wmiApSrv - ok
13:22:32.0982 1996 WMPNetworkSvc - ok
13:22:32.0997 1996 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:22:33.0044 1996 WPCSvc - ok
13:22:33.0060 1996 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:22:33.0106 1996 WPDBusEnum - ok
13:22:33.0138 1996 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:22:33.0200 1996 ws2ifsl - ok
13:22:33.0216 1996 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:22:33.0262 1996 wscsvc - ok
13:22:33.0278 1996 WSearch - ok
13:22:33.0418 1996 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:22:33.0528 1996 wuauserv - ok
13:22:33.0574 1996 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:22:33.0668 1996 WudfPf - ok
13:22:33.0699 1996 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:22:33.0746 1996 WUDFRd - ok
13:22:33.0808 1996 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:22:33.0871 1996 wudfsvc - ok
13:22:33.0918 1996 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:22:33.0964 1996 WwanSvc - ok
13:22:34.0027 1996 [ BAA813A76F5DB6CC3C2CEAB7D82B6972 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
13:22:34.0089 1996 X10Hid - ok
13:22:34.0152 1996 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
13:22:34.0167 1996 x10nets ( UnsignedFile.Multi.Generic ) - warning
13:22:34.0167 1996 x10nets - detected UnsignedFile.Multi.Generic (1)
13:22:34.0230 1996 [ A4B2A8751A8F96134BE6063B8A759116 ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
13:22:34.0276 1996 XUIF - ok
13:22:34.0276 1996 ================ Scan global ===============================
13:22:34.0323 1996 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:22:34.0386 1996 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:22:34.0401 1996 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:22:34.0417 1996 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:22:34.0464 1996 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:22:34.0464 1996 [Global] - ok
13:22:34.0464 1996 ================ Scan MBR ==================================
13:22:34.0479 1996 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:22:34.0885 1996 \Device\Harddisk0\DR0 - ok
13:22:34.0885 1996 ================ Scan VBR ==================================
13:22:34.0885 1996 [ 0497BBFD3F57F7E13A7F358538CA22C1 ] \Device\Harddisk0\DR0\Partition1
13:22:34.0885 1996 \Device\Harddisk0\DR0\Partition1 - ok
13:22:34.0932 1996 [ 4619D85B84C456A25548034B4A111007 ] \Device\Harddisk0\DR0\Partition2
13:22:34.0932 1996 \Device\Harddisk0\DR0\Partition2 - ok
13:22:34.0932 1996 ============================================================
13:22:34.0932 1996 Scan finished
13:22:34.0932 1996 ============================================================
13:22:34.0963 0432 Detected object count: 3
13:22:34.0963 0432 Actual detected object count: 3
13:23:00.0094 0432 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:00.0094 0432 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:23:00.0094 0432 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:00.0094 0432 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:23:00.0110 0432 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:00.0110 0432 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
11.06.2013, 12:26
| #10 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Passt. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 13:14
| #11 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Here we go... Combofix Logfile: Code:
ATTFilter ComboFix 13-06-08.02 - Carmen Roewer 11.06.2013 14:00:05.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2334 [GMT 2:00]
ausgeführt von:: c:\users\Carmen Roewer\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2012 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2012 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-11 bis 2013-06-11 ))))))))))))))))))))))))))))))
.
.
2013-06-11 12:09 . 2013-06-11 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-11 09:01 . 2013-06-11 09:01 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2013-06-11 08:42 . 2013-06-11 08:42 -------- d-----w- c:\users\UpdatusUser
2013-06-11 08:33 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-06-11 08:33 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-06-11 08:33 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-06-11 08:33 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-06-11 08:33 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-06-11 08:33 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-06-11 08:33 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-06-11 08:33 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-06-11 08:33 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-06-11 08:17 . 2013-06-11 08:17 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-11 08:17 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-11 08:11 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E56D2000-92EF-43D8-BC21-7D9474F11562}\mpengine.dll
2013-06-10 18:49 . 2013-06-10 21:56 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2013-05-16 19:33 . 2013-05-16 19:33 -------- d-----w- c:\users\Carmen Roewer\AppData\Roaming\Sony Corporation
2013-05-16 19:29 . 2013-05-16 19:29 -------- d-----w- c:\program files\DxO Labs
2013-05-16 19:01 . 2006-10-30 11:46 6097 ----a-w- c:\windows\SysWow64\drivers\sonyhcb.sys
2013-05-16 19:01 . 2006-10-30 11:46 53248 ----a-w- c:\windows\SysWow64\SONYHCY.DLL
2013-05-16 19:01 . 2006-10-30 11:46 38739 ----a-w- c:\windows\SysWow64\drivers\sonyhcc.sys
2013-05-16 19:01 . 2006-10-30 11:46 3654 ----a-w- c:\windows\SysWow64\drivers\Sonyhcp.dll
2013-05-16 19:01 . 2006-10-30 11:46 299923 ----a-w- c:\windows\SysWow64\drivers\sonyhcs.sys
2013-05-16 19:01 . 2006-10-30 11:46 102220 ----a-w- c:\windows\SysWow64\drivers\sonypvs1.sys
2013-05-16 19:01 . 2013-05-16 19:01 -------- d-----w- C:\Drivers
2013-05-16 18:58 . 2013-05-16 19:43 -------- d-----w- c:\windows\SysWow64\Iosubsys
2013-05-16 18:58 . 2006-11-02 14:57 36624 ----a-w- c:\windows\SysWow64\drivers\pxhelp20.sys
2013-05-16 18:58 . 2006-08-28 19:48 2560 ----a-w- c:\windows\SysWow64\drivers\cdralw2k.sys
2013-05-16 18:58 . 2006-08-28 19:48 2432 ----a-w- c:\windows\SysWow64\drivers\cdr4_xp.sys
2013-05-16 18:58 . 2006-08-28 19:48 2432 ----a-w- c:\windows\SysWow64\drivers\cdr4_2k.sys
2013-05-16 18:50 . 2013-05-16 18:50 -------- d-----w- c:\program files (x86)\Sony
2013-05-16 18:49 . 2013-05-16 18:49 -------- d-----w- c:\programdata\Sony Corporation
2013-05-16 18:48 . 2004-07-15 22:20 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2013-05-16 18:48 . 2004-07-15 22:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2013-05-16 18:48 . 2004-07-15 22:19 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2013-05-16 18:48 . 2004-07-15 22:18 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2013-05-16 18:48 . 2004-07-15 22:18 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2013-05-16 18:48 . 2013-05-16 18:48 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2013-05-16 18:48 . 2013-05-16 18:48 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2013-05-15 16:37 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 16:37 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 16:37 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 16:37 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 16:37 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 16:37 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 16:37 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 16:37 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 16:37 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 16:36 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 16:36 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 16:36 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 18:17 . 2011-10-23 09:58 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 18:18 . 2012-06-21 06:44 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 18:18 . 2011-10-23 12:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-27 06:34 . 2013-04-27 06:34 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-15 16:37 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 16:37 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 16:37 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 16:37 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 16:37 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 16:37 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 07:39 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-29 20:14 . 2013-03-29 20:14 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-29 20:14 . 2013-03-29 20:14 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-29 20:14 . 2013-03-29 20:14 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-29 20:14 . 2013-03-29 20:14 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-29 20:14 . 2013-03-29 20:14 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-29 20:14 . 2013-03-29 20:14 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-29 20:14 . 2013-03-29 20:14 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-29 20:14 . 2013-03-29 20:14 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-29 20:14 . 2013-03-29 20:14 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-29 20:14 . 2013-03-29 20:14 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-29 20:14 . 2013-03-29 20:14 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-29 20:14 . 2013-03-29 20:14 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-29 20:14 . 2013-03-29 20:14 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-29 20:14 . 2013-03-29 20:14 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-29 20:14 . 2013-03-29 20:14 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-29 20:14 . 2013-03-29 20:14 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-29 20:14 . 2013-03-29 20:14 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-29 20:14 . 2013-03-29 20:14 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-29 20:14 . 2013-03-29 20:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-29 20:14 . 2013-03-29 20:14 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-29 20:14 . 2013-03-29 20:14 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-29 20:14 . 2013-03-29 20:14 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-29 20:14 . 2013-03-29 20:14 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-29 20:14 . 2013-03-29 20:14 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-29 20:14 . 2013-03-29 20:14 441856 ----a-w- c:\windows\system32\html.iec
2013-03-29 20:14 . 2013-03-29 20:14 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-29 20:14 . 2013-03-29 20:14 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-29 20:14 . 2013-03-29 20:14 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-29 20:14 . 2013-03-29 20:14 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-29 20:14 . 2013-03-29 20:14 235008 ----a-w- c:\windows\system32\url.dll
2013-03-29 20:14 . 2013-03-29 20:14 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-29 20:14 . 2013-03-29 20:14 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-29 20:14 . 2013-03-29 20:14 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-29 20:14 . 2013-03-29 20:14 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-29 20:14 . 2013-03-29 20:14 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-29 20:14 . 2013-03-29 20:14 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-29 20:14 . 2013-03-29 20:14 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-29 20:14 . 2013-03-29 20:14 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-29 20:14 . 2013-03-29 20:14 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-29 20:14 . 2013-03-29 20:14 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-29 20:14 . 2013-03-29 20:14 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-29 20:14 . 2013-03-29 20:14 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-29 20:14 . 2013-03-29 20:14 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-29 20:14 . 2013-03-29 20:14 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-29 20:14 . 2013-03-29 20:14 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-29 20:14 . 2013-03-29 20:14 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-29 20:14 . 2013-03-29 20:14 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-29 20:14 . 2013-03-29 20:14 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-29 20:14 . 2013-03-29 20:14 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-19 06:04 . 2013-04-10 12:06 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:06 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:06 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:06 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:06 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:06 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2011-08-17 1011208]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2011-10-28 1617416]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LevelOne Control Center"="c:\program files (x86)\LevelOne\MFP Server Control Center\Control Center.exe" [2010-02-06 3342848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Carmen Roewer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Picture Motion Browser Medien-Prüfung.lnk - c:\program files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2013-5-16 344064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 fspad_wlh64;Finger-sensing Pad Driver for Windows 2000/XP/Vista_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys;c:\windows\SYSNATIVE\DRIVERS\fspad_wlh64.sys [x]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon64.sys;c:\windows\SYSNATIVE\drivers\GdNetMon64.sys [x]
R3 KUSBusByTCP;KUSBusByTCP;SysWOW64\Drivers\KUSBusByTCP.sys;SysWOW64\Drivers\KUSBusByTCP.sys [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 FPWinIo;FPWinIo;c:\windows\system32\DRIVERS\FPWinIo.sys;c:\windows\SYSNATIVE\DRIVERS\FPWinIo.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [x]
S2 FPSensor;LTT-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys;c:\windows\SYSNATIVE\Drivers\FPSensor.sys [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;SysWOW64\Drivers\KUSBusByTCPMasterBus.sys;SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys;c:\windows\SYSNATIVE\Drivers\x10hid.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 37707122
*NewlyCreated* - 40973607
*Deregistered* - 37707122
*Deregistered* - 40973607
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 18:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1686824]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.fotolia.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-11 14:12:04
ComboFix-quarantined-files.txt 2013-06-11 12:12
ComboFix2.txt 2013-06-11 11:54
.
Vor Suchlauf: 13 Verzeichnis(se), 74.937.630.720 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 74.637.369.344 Bytes frei
.
- - End Of File - - 61329E8440E1298FA8B7C0B624B1D358
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
|
|
11.06.2013, 13:24
| #12 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 15:19
| #13 |
| | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hat nichts gefunden... Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.11.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 xxx :: xxx [Administrator] 11.06.2013 14:29:45 mbam-log-2013-06-11 (14-29-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 403186 Laufzeit: 1 Stunde(n), 40 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
11.06.2013, 17:23
| #14 |
| /// Malware-holic | GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU Trojaner 2.12, Windows 7 x64, OTL-Logs im Anhang |
| anhang, anschauen, arten, befinden, benutzer, eingabeaufforderung, gvu trojaner, gvu trojaner 2.12, laptop, laufe, laufen, modus, schön, starte, starten, system, troja, trojaner, windows, windows 7, windows 7 x64 |
Textbox. 
WARNUNG an die MITLESER: 
Linear-Darstellung
