| |
| |||||||
Log-Analyse und Auswertung: Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.CandyWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.08.2013, 09:31
| #7 |
 |  Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy Hi Markus, vielen Dank! Gestern hat Win 7 einmal beim Benutzerwechsel vom Administrator zum Benutzer ohne Rechte gestreikt. Musste Windows neu starten um den Benutzer ohne Rechte zu laden. Habe deinstalliert, auch noch Adobe Air. Musste allerdings Adobe Flash Player Activex 11 noch neu installieren, da HP Solutioncenter nicht mehr lief. Combofix lief ohne Probleme. Habe zwei Logfiles auf C gefunden. Hier die Logfiles: Combofix: Code:
ATTFilter ComboFix 13-08-12.01 - Christine 13.08.2013 9:03.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.41.1031.18.4061.2531 [GMT 2:00]
ausgeführt von:: d:\benutzer\Christine\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-13 bis 2013-08-13 ))))))))))))))))))))))))))))))
.
.
2013-08-13 07:10 . 2013-08-13 07:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-13 07:10 . 2013-08-13 07:10 -------- d-----w- c:\users\Climb\AppData\Local\temp
2013-08-13 05:57 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1CDA4B2-F694-49B7-8DBF-2DC73B3BCC70}\mpengine.dll
2013-08-12 20:30 . 2013-08-12 20:30 -------- d-----w- c:\windows\system32\IO
2013-08-12 20:27 . 2013-08-13 06:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-12 20:27 . 2013-08-13 06:02 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-12 09:29 . 2013-08-12 09:29 -------- d-----w- C:\FRST
2013-08-12 05:48 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-05 10:10 . 2013-08-05 10:17 -------- d-----w- c:\windows\system32\MRT
2013-07-18 05:55 . 2013-07-18 05:55 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{859B0338-31E7-4E26-BF9F-A9C90EF3E382}\gapaengine.dll
2013-07-15 06:29 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-15 06:29 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-15 06:29 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-15 06:29 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-15 06:29 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-15 06:29 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-15 06:29 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-15 06:29 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-15 06:29 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-15 06:29 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-15 06:29 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-15 06:29 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-15 06:28 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-15 06:28 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-15 06:28 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 06:28 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-15 06:28 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 06:28 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-15 06:28 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-01 10:25 . 2013-05-17 09:11 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-24 10:17 . 2013-06-24 10:17 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 10:17 . 2012-07-24 09:37 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-24 10:17 . 2011-07-12 09:56 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-24 10:16 . 2013-06-24 10:16 0 ----a-w- c:\windows\SysWow64\REN1BB2.tmp
2013-06-24 10:16 . 2013-06-24 10:16 0 ----a-w- c:\windows\SysWow64\REN1BB1.tmp
2013-06-23 22:57 . 2011-06-22 16:05 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 05:48 . 2013-03-12 06:41 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-18 19:50 . 2013-06-18 19:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2012-08-30 21:03 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl8"="c:\program files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe" [2009-04-16 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\ASUSTek\ASUSDVD 8\Language\Language.exe" [2009-04-16 50472]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"BJCFD"="c:\program files (x86)\BroadJump\Client Foundation\CFD.exe" [2002-12-16 376912]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-01 345144]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe" [2012-08-03 740736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Climb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AntiWerBung.exe [2012-5-24 306789]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 A2DDA;A2 Direct Disk Access Support Driver;f:\emsisoftemergencykit_3.0.0.3\Run\a2ddax64.sys;f:\emsisoftemergencykit_3.0.0.3\Run\a2ddax64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFVA64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x]
R3 dgcfltr;DGC Filter Driver;c:\windows\system32\DRIVERS\ACFDCP64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFDCP64.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AcfXAudioService;AcfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;c:\windows\system32\DRIVERS\GUCI_AVS.sys;c:\windows\SYSNATIVE\DRIVERS\GUCI_AVS.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-12 06:02]
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 07:21]
.
2013-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 07:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\Asus WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\Asus WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\Asus WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Climb\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Climb\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Climb\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Climb\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
"GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2009-09-17 314880]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\hnmyvv2g.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: !HIDDEN! 2011-07-01 07:37; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-13 09:13:41
ComboFix-quarantined-files.txt 2013-08-13 07:13
.
Vor Suchlauf: 14 Verzeichnis(se), 72'827'002'880 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 72'170'754'048 Bytes frei
.
- - End Of File - - 01D9B8839BF2776A0F50FAEAE750D53B
5C616939100B85E558DA92B899A0FC36
Code:
ATTFilter 2013-08-13 07:12:20 . 2013-08-13 07:12:20 92 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
2013-08-13 07:12:17 . 2013-08-13 07:12:17 377 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47}.reg.dat
2013-08-13 07:12:03 . 2013-08-13 07:12:03 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
2013-08-13 07:12:03 . 2013-08-13 07:12:03 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
2013-08-13 07:12:03 . 2013-08-13 07:12:03 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}.reg.dat
2013-08-13 07:12:02 . 2013-08-13 07:12:02 104 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-Locked.reg.dat
2013-08-13 07:08:11 . 2013-08-13 07:08:11 14,137 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2013-08-13 07:02:06 . 2013-08-13 07:02:06 51 ----a-w- C:\Qoobox\Quarantine\catchme.log
2007-06-12 17:34:50 . 2007-06-12 17:34:50 35,822 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\Common Files\ASPG_icon.ico.vir
Code:
ATTFilter 09:43:37.0601 4804 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:43:37.0803 4804 ============================================================
09:43:37.0803 4804 Current date / time: 2013/08/13 09:43:37.0803
09:43:37.0803 4804 SystemInfo:
09:43:37.0803 4804
09:43:37.0803 4804 OS Version: 6.1.7601 ServicePack: 1.0
09:43:37.0803 4804 Product type: Workstation
09:43:37.0803 4804 ComputerName: CHRISTINE-PC
09:43:37.0803 4804 UserName: Christine
09:43:37.0803 4804 Windows directory: C:\Windows
09:43:37.0803 4804 System windows directory: C:\Windows
09:43:37.0803 4804 Running under WOW64
09:43:37.0803 4804 Processor architecture: Intel x64
09:43:37.0803 4804 Number of processors: 2
09:43:37.0803 4804 Page size: 0x1000
09:43:37.0803 4804 Boot type: Normal boot
09:43:37.0803 4804 ============================================================
09:43:39.0005 4804 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:43:39.0005 4804 ============================================================
09:43:39.0005 4804 \Device\Harddisk0\DR0:
09:43:39.0005 4804 MBR partitions:
09:43:39.0005 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0xE8E1800
09:43:39.0036 4804 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062D800, BlocksNum 0x29D58000
09:43:39.0036 4804 ============================================================
09:43:39.0067 4804 C: <-> \Device\Harddisk0\DR0\Partition1
09:43:39.0098 4804 D: <-> \Device\Harddisk0\DR0\Partition2
09:43:39.0098 4804 ============================================================
09:43:39.0098 4804 Initialize success
09:43:39.0098 4804 ============================================================
09:44:32.0793 0636 ============================================================
09:44:32.0793 0636 Scan started
09:44:32.0793 0636 Mode: Manual; SigCheck; TDLFS;
09:44:32.0809 0636 ============================================================
09:44:33.0480 0636 ================ Scan system memory ========================
09:44:33.0480 0636 System memory - ok
09:44:33.0480 0636 ================ Scan services =============================
09:44:33.0605 0636 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:44:33.0776 0636 1394ohci - ok
09:44:33.0807 0636 A2DDA - ok
09:44:33.0854 0636 [ 769098B5FA5C18DD40A1CC302D5F84C0 ] acfva C:\Windows\system32\DRIVERS\ACFVA64.sys
09:44:33.0917 0636 acfva - ok
09:44:34.0010 0636 [ D67C517B4EEC71B975CC913BA2625C54 ] AcfXAudioService C:\Windows\SysWOW64\ACFXAU64.dll
09:44:34.0057 0636 AcfXAudioService - ok
09:44:34.0104 0636 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:44:34.0135 0636 ACPI - ok
09:44:34.0166 0636 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:44:34.0244 0636 AcpiPmi - ok
09:44:34.0353 0636 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:44:34.0369 0636 AdobeARMservice - ok
09:44:34.0447 0636 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:44:34.0478 0636 AdobeFlashPlayerUpdateSvc - ok
09:44:34.0525 0636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:44:34.0587 0636 adp94xx - ok
09:44:34.0619 0636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:44:34.0650 0636 adpahci - ok
09:44:34.0681 0636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:44:34.0697 0636 adpu320 - ok
09:44:34.0775 0636 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
09:44:34.0821 0636 ADSMService ( UnsignedFile.Multi.Generic ) - warning
09:44:34.0821 0636 ADSMService - detected UnsignedFile.Multi.Generic (1)
09:44:34.0853 0636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:44:35.0009 0636 AeLookupSvc - ok
09:44:35.0071 0636 [ 114C042FF784B4C5670290A661799357 ] AFBAgent C:\Windows\system32\FBAgent.exe
09:44:35.0149 0636 AFBAgent - ok
09:44:35.0196 0636 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:44:35.0274 0636 AFD - ok
09:44:35.0321 0636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:44:35.0336 0636 agp440 - ok
09:44:35.0367 0636 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:44:35.0414 0636 ALG - ok
09:44:35.0461 0636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:44:35.0492 0636 aliide - ok
09:44:35.0508 0636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:44:35.0523 0636 amdide - ok
09:44:35.0555 0636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:44:35.0633 0636 AmdK8 - ok
09:44:35.0648 0636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:44:35.0711 0636 AmdPPM - ok
09:44:35.0757 0636 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:44:35.0773 0636 amdsata - ok
09:44:35.0804 0636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:44:35.0820 0636 amdsbs - ok
09:44:35.0835 0636 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:44:35.0867 0636 amdxata - ok
09:44:35.0882 0636 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
09:44:35.0929 0636 AmUStor - ok
09:44:36.0023 0636 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:44:36.0038 0636 AntiVirSchedulerService - ok
09:44:36.0085 0636 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:44:36.0101 0636 AntiVirService - ok
09:44:36.0147 0636 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:44:36.0350 0636 AppID - ok
09:44:36.0381 0636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:44:36.0444 0636 AppIDSvc - ok
09:44:36.0491 0636 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
09:44:36.0584 0636 Appinfo - ok
09:44:36.0631 0636 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:44:36.0662 0636 AppMgmt - ok
09:44:36.0709 0636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:44:36.0725 0636 arc - ok
09:44:36.0740 0636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:44:36.0756 0636 arcsas - ok
09:44:36.0787 0636 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
09:44:36.0803 0636 AsDsm - ok
09:44:36.0849 0636 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
09:44:36.0865 0636 ASLDRService - ok
09:44:36.0912 0636 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
09:44:36.0927 0636 ASMMAP64 - ok
09:44:36.0959 0636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:37.0052 0636 AsyncMac - ok
09:44:37.0099 0636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:44:37.0130 0636 atapi - ok
09:44:37.0224 0636 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:44:37.0427 0636 athr - ok
09:44:37.0458 0636 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
09:44:37.0473 0636 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
09:44:37.0473 0636 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
09:44:37.0536 0636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:44:37.0645 0636 AudioEndpointBuilder - ok
09:44:37.0692 0636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:44:37.0739 0636 AudioSrv - ok
09:44:37.0785 0636 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:44:37.0801 0636 avgntflt - ok
09:44:37.0848 0636 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:44:37.0895 0636 avipbb - ok
09:44:37.0926 0636 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:44:37.0941 0636 avkmgr - ok
09:44:38.0004 0636 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:44:38.0113 0636 AxInstSV - ok
09:44:38.0160 0636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:44:38.0207 0636 b06bdrv - ok
09:44:38.0253 0636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:44:38.0316 0636 b57nd60a - ok
09:44:38.0363 0636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:44:38.0409 0636 BDESVC - ok
09:44:38.0425 0636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:44:38.0487 0636 Beep - ok
09:44:38.0550 0636 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:44:38.0643 0636 BFE - ok
09:44:38.0675 0636 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
09:44:38.0799 0636 BITS - ok
09:44:38.0846 0636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:44:38.0893 0636 blbdrive - ok
09:44:38.0940 0636 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:39.0002 0636 bowser - ok
09:44:39.0049 0636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:44:39.0143 0636 BrFiltLo - ok
09:44:39.0174 0636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:44:39.0221 0636 BrFiltUp - ok
09:44:39.0283 0636 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:44:39.0361 0636 BridgeMP - ok
09:44:39.0408 0636 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:44:39.0455 0636 Browser - ok
09:44:39.0486 0636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:39.0533 0636 Brserid - ok
09:44:39.0548 0636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:39.0564 0636 BrSerWdm - ok
09:44:39.0595 0636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:39.0642 0636 BrUsbMdm - ok
09:44:39.0673 0636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:39.0704 0636 BrUsbSer - ok
09:44:39.0735 0636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:44:39.0798 0636 BTHMODEM - ok
09:44:39.0845 0636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:44:39.0923 0636 bthserv - ok
09:44:39.0985 0636 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
09:44:40.0001 0636 BVRPMPR5a64 - ok
09:44:40.0016 0636 catchme - ok
09:44:40.0047 0636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:40.0110 0636 cdfs - ok
09:44:40.0157 0636 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:44:40.0219 0636 cdrom - ok
09:44:40.0266 0636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:40.0328 0636 CertPropSvc - ok
09:44:40.0375 0636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:44:40.0406 0636 circlass - ok
09:44:40.0437 0636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:44:40.0469 0636 CLFS - ok
09:44:40.0547 0636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:40.0562 0636 clr_optimization_v2.0.50727_32 - ok
09:44:40.0625 0636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:44:40.0656 0636 clr_optimization_v2.0.50727_64 - ok
09:44:40.0734 0636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:40.0765 0636 clr_optimization_v4.0.30319_32 - ok
09:44:40.0781 0636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:44:40.0796 0636 clr_optimization_v4.0.30319_64 - ok
09:44:40.0827 0636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:44:40.0874 0636 CmBatt - ok
09:44:40.0905 0636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:40.0937 0636 cmdide - ok
09:44:40.0983 0636 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:41.0015 0636 CNG - ok
09:44:41.0046 0636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:44:41.0077 0636 Compbatt - ok
09:44:41.0108 0636 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:44:41.0139 0636 CompositeBus - ok
09:44:41.0155 0636 COMSysApp - ok
09:44:41.0186 0636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:44:41.0202 0636 crcdisk - ok
09:44:41.0249 0636 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:41.0280 0636 CryptSvc - ok
09:44:41.0327 0636 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:44:41.0405 0636 CSC - ok
09:44:41.0436 0636 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:44:41.0498 0636 CscService - ok
09:44:41.0545 0636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:41.0607 0636 DcomLaunch - ok
09:44:41.0654 0636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:41.0717 0636 defragsvc - ok
09:44:41.0748 0636 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:41.0826 0636 DfsC - ok
09:44:41.0857 0636 [ BB3003D9DB0D3B18B3284CCFD57F3C3F ] dgcfltr C:\Windows\system32\DRIVERS\ACFDCP64.sys
09:44:41.0888 0636 dgcfltr - ok
09:44:41.0935 0636 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:42.0029 0636 Dhcp - ok
09:44:42.0060 0636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:44:42.0122 0636 discache - ok
09:44:42.0169 0636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:44:42.0185 0636 Disk - ok
09:44:42.0216 0636 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:42.0278 0636 Dnscache - ok
09:44:42.0325 0636 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:42.0434 0636 dot3svc - ok
09:44:42.0465 0636 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:44:42.0512 0636 Dot4 - ok
09:44:42.0559 0636 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
09:44:42.0606 0636 Dot4Print - ok
09:44:42.0637 0636 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:44:42.0668 0636 dot4usb - ok
09:44:42.0699 0636 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:44:42.0746 0636 DPS - ok
09:44:42.0809 0636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:42.0855 0636 drmkaud - ok
09:44:42.0902 0636 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:42.0949 0636 DXGKrnl - ok
09:44:42.0980 0636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:44:43.0058 0636 EapHost - ok
09:44:43.0152 0636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:44:43.0323 0636 ebdrv - ok
09:44:43.0355 0636 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:44:43.0386 0636 EFS - ok
09:44:43.0448 0636 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:43.0511 0636 ehRecvr - ok
09:44:43.0542 0636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:44:43.0589 0636 ehSched - ok
09:44:43.0667 0636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:44:43.0713 0636 elxstor - ok
09:44:43.0729 0636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:43.0776 0636 ErrDev - ok
09:44:43.0823 0636 [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:44:43.0854 0636 ETD - ok
09:44:43.0932 0636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:44:44.0025 0636 EventSystem - ok
09:44:44.0072 0636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:44.0166 0636 exfat - ok
09:44:44.0181 0636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:44.0259 0636 fastfat - ok
09:44:44.0306 0636 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:44:44.0369 0636 Fax - ok
09:44:44.0384 0636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:44:44.0431 0636 fdc - ok
09:44:44.0478 0636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:44.0540 0636 fdPHost - ok
09:44:44.0571 0636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:44.0634 0636 FDResPub - ok
09:44:44.0665 0636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:44.0681 0636 FileInfo - ok
09:44:44.0712 0636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:44.0805 0636 Filetrace - ok
09:44:44.0837 0636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:44:44.0883 0636 flpydisk - ok
09:44:44.0930 0636 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:44.0961 0636 FltMgr - ok
09:44:45.0024 0636 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:44:45.0086 0636 FontCache - ok
09:44:45.0149 0636 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:44:45.0164 0636 FontCache3.0.0.0 - ok
09:44:45.0195 0636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:45.0242 0636 FsDepends - ok
09:44:45.0273 0636 [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:44:45.0289 0636 fssfltr - ok
09:44:45.0336 0636 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:44:45.0367 0636 fsssvc - ok
09:44:45.0383 0636 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:45.0414 0636 Fs_Rec - ok
09:44:45.0461 0636 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:45.0492 0636 fvevol - ok
09:44:45.0507 0636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:44:45.0523 0636 gagp30kx - ok
09:44:45.0570 0636 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:45.0679 0636 gpsvc - ok
09:44:45.0741 0636 [ BD68FC3A2D744D3A397D625CB44E0753 ] GUCI_AVS C:\Windows\system32\DRIVERS\GUCI_AVS.sys
09:44:45.0819 0636 GUCI_AVS - ok
09:44:45.0866 0636 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:45.0897 0636 gupdate - ok
09:44:45.0929 0636 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:45.0944 0636 gupdatem - ok
09:44:45.0960 0636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:45.0975 0636 hcw85cir - ok
09:44:46.0022 0636 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:44:46.0085 0636 HdAudAddService - ok
09:44:46.0131 0636 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:44:46.0178 0636 HDAudBus - ok
09:44:46.0209 0636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:44:46.0241 0636 HidBatt - ok
09:44:46.0272 0636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:44:46.0303 0636 HidBth - ok
09:44:46.0334 0636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:44:46.0365 0636 HidIr - ok
09:44:46.0412 0636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:44:46.0506 0636 hidserv - ok
09:44:46.0553 0636 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:44:46.0584 0636 HidUsb - ok
09:44:46.0615 0636 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:46.0677 0636 hkmsvc - ok
09:44:46.0709 0636 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:46.0787 0636 HomeGroupListener - ok
09:44:46.0818 0636 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:46.0865 0636 HomeGroupProvider - ok
09:44:46.0958 0636 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
09:44:46.0989 0636 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
09:44:46.0989 0636 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
09:44:47.0021 0636 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
09:44:47.0036 0636 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
09:44:47.0036 0636 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
09:44:47.0099 0636 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:47.0130 0636 HpSAMD - ok
09:44:47.0177 0636 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:44:47.0223 0636 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
09:44:47.0223 0636 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
09:44:47.0270 0636 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:47.0333 0636 HTTP - ok
09:44:47.0364 0636 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:47.0379 0636 hwpolicy - ok
09:44:47.0426 0636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:44:47.0473 0636 i8042prt - ok
09:44:47.0504 0636 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:44:47.0535 0636 iaStor - ok
09:44:47.0551 0636 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:47.0582 0636 iaStorV - ok
09:44:47.0645 0636 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:44:47.0691 0636 idsvc - ok
09:44:47.0941 0636 [ 8814F0B9A09C647D3D7BE735450E7B4C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:44:48.0300 0636 igfx - ok
09:44:48.0347 0636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:44:48.0362 0636 iirsp - ok
09:44:48.0393 0636 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:48.0487 0636 IKEEXT - ok
09:44:48.0518 0636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:48.0549 0636 intelide - ok
09:44:48.0581 0636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:48.0612 0636 intelppm - ok
09:44:48.0659 0636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:48.0752 0636 IPBusEnum - ok
09:44:48.0799 0636 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:48.0877 0636 IpFilterDriver - ok
09:44:48.0908 0636 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:44:48.0971 0636 iphlpsvc - ok
09:44:49.0002 0636 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:49.0049 0636 IPMIDRV - ok
09:44:49.0080 0636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:49.0127 0636 IPNAT - ok
09:44:49.0158 0636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:49.0267 0636 IRENUM - ok
09:44:49.0298 0636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:49.0314 0636 isapnp - ok
09:44:49.0329 0636 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:49.0361 0636 iScsiPrt - ok
09:44:49.0392 0636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:44:49.0407 0636 kbdclass - ok
09:44:49.0470 0636 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:44:49.0501 0636 kbdhid - ok
09:44:49.0548 0636 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:44:49.0579 0636 kbfiltr - ok
09:44:49.0595 0636 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:44:49.0610 0636 KeyIso - ok
09:44:49.0657 0636 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:49.0673 0636 KSecDD - ok
09:44:49.0704 0636 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:49.0719 0636 KSecPkg - ok
09:44:49.0751 0636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:44:49.0844 0636 ksthunk - ok
09:44:49.0891 0636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:50.0000 0636 KtmRm - ok
09:44:50.0047 0636 [ B8E670D7EF61615FA03104552854FAC9 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
09:44:50.0094 0636 L1E - ok
09:44:50.0141 0636 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:44:50.0219 0636 LanmanServer - ok
09:44:50.0250 0636 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:50.0328 0636 LanmanWorkstation - ok
09:44:50.0375 0636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:50.0453 0636 lltdio - ok
09:44:50.0484 0636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:50.0546 0636 lltdsvc - ok
09:44:50.0577 0636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:50.0640 0636 lmhosts - ok
09:44:50.0687 0636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:44:50.0702 0636 LSI_FC - ok
09:44:50.0733 0636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:44:50.0749 0636 LSI_SAS - ok
09:44:50.0765 0636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:44:50.0780 0636 LSI_SAS2 - ok
09:44:50.0827 0636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:44:50.0843 0636 LSI_SCSI - ok
09:44:50.0874 0636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:50.0936 0636 luafv - ok
09:44:50.0967 0636 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
09:44:50.0983 0636 lullaby - ok
09:44:50.0999 0636 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:51.0045 0636 Mcx2Svc - ok
09:44:51.0077 0636 [ A3B8F49446F15931E46380151E73221F ] mdmxsdk C:\Windows\system32\DRIVERS\ACFSDK64.sys
09:44:51.0108 0636 mdmxsdk - ok
09:44:51.0139 0636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:44:51.0155 0636 megasas - ok
09:44:51.0186 0636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:44:51.0201 0636 MegaSR - ok
09:44:51.0233 0636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:44:51.0311 0636 MMCSS - ok
09:44:51.0342 0636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:51.0389 0636 Modem - ok
09:44:51.0420 0636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:51.0451 0636 monitor - ok
09:44:51.0482 0636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:44:51.0498 0636 mouclass - ok
09:44:51.0529 0636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:51.0560 0636 mouhid - ok
09:44:51.0591 0636 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:51.0623 0636 mountmgr - ok
09:44:51.0701 0636 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:44:51.0716 0636 MozillaMaintenance - ok
09:44:51.0779 0636 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:44:51.0825 0636 MpFilter - ok
09:44:51.0872 0636 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:51.0903 0636 mpio - ok
09:44:51.0950 0636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:51.0997 0636 mpsdrv - ok
09:44:52.0044 0636 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:44:52.0106 0636 MpsSvc - ok
09:44:52.0122 0636 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:52.0169 0636 MRxDAV - ok
09:44:52.0200 0636 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:52.0262 0636 mrxsmb - ok
09:44:52.0293 0636 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:52.0340 0636 mrxsmb10 - ok
09:44:52.0356 0636 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:52.0403 0636 mrxsmb20 - ok
09:44:52.0434 0636 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:52.0434 0636 msahci - ok
09:44:52.0465 0636 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:52.0481 0636 msdsm - ok
09:44:52.0496 0636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:52.0527 0636 MSDTC - ok
09:44:52.0590 0636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:52.0652 0636 Msfs - ok
09:44:52.0668 0636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:52.0715 0636 mshidkmdf - ok
09:44:52.0730 0636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:52.0746 0636 msisadrv - ok
09:44:52.0793 0636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:52.0886 0636 MSiSCSI - ok
09:44:52.0902 0636 msiserver - ok
09:44:52.0933 0636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:52.0980 0636 MSKSSRV - ok
09:44:53.0058 0636 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:44:53.0089 0636 MsMpSvc - ok
09:44:53.0105 0636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:53.0167 0636 MSPCLOCK - ok
09:44:53.0183 0636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:53.0261 0636 MSPQM - ok
09:44:53.0292 0636 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:53.0323 0636 MsRPC - ok
09:44:53.0354 0636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:44:53.0370 0636 mssmbios - ok
09:44:53.0401 0636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:53.0463 0636 MSTEE - ok
09:44:53.0495 0636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:44:53.0526 0636 MTConfig - ok
09:44:53.0557 0636 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
09:44:53.0573 0636 MTsensor - ok
09:44:53.0604 0636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:53.0635 0636 Mup - ok
09:44:53.0682 0636 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:44:53.0744 0636 napagent - ok
09:44:53.0775 0636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:53.0822 0636 NativeWifiP - ok
09:44:53.0869 0636 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:53.0900 0636 NDIS - ok
09:44:53.0947 0636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:53.0994 0636 NdisCap - ok
09:44:54.0025 0636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:54.0072 0636 NdisTapi - ok
09:44:54.0103 0636 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:54.0150 0636 Ndisuio - ok
09:44:54.0197 0636 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:54.0259 0636 NdisWan - ok
09:44:54.0290 0636 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:54.0321 0636 NDProxy - ok
09:44:54.0384 0636 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:44:54.0415 0636 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:44:54.0415 0636 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:44:54.0446 0636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:54.0540 0636 NetBIOS - ok
09:44:54.0587 0636 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:54.0649 0636 NetBT - ok
09:44:54.0680 0636 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:44:54.0696 0636 Netlogon - ok
09:44:54.0727 0636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:44:54.0805 0636 Netman - ok
09:44:54.0836 0636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:44:54.0899 0636 netprofm - ok
09:44:54.0930 0636 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:54.0945 0636 NetTcpPortSharing - ok
09:44:54.0977 0636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:44:54.0992 0636 nfrd960 - ok
09:44:55.0055 0636 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:44:55.0101 0636 NisDrv - ok
09:44:55.0117 0636 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:44:55.0148 0636 NisSrv - ok
09:44:55.0179 0636 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:55.0242 0636 NlaSvc - ok
09:44:55.0289 0636 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
09:44:55.0335 0636 nmwcd - ok
09:44:55.0367 0636 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
09:44:55.0413 0636 nmwcdc - ok
09:44:55.0476 0636 [ F59F8CF59F7905622686637177E2A828 ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
09:44:55.0538 0636 nmwcdnsucx64 - ok
09:44:55.0585 0636 [ A0E7F80157AF77B1CEAA8ADD3A3E7D85 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
09:44:55.0663 0636 nmwcdnsux64 - ok
09:44:55.0694 0636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:55.0757 0636 Npfs - ok
09:44:55.0788 0636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:44:55.0850 0636 nsi - ok
09:44:55.0866 0636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:55.0913 0636 nsiproxy - ok
09:44:55.0991 0636 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:56.0162 0636 Ntfs - ok
09:44:56.0178 0636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:44:56.0240 0636 Null - ok
09:44:56.0271 0636 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:56.0287 0636 nvraid - ok
09:44:56.0303 0636 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:56.0318 0636 nvstor - ok
09:44:56.0349 0636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:56.0365 0636 nv_agp - ok
09:44:56.0474 0636 [ 649791F5B905E6A8ECCED15AD8EFD436 ] OberonGameConsoleService C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
09:44:56.0521 0636 OberonGameConsoleService - ok
09:44:56.0537 0636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:56.0568 0636 ohci1394 - ok
09:44:56.0630 0636 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:56.0646 0636 ose - ok
09:44:56.0693 0636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:56.0771 0636 p2pimsvc - ok
09:44:56.0817 0636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:56.0911 0636 p2psvc - ok
09:44:56.0942 0636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:44:56.0989 0636 Parport - ok
09:44:57.0020 0636 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:57.0051 0636 partmgr - ok
09:44:57.0083 0636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:57.0129 0636 PcaSvc - ok
09:44:57.0192 0636 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
09:44:57.0223 0636 pccsmcfd - ok
09:44:57.0254 0636 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:44:57.0270 0636 pci - ok
09:44:57.0285 0636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:57.0301 0636 pciide - ok
09:44:57.0332 0636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:44:57.0348 0636 pcmcia - ok
09:44:57.0363 0636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:57.0395 0636 pcw - ok
09:44:57.0410 0636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:57.0519 0636 PEAUTH - ok
09:44:57.0582 0636 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:44:57.0691 0636 PeerDistSvc - ok
09:44:57.0753 0636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:44:57.0785 0636 PerfHost - ok
09:44:57.0847 0636 pfc - ok
09:44:57.0878 0636 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:44:58.0019 0636 pla - ok
09:44:58.0050 0636 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:58.0112 0636 PlugPlay - ok
09:44:58.0159 0636 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:44:58.0206 0636 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:44:58.0206 0636 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:44:58.0221 0636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:58.0253 0636 PNRPAutoReg - ok
09:44:58.0268 0636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:58.0299 0636 PNRPsvc - ok
09:44:58.0331 0636 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:58.0377 0636 PolicyAgent - ok
09:44:58.0424 0636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:44:58.0518 0636 Power - ok
09:44:58.0533 0636 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:58.0580 0636 PptpMiniport - ok
09:44:58.0611 0636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:44:58.0643 0636 Processor - ok
09:44:58.0674 0636 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:58.0721 0636 ProfSvc - ok
09:44:58.0736 0636 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:58.0767 0636 ProtectedStorage - ok
09:44:58.0799 0636 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:58.0845 0636 Psched - ok
09:44:58.0908 0636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:44:58.0986 0636 ql2300 - ok
09:44:59.0017 0636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:44:59.0033 0636 ql40xx - ok
09:44:59.0064 0636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:44:59.0111 0636 QWAVE - ok
09:44:59.0126 0636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:59.0173 0636 QWAVEdrv - ok
09:44:59.0204 0636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:59.0251 0636 RasAcd - ok
09:44:59.0345 0636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:59.0438 0636 RasAgileVpn - ok
09:44:59.0454 0636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:59.0532 0636 RasAuto - ok
09:44:59.0563 0636 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:59.0625 0636 Rasl2tp - ok
09:44:59.0688 0636 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:44:59.0781 0636 RasMan - ok
09:44:59.0813 0636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:59.0875 0636 RasPppoe - ok
09:44:59.0906 0636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:59.0969 0636 RasSstp - ok
09:45:00.0000 0636 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:45:00.0062 0636 rdbss - ok
09:45:00.0093 0636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:45:00.0125 0636 rdpbus - ok
09:45:00.0171 0636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:45:00.0249 0636 RDPCDD - ok
09:45:00.0281 0636 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:45:00.0327 0636 RDPDR - ok
09:45:00.0374 0636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:45:00.0437 0636 RDPENCDD - ok
09:45:00.0468 0636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:45:00.0499 0636 RDPREFMP - ok
09:45:00.0546 0636 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:45:00.0577 0636 RDPWD - ok
09:45:00.0624 0636 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:45:00.0655 0636 rdyboost - ok
09:45:00.0686 0636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:45:00.0749 0636 RemoteAccess - ok
09:45:00.0780 0636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:45:00.0827 0636 RemoteRegistry - ok
09:45:00.0920 0636 [ 8CFCA7E2FD4B57C2BEF929C1C1A4C56E ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
09:45:00.0936 0636 RichVideo - ok
09:45:00.0983 0636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:45:01.0045 0636 RpcEptMapper - ok
09:45:01.0076 0636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:45:01.0107 0636 RpcLocator - ok
09:45:01.0139 0636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:45:01.0201 0636 RpcSs - ok
09:45:01.0232 0636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:45:01.0295 0636 rspndr - ok
09:45:01.0326 0636 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:45:01.0357 0636 s3cap - ok
09:45:01.0388 0636 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:45:01.0404 0636 SamSs - ok
09:45:01.0419 0636 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:45:01.0451 0636 sbp2port - ok
09:45:01.0466 0636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:45:01.0544 0636 SCardSvr - ok
09:45:01.0575 0636 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:45:01.0638 0636 scfilter - ok
09:45:01.0685 0636 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:45:01.0794 0636 Schedule - ok
09:45:01.0825 0636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:45:01.0872 0636 SCPolicySvc - ok
09:45:01.0887 0636 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:45:01.0950 0636 SDRSVC - ok
09:45:01.0997 0636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:45:02.0075 0636 secdrv - ok
09:45:02.0121 0636 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:45:02.0184 0636 seclogon - ok
09:45:02.0215 0636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:45:02.0277 0636 SENS - ok
09:45:02.0309 0636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:45:02.0355 0636 SensrSvc - ok
09:45:02.0387 0636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:45:02.0433 0636 Serenum - ok
09:45:02.0480 0636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:45:02.0527 0636 Serial - ok
09:45:02.0543 0636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:45:02.0574 0636 sermouse - ok
09:45:02.0683 0636 [ 289E853881E688286AD24299FCC485D8 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
09:45:02.0730 0636 ServiceLayer - ok
09:45:02.0761 0636 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:45:02.0823 0636 SessionEnv - ok
09:45:02.0855 0636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:45:02.0886 0636 sffdisk - ok
09:45:02.0901 0636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:45:02.0917 0636 sffp_mmc - ok
09:45:02.0933 0636 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:45:02.0964 0636 sffp_sd - ok
09:45:03.0011 0636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:45:03.0042 0636 sfloppy - ok
09:45:03.0089 0636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:45:03.0167 0636 SharedAccess - ok
09:45:03.0213 0636 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:45:03.0276 0636 ShellHWDetection - ok
09:45:03.0307 0636 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:45:03.0338 0636 SiSGbeLH - ok
09:45:03.0354 0636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:45:03.0369 0636 SiSRaid2 - ok
09:45:03.0385 0636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:45:03.0416 0636 SiSRaid4 - ok
09:45:03.0432 0636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:45:03.0463 0636 Smb - ok
09:45:03.0510 0636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:45:03.0541 0636 SNMPTRAP - ok
09:45:03.0557 0636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:45:03.0572 0636 spldr - ok
09:45:03.0603 0636 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:45:03.0666 0636 Spooler - ok
09:45:03.0791 0636 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:45:03.0978 0636 sppsvc - ok
09:45:04.0009 0636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:45:04.0087 0636 sppuinotify - ok
09:45:04.0134 0636 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:45:04.0196 0636 srv - ok
09:45:04.0227 0636 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:45:04.0274 0636 srv2 - ok
09:45:04.0305 0636 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:45:04.0368 0636 srvnet - ok
09:45:04.0415 0636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:45:04.0508 0636 SSDPSRV - ok
09:45:04.0539 0636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:45:04.0571 0636 SstpSvc - ok
09:45:04.0602 0636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:45:04.0617 0636 stexstor - ok
09:45:04.0680 0636 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:45:04.0773 0636 stisvc - ok
09:45:04.0820 0636 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:45:04.0851 0636 storflt - ok
09:45:04.0867 0636 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:45:04.0914 0636 StorSvc - ok
09:45:04.0945 0636 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:45:04.0961 0636 storvsc - ok
09:45:05.0023 0636 [ 0857B76E4F95E2B0CDFF575762158AB2 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
09:45:05.0070 0636 SWDUMon - ok
09:45:05.0085 0636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:45:05.0101 0636 swenum - ok
09:45:05.0132 0636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:45:05.0195 0636 swprv - ok
09:45:05.0257 0636 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:45:05.0351 0636 SysMain - ok
09:45:05.0382 0636 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:45:05.0429 0636 TabletInputService - ok
09:45:05.0460 0636 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:45:05.0538 0636 TapiSrv - ok
09:45:05.0569 0636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:45:05.0616 0636 TBS - ok
09:45:05.0678 0636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:45:05.0756 0636 Tcpip - ok
09:45:05.0803 0636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:45:05.0850 0636 TCPIP6 - ok
09:45:05.0881 0636 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:45:05.0912 0636 tcpipreg - ok
09:45:05.0959 0636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:45:05.0990 0636 TDPIPE - ok
09:45:06.0021 0636 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:45:06.0037 0636 TDTCP - ok
09:45:06.0084 0636 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:45:06.0162 0636 tdx - ok
09:45:06.0209 0636 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:45:06.0240 0636 TermDD - ok
09:45:06.0255 0636 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:45:06.0333 0636 TermService - ok
09:45:06.0365 0636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:45:06.0411 0636 Themes - ok
09:45:06.0443 0636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:45:06.0489 0636 THREADORDER - ok
09:45:06.0552 0636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:45:06.0614 0636 TrkWks - ok
09:45:06.0692 0636 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:45:06.0786 0636 TrustedInstaller - ok
09:45:06.0833 0636 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:45:06.0911 0636 tssecsrv - ok
09:45:06.0942 0636 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:45:06.0957 0636 TsUsbFlt - ok
09:45:07.0004 0636 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:45:07.0067 0636 tunnel - ok
09:45:07.0098 0636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:45:07.0129 0636 uagp35 - ok
09:45:07.0160 0636 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:45:07.0254 0636 udfs - ok
09:45:07.0301 0636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:45:07.0332 0636 UI0Detect - ok
09:45:07.0363 0636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:45:07.0379 0636 uliagpkx - ok
09:45:07.0425 0636 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:45:07.0457 0636 umbus - ok
09:45:07.0503 0636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:45:07.0535 0636 UmPass - ok
09:45:07.0566 0636 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:45:07.0613 0636 UmRdpService - ok
09:45:07.0644 0636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:45:07.0706 0636 upnphost - ok
09:45:07.0753 0636 [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
09:45:07.0800 0636 upperdev - ok
09:45:07.0831 0636 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:45:07.0862 0636 usbccgp - ok
09:45:07.0893 0636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:45:07.0940 0636 usbcir - ok
09:45:07.0956 0636 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:45:07.0987 0636 usbehci - ok
09:45:08.0018 0636 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:45:08.0065 0636 usbhub - ok
09:45:08.0096 0636 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:45:08.0112 0636 usbohci - ok
09:45:08.0143 0636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:45:08.0190 0636 usbprint - ok
09:45:08.0221 0636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:45:08.0252 0636 usbscan - ok
09:45:08.0299 0636 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
09:45:08.0346 0636 usbser - ok
09:45:08.0377 0636 [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
09:45:08.0439 0636 UsbserFilt - ok
09:45:08.0471 0636 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:45:08.0549 0636 USBSTOR - ok
09:45:08.0580 0636 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:45:08.0642 0636 usbuhci - ok
09:45:08.0689 0636 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:45:08.0751 0636 usbvideo - ok
09:45:08.0783 0636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:45:08.0861 0636 UxSms - ok
09:45:08.0892 0636 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:45:08.0907 0636 VaultSvc - ok
09:45:08.0939 0636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:45:08.0954 0636 vdrvroot - ok
09:45:08.0985 0636 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:45:09.0063 0636 vds - ok
09:45:09.0110 0636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:45:09.0141 0636 vga - ok
09:45:09.0157 0636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:45:09.0204 0636 VgaSave - ok
09:45:09.0219 0636 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:45:09.0235 0636 vhdmp - ok
09:45:09.0297 0636 [ FE595D1A1B781190BB483444B62CC607 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
09:45:09.0375 0636 VIAHdAudAddService - ok
09:45:09.0407 0636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:45:09.0422 0636 viaide - ok
09:45:09.0438 0636 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:45:09.0469 0636 vmbus - ok
09:45:09.0485 0636 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:45:09.0500 0636 VMBusHID - ok
09:45:09.0516 0636 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:45:09.0547 0636 volmgr - ok
09:45:09.0578 0636 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:45:09.0625 0636 volmgrx - ok
09:45:09.0641 0636 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:45:09.0672 0636 volsnap - ok
09:45:09.0719 0636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:45:09.0734 0636 vsmraid - ok
09:45:09.0797 0636 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:45:09.0906 0636 VSS - ok
09:45:09.0921 0636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:45:09.0968 0636 vwifibus - ok
09:45:09.0999 0636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:45:10.0031 0636 vwififlt - ok
09:45:10.0062 0636 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:45:10.0109 0636 vwifimp - ok
09:45:10.0140 0636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:45:10.0187 0636 W32Time - ok
09:45:10.0218 0636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:45:10.0249 0636 WacomPen - ok
09:45:10.0296 0636 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:45:10.0374 0636 WANARP - ok
09:45:10.0389 0636 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:45:10.0421 0636 Wanarpv6 - ok
09:45:10.0499 0636 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:45:10.0561 0636 WatAdminSvc - ok
09:45:10.0623 0636 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:45:10.0717 0636 wbengine - ok
09:45:10.0748 0636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:45:10.0811 0636 WbioSrvc - ok
09:45:10.0842 0636 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:45:10.0904 0636 wcncsvc - ok
09:45:10.0920 0636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:45:10.0951 0636 WcsPlugInService - ok
09:45:10.0998 0636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:45:11.0013 0636 Wd - ok
09:45:11.0045 0636 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:45:11.0107 0636 Wdf01000 - ok
09:45:11.0123 0636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:45:11.0169 0636 WdiServiceHost - ok
09:45:11.0185 0636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:45:11.0216 0636 WdiSystemHost - ok
09:45:11.0247 0636 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:45:11.0310 0636 WebClient - ok
09:45:11.0341 0636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:45:11.0450 0636 Wecsvc - ok
09:45:11.0466 0636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:45:11.0544 0636 wercplsupport - ok
09:45:11.0575 0636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:45:11.0653 0636 WerSvc - ok
09:45:11.0684 0636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:45:11.0731 0636 WfpLwf - ok
09:45:11.0762 0636 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:45:11.0778 0636 WimFltr - ok
09:45:11.0809 0636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:45:11.0825 0636 WIMMount - ok
09:45:11.0856 0636 WinDefend - ok
09:45:11.0871 0636 WinHttpAutoProxySvc - ok
09:45:11.0918 0636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:45:11.0965 0636 Winmgmt - ok
09:45:12.0043 0636 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:45:12.0168 0636 WinRM - ok
09:45:12.0215 0636 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:45:12.0261 0636 WinUsb - ok
09:45:12.0308 0636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:45:12.0386 0636 Wlansvc - ok
09:45:12.0417 0636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:45:12.0449 0636 WmiAcpi - ok
09:45:12.0495 0636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:45:12.0527 0636 wmiApSrv - ok
09:45:12.0558 0636 WMPNetworkSvc - ok
09:45:12.0589 0636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:45:12.0636 0636 WPCSvc - ok
09:45:12.0667 0636 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:45:12.0698 0636 WPDBusEnum - ok
09:45:12.0729 0636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:45:12.0776 0636 ws2ifsl - ok
09:45:12.0807 0636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:45:12.0854 0636 wscsvc - ok
09:45:12.0870 0636 WSearch - ok
09:45:12.0948 0636 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:45:13.0057 0636 wuauserv - ok
09:45:13.0104 0636 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:45:13.0119 0636 WudfPf - ok
09:45:13.0135 0636 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:45:13.0166 0636 WUDFRd - ok
09:45:13.0197 0636 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:45:13.0229 0636 wudfsvc - ok
09:45:13.0260 0636 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:45:13.0307 0636 WwanSvc - ok
09:45:13.0338 0636 [ 747006E7B4029EFEF3E975F1DE09B4DA ] XAudio C:\Windows\system32\DRIVERS\ACFXAU64.sys
09:45:13.0353 0636 XAudio - ok
09:45:13.0385 0636 ================ Scan global ===============================
09:45:13.0416 0636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:45:13.0447 0636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:45:13.0478 0636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:45:13.0525 0636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:45:13.0572 0636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:45:13.0587 0636 [Global] - ok
09:45:13.0587 0636 ================ Scan MBR ==================================
09:45:13.0603 0636 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:45:14.0118 0636 \Device\Harddisk0\DR0 - ok
09:45:14.0118 0636 ================ Scan VBR ==================================
09:45:14.0133 0636 [ 6FDC9F2E29E423D77B9EFB03318A0A1C ] \Device\Harddisk0\DR0\Partition1
09:45:14.0133 0636 \Device\Harddisk0\DR0\Partition1 - ok
09:45:14.0165 0636 [ 0001F53C49BC355E8CD94CD576BC3411 ] \Device\Harddisk0\DR0\Partition2
09:45:14.0165 0636 \Device\Harddisk0\DR0\Partition2 - ok
09:45:14.0165 0636 ============================================================
09:45:14.0165 0636 Scan finished
09:45:14.0165 0636 ============================================================
09:45:14.0227 4392 Detected object count: 7
09:45:14.0227 4392 Actual detected object count: 7
09:47:40.0789 4392 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0789 4392 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0789 4392 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0789 4392 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0789 4392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0789 4392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0805 4392 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0805 4392 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0805 4392 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0805 4392 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0805 4392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0805 4392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:47:40.0805 4392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:47:40.0805 4392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Zenza |
| Themen zu Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy |
| adobe, antivir, antivirus, avira, avira searchfree toolbar, bingbar, browser, ccsetup, desktop, error, explorer, farbar, farbar recovery scan tool, festplatte, filescout.exe, firefox, flash player, helper, homepage, infizierte, installation, mozilla, nicht möglich, ntdll.dll, plug-in, pup.optional.opencandy, refresh, registry, richtlinie, security, services.exe, software, trojan.pup.optional.filescout.a, vista, windows |
Baum-Darstellung