| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Traps.Gen2 Trojaner von Avira entdeckt.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.05.2012, 13:01
| #1 |
 |  TR/Traps.Gen2 Trojaner von Avira entdeckt. Hey, ich hätte da ein Problem seit ein paar Tagen ist ein Trojaner auf meinem Pc  avira kommt jedes mal mit dem sicherheitshinweis und ich klicke jedesmal löschen. Bin auch schon in den Ordner gegangen wo der angebliche virus ist.. Dort habe ich ihn dann versucht 'unwiederuflich zu löschen' & dachte die sache ist getan,was sie aber nicht war , denn Avira schlug wieder alarm und als ich nach dem namen des virus suchte, war er plötzlich wieder da  Der Name ist : 80000032.@ Und er ist in dem Ordner : C:\Windows\Installer\{7bc8075f-9e51-c581-793a-466fde028d0d}\U Wahrscheinlich versteckt , und als ich gestern versuchte alle dateien in dem oben genannten Ordner zu löschen hat er(avira) auch noch TR/Atraps.gen gefunden Bitte hilft mir ihn so schnell wie möglich zu entfernen. vielen dank vornehiraus |
|
28.05.2012, 12:27
| #2 |
| /// Malwareteam    | TR/Traps.Gen2 Trojaner von Avira entdeckt. Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link:
__________________An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten?
__________________ |
|
28.05.2012, 14:17
| #3 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Ja was möchten sie denn noch wissen?
__________________versteh die anleitung nicht ganz  |
|
28.05.2012, 14:18
| #4 |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt. Führe die Tools unter Punkt 2 wie beschrieben aus und poste den Inhalt der erstelltten Logdateien hier in dein Thema!
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
29.05.2012, 16:52
| #5 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Danke ! :-) Otl Extra :OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.05.2012 15:03:59 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\W-7\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
767,55 Mb Total Physical Memory | 262,36 Mb Available Physical Memory | 34,18% Memory free
1,75 Gb Paging File | 0,94 Gb Available in Paging File | 53,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 122,93 Gb Free Space | 82,47% Space Free | Partition Type: NTFS
Computer Name: W-7-PC | User Name: W-7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F733E11-408E-11E1-B5FE-F04DA23A5C58}" = MSVCRT Redists
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24EEBC42-E244-452E-81C8-7998CAD9F6C3}" = Lern-o-Mat
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52EFF266-98B7-4094-BD24-65490ED8E45D}" = Facebook Messenger 2.1.4520.0
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F60FF4E-725D-4B28-0094-FDADF5E73647}" = NBA Live 2003
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2471277-4C40-44B8-9A5D-D170F237673C}" = TubeBox
"7-Zip" = 7-Zip 9.20
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Driver Magician_is1" = Driver Magician 3.49
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"Shockwave" = Shockwave
"TeamViewer 7" = TeamViewer 7
"THPS4_is1" = Tony Hawk's Pro Skater 4
"Trojan Remover_is1" = Trojan Remover 6.8.2
"TubeBox 3.5.3" = TubeBox
"UltraISO_is1" = UltraISO Premium V8.63
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
-------------------------------------------------------------------------- OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.05.2012 15:03:35 - Run 1 OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\W-7\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 767,55 Mb Total Physical Memory | 262,36 Mb Available Physical Memory | 34,18% Memory free 1,75 Gb Paging File | 0,94 Gb Available in Paging File | 53,53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,05 Gb Total Space | 122,93 Gb Free Space | 82,47% Space Free | Partition Type: NTFS Computer Name: W-7-PC | User Name: W-7 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.05.29 15:01:56 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\W-7\Desktop\OTL.exe PRC - [2012.05.08 19:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 19:52:38 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.05.08 19:52:33 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 19:52:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.07.16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.04.01 14:36:50 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 03:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE PRC - [2006.09.22 04:01:00 | 000,139,264 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBIE.EXE PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe ========== Modules (No Company Name) ========== MOD - [2012.05.05 18:33:23 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll MOD - [2012.01.09 20:44:20 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.04.01 14:36:49 | 001,952,696 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll MOD - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe ========== Win32 Services (SafeList) ========== SRV - [2012.05.08 19:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 19:52:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.05 18:33:24 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.04.01 14:36:51 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009.07.14 03:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007.05.31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2012.05.08 19:52:39 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 19:52:39 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.07.14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.14 01:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2009.07.14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009.07.14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS) DRV - [2009.05.05 09:58:30 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\videX32.sys -- (videX32) DRV - [2009.04.29 16:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86) DRV - [2008.01.19 05:30:50 | 000,068,096 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ac97via.sys -- (VIAudio) DRV - [2007.04.13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Programme\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006.10.09 21:55:00 | 004,428,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={CDFBC819-E9B5-4CAA-B86B-120CDBB0E484}&mid=0324b7f55f3547d1939ad1584f8b7021-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=ft011&pr=sa&d=2012-03-08 15:56:13&v=10.0.0.7&sap=hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E BA 08 3E FB E7 CC 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={CDFBC819-E9B5-4CAA-B86B-120CDBB0E484}&mid=0324b7f55f3547d1939ad1584f8b7021-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=ft011&pr=sa&d=2012-03-08 15:56:13&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B97bca86e-7938-4db6-92f7-00d52eaba979%7D&mid=0324b7f55f3547d1939ad1584f8b7021-06ce4fc639803a2e3563922518183d8e94088cb9&ds=ft011&v=10.2.0.3&lang=en&pr=sa&d=2012-03-08%2015%3A56%3A13&sap=ku&q=" FF - prefs.js..network.proxy.http: "157.181.228.181" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\W-7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\W-7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\W-7\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.01 14:36:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.09 18:21:25 | 000,000,000 | ---D | M] [2012.02.10 15:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\W-7\AppData\Roaming\mozilla\Extensions [2012.05.12 16:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\W-7\AppData\Roaming\mozilla\Firefox\Profiles\qak7miq2.default\extensions [2012.04.01 14:12:47 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\W-7\AppData\Roaming\mozilla\Firefox\Profiles\qak7miq2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.02.25 20:11:16 | 000,002,342 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icq-search.xml [2012.03.08 20:55:35 | 000,000,950 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin-1.xml [2012.04.01 17:28:12 | 000,000,950 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin-2.xml [2012.04.18 13:59:53 | 000,000,950 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin-3.xml [2010.04.01 14:37:35 | 000,000,950 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin-4.xml [2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin.gif [2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin.src [2012.02.26 14:42:37 | 000,000,950 | ---- | M] () -- C:\Users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\searchplugins\icqplugin.xml [2012.04.18 13:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.04.18 21:02:30 | 000,071,254 | ---- | M] () (No name found) -- C:\USERS\W-7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QAK7MIQ2.DEFAULT\EXTENSIONS\FIRENES@FACUNDO.ZALDO.XPI [2012.05.12 16:12:24 | 000,181,880 | ---- | M] () (No name found) -- C:\USERS\W-7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QAK7MIQ2.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2010.04.01 14:36:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.04.09 18:20:42 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.02.08 19:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 21:34:00 | 000,003,768 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012.02.08 19:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.02.08 19:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.02.08 19:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.08 19:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.08 19:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\W-7\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\W-7\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\W-7\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\W-7\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Users\W-7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.0_0\ CHR - Extension: YouTube = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Google-Suche = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Battlefield Play4Free = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\ CHR - Extension: Stealthy = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\1.1_0\ CHR - Extension: Google Mail = C:\Users\W-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [EPSON Stylus DX6000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [Facebook Update] C:\Users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\pnrpnsp.dll File not found O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FC0735C-36BB-4CFC-AD48-BE1FE82F4FB9}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.05.29 15:01:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\W-7\Desktop\OTL.exe [2012.05.28 10:53:37 | 000,000,000 | ---D | C] -- C:\Users\W-7\Desktop\versicherunbg [2012.05.28 10:12:51 | 000,000,000 | ---D | C] -- C:\Users\W-7\Documents\TubeBox [2012.05.28 10:12:51 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Local\IsolatedStorage [2012.05.28 10:10:35 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Local\Freemium TubeBox [2012.05.28 10:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemium TubeBox [2012.05.28 10:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Freemium [2012.05.28 10:09:55 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Roaming\Freemium [2012.05.27 15:10:31 | 000,000,000 | ---D | C] -- C:\Users\W-7\Desktop\Schrank bilder (1) [2012.05.24 17:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Russobit-M [2012.05.24 16:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr [2012.05.24 16:37:01 | 000,000,000 | ---D | C] -- C:\Program Files\Aspyr [2012.05.23 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\W-7\Documents\EA Games [2012.05.23 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games [2012.05.23 21:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2012.05.23 21:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\Activision [2012.05.23 13:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover [2012.05.22 22:57:49 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012.05.22 22:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Hijack [2012.05.22 22:55:41 | 000,000,000 | ---D | C] -- C:\Users\W-7\Desktop\Hijack [2012.05.22 22:54:11 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Roaming\Malwarebytes [2012.05.22 22:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.05.22 21:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\directx [2012.05.22 15:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.05.22 15:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.05.22 15:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA2KSTUFF [2012.05.20 21:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2012.05.20 21:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2012.05.19 16:12:49 | 000,000,000 | ---D | C] -- C:\Users\W-7\Desktop\Pics [2012.05.18 11:33:09 | 000,000,000 | ---D | C] -- C:\Users\W-7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012.05.14 18:01:37 | 000,194,168 | ---- | C] (Infragistics, Inc.) -- C:\Windows\System32\IGScroll40.ocx [2012.05.14 18:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lern-o-Mat [2012.05.14 18:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Lern-o-Mat ========== Files - Modified Within 30 Days ========== [2012.05.29 15:05:10 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job [2012.05.29 15:01:56 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\W-7\Desktop\OTL.exe [2012.05.29 15:00:38 | 000,000,000 | ---- | M] () -- C:\Users\W-7\defogger_reenable [2012.05.29 15:00:19 | 000,050,477 | ---- | M] () -- C:\Users\W-7\Desktop\Defogger.exe [2012.05.29 14:54:41 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job [2012.05.29 14:54:41 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job [2012.05.29 14:54:41 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job [2012.05.29 14:54:41 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.29 14:54:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.05.29 14:54:33 | 000,009,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.29 14:54:32 | 000,009,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.28 17:07:44 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.05.28 17:07:44 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.05.28 17:07:44 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.05.28 17:07:44 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.05.28 17:05:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.05.28 15:54:52 | 603,627,520 | -HS- | M] () -- C:\hiberfil.sys [2012.05.28 10:51:35 | 000,138,240 | -H-- | M] () -- C:\Users\W-7\Desktop\photothumb.db [2012.05.28 10:10:35 | 000,001,010 | ---- | M] () -- C:\Users\Public\Desktop\Freemium TubeBox.lnk [2012.05.24 10:16:12 | 000,002,349 | ---- | M] () -- C:\Users\W-7\Desktop\Google Chrome.lnk [2012.05.23 13:47:56 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2012.05.12 03:20:59 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.05.08 19:52:39 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.05.08 19:52:39 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys ========== Files Created - No Company Name ========== [2012.05.29 15:00:38 | 000,000,000 | ---- | C] () -- C:\Users\W-7\defogger_reenable [2012.05.29 15:00:08 | 000,050,477 | ---- | C] () -- C:\Users\W-7\Desktop\Defogger.exe [2012.05.28 17:05:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.05.28 10:10:35 | 000,001,010 | ---- | C] () -- C:\Users\Public\Desktop\Freemium TubeBox.lnk [2012.05.23 13:47:56 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2012.04.09 17:47:04 | 000,110,602 | ---- | C] () -- C:\Windows\System32\xcdsfx32.bin [2012.04.08 12:54:44 | 000,138,056 | ---- | C] () -- C:\Users\W-7\AppData\Roaming\PnkBstrK.sys ========== LOP Check ========== [2012.02.28 14:58:05 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Audacity [2012.05.28 10:12:51 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Freemium [2012.04.24 19:37:35 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\gtk-2.0 [2012.04.15 14:01:43 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\ICQ [2012.02.25 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\ICQ Search [2012.03.25 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Jens Lorek [2012.05.28 10:53:20 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\PhotoScape [2012.02.26 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Publish Providers [2010.04.01 08:43:41 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Simply Super Software [2012.02.26 17:09:35 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\Sony [2012.05.25 19:09:59 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\uTorrent [2012.03.11 17:54:58 | 000,000,000 | ---D | M] -- C:\Users\W-7\AppData\Roaming\YoudaGames [2012.05.29 14:54:41 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job [2012.05.29 14:54:41 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job [2010.04.01 13:49:44 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 252 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > So nun schritt 2 getan nebenbei ist ein 32 bit system |
|
30.05.2012, 08:27
| #6 |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt. Wenn 32bit, dann: GMER Bitte
__________________ --> TR/Traps.Gen2 Trojaner von Avira entdeckt. |
|
30.05.2012, 14:12
| #7 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Okay, Alles was dort gestanden hat getan ! :-) Vorab 'nach' dem Scan ist diese Nachricht gekommen was sie am anfang gesagt hatten wo man dann auf No klicken solle. GMER has found system modification, which might have been caused by ROOTKIT activity Naja hier der Text von GMER´: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-05-30 15:07:45
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3160021A rev.3.06
Running: x7dc432t.exe; Driver: C:\Users\W-7\AppData\Local\Temp\uwldqpow.sys
---- System - GMER 1.0.15 ----
SSDT 8BA68D2E ZwCreateSection
SSDT 8BA68D38 ZwRequestWaitReplyPort
SSDT 8BA68D33 ZwSetContextThread
SSDT 8BA68D3D ZwSetSecurityObject
SSDT 8BA68D42 ZwSystemDebugControl
SSDT 8BA68CCF ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackTransaction + 13E9 8284B599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82870092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 340 82877990 4 Bytes [2E, 8D, A6, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 69C 82877CEC 4 Bytes [38, 8D, A6, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 6E0 82877D30 4 Bytes [33, 8D, A6, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 75C 82877DAC 4 Bytes [3D, 8D, A6, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 7B0 82877E00 4 Bytes [42, 8D, A6, 8B]
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8C628340, 0x28CEB7, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\System32\ping.exe[1096] ntdll.dll!NtCreateProcess 777F4780 5 Bytes JMP 0031000A
.text C:\Windows\System32\ping.exe[1096] ntdll.dll!NtCreateProcessEx 777F4790 5 Bytes JMP 0032000A
.text C:\Windows\System32\ping.exe[1096] ntdll.dll!NtCreateUserProcess 777F4860 5 Bytes JMP 0033000A
.text C:\Windows\System32\ping.exe[1096] USER32.dll!GetCursorPos 7711C198 5 Bytes JMP 008D000A
.text C:\Windows\System32\ping.exe[1096] USER32.dll!CreateWindowExW 77120E51 5 Bytes JMP 0090000A
.text C:\Windows\System32\ping.exe[1096] USER32.dll!GetForegroundWindow 7712565D 5 Bytes JMP 008F000A
.text C:\Windows\System32\ping.exe[1096] USER32.dll!WindowFromPoint 77146D0C 5 Bytes JMP 008E000A
.text C:\Windows\System32\ping.exe[1096] ole32.dll!CoCreateInstance 773C590C 5 Bytes JMP 0088000A
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000045 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library c:\windows\system32\n (*** hidden *** ) @ C:\Windows\system32\svchost.exe [908] 0x00AF0000
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{364D447C-5328-11E1-B31A-806E6F6E6963} 723604056
---- Files - GMER 1.0.15 ----
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00620.log 1048576 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00621.log 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VB5YD4U\redirector[1].htm 153 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VB5YD4U\conversion[1].js 6416 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\cm[1].htm 3729 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\977852083[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\977852083[2].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\xd_arbiter[1].htm 24847 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\nutritioncuisine[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\nutritioncuisine[2].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTN7A1T3\nutritioncuisine[3].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\A86TIYQL.txt 588 bytes
---- EOF - GMER 1.0.15 ----
|
|
30.05.2012, 14:19
| #8 | |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt. Combofix Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
30.05.2012, 20:03
| #9 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Danke für die schnelle Antwort ! Hier das Logfile des Combofix Scans: Combofix Logfile: Code:
ATTFilter ComboFix 12-05-30.04 - W-7 30.05.2012 20:37:50.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.768.198 [GMT 2:00]
ausgeführt von:: c:\users\W-7\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\assembly\GAC\Desktop.ini
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-04-28 bis 2012-05-30 ))))))))))))))))))))))))))))))
.
.
2012-05-30 18:46 . 2012-05-30 18:50 -------- d-----w- c:\users\W-7\AppData\Local\temp
2012-05-30 18:46 . 2012-05-30 18:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-28 08:12 . 2012-05-28 08:12 -------- d-----w- c:\users\W-7\AppData\Local\IsolatedStorage
2012-05-28 08:10 . 2012-05-28 08:10 -------- d-----w- c:\users\W-7\AppData\Local\Freemium TubeBox
2012-05-28 08:10 . 2012-05-28 08:10 -------- d-----w- c:\program files\Freemium
2012-05-28 08:09 . 2012-05-28 08:12 -------- d-----w- c:\users\W-7\AppData\Roaming\Freemium
2012-05-24 14:37 . 2012-05-24 14:37 -------- d-----w- c:\program files\Aspyr
2012-05-23 19:09 . 2012-05-23 19:09 -------- d-----w- c:\program files\Activision
2012-05-23 11:47 . 2012-05-23 11:48 -------- d-----w- c:\program files\Trojan Remover
2012-05-23 06:28 . 2012-05-23 06:28 388096 ----a-r- c:\users\W-7\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-22 20:56 . 2012-05-23 06:28 -------- d-----w- c:\program files\Hijack
2012-05-22 20:54 . 2012-05-22 20:54 -------- d-----w- c:\users\W-7\AppData\Roaming\Malwarebytes
2012-05-22 20:53 . 2012-05-22 20:53 -------- d-----w- c:\programdata\Malwarebytes
2012-05-22 19:50 . 2012-05-22 19:50 -------- d-----w- c:\program files\directx
2012-05-22 13:25 . 2012-05-22 13:25 -------- d-----w- c:\program files\7-Zip
2012-05-20 19:32 . 2004-09-10 18:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-05-20 19:32 . 2006-08-10 00:02 75264 ----a-w- c:\windows\system32\E_FLBBIE.DLL
2012-05-20 19:32 . 2006-04-19 00:00 62976 ----a-w- c:\windows\system32\E_FD4BBIE.DLL
2012-05-20 19:31 . 2012-05-20 19:34 -------- d-----w- c:\programdata\EPSON
2012-05-17 10:10 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FC307A9-4F32-4706-A5A1-3C4988357B1E}\mpengine.dll
2012-05-14 16:01 . 2000-10-02 10:27 125712 ----a-w- c:\windows\system32\VB6DE.DLL
2012-05-14 16:01 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2012-05-14 16:01 . 2006-02-22 17:59 194168 ----a-w- c:\windows\system32\IGScroll40.ocx
2012-05-14 16:01 . 2004-03-08 22:00 1010720 ----a-w- c:\windows\system32\MSCHRT20.OCX
2012-05-14 16:01 . 2012-05-14 16:01 -------- d-----w- c:\program files\Lern-o-Mat
2012-05-14 16:01 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-05-14 16:01 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-05-14 16:01 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-05-14 16:01 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-05-14 16:01 . 2002-07-25 08:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 17:52 . 2012-04-09 15:41 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 17:52 . 2012-04-09 15:41 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 16:33 . 2012-04-09 16:04 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:33 . 2012-02-18 18:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-09 16:20 . 2012-02-26 13:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-08 10:54 . 2012-04-08 10:54 138056 ----a-w- c:\users\W-7\AppData\Roaming\PnkBstrK.sys
2010-04-01 12:36 . 2012-02-10 13:58 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-04-12 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-10-09 90191]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2010-04-01 129976]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:33]
.
2012-05-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job
- c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 09:23]
.
2012-05-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job
- c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 09:23]
.
2012-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job
- c:\users\W-7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 15:46]
.
2012-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job
- c:\users\W-7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 15:46]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={CDFBC819-E9B5-4CAA-B86B-120CDBB0E484}&mid=0324b7f55f3547d1939ad1584f8b7021-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=ft011&pr=sa&d=2012-03-08 15:56&v=10.0.0.7&sap=hp
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q=
FF - prefs.js: network.proxy.http - 157.181.228.181
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-THPS4_is1 - c:\program files\Russobit-M\THPS4\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\prevhost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-30 20:56:20 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-05-30 18:56
.
Vor Suchlauf: 6 Verzeichnis(se), 131.254.312.960 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 133.933.068.288 Bytes frei
.
- - End Of File - - EB9BFAC77C4BC387DFC1AC22AF0806DC
|
|
31.05.2012, 07:08
| #10 | |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt.Zitat:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
31.05.2012, 12:35
| #11 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Nein hab ich nicht!Ist mir auch unbekannt ist das ein hacker oder wie? oder kann das durch das firefox addon stealthy ( unblocked geblockte youtube videos) sein manchmal vergess ich das auszuschalten genauso wie bei chrome proxtube .. mhh  |
|
31.05.2012, 12:40
| #12 |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt. Schritt 1: Scan mit TDSS-Killer Dowloade Dir bitte TDSSKiller.exe und speichere die Datei am Desktop.
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
31.05.2012, 13:09
| #13 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Wurde nichts gefunden |
|
31.05.2012, 13:11
| #14 |
| /// Malwareteam | TR/Traps.Gen2 Trojaner von Avira entdeckt. CF-Script Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter: BleepingComputer.com - ForoSpyware.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter FIREFOX::
FF - ProfilePath - c:\users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q=
FF - prefs.js: network.proxy.http - 157.181.228.181
FF - prefs.js: network.proxy.http_port - 3128
Wichtig:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
31.05.2012, 13:47
| #15 |
| | TR/Traps.Gen2 Trojaner von Avira entdeckt. Ok hier der neue Combofix Durchlauf : Combofix Logfile: Code:
ATTFilter ComboFix 12-05-31.01 - W-7 31.05.2012 14:24:44.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.768.367 [GMT 2:00]
ausgeführt von:: c:\users\W-7\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\W-7\Desktop\CFScript.txt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-04-28 bis 2012-05-31 ))))))))))))))))))))))))))))))
.
.
2012-05-31 12:41 . 2012-05-31 12:41 -------- d-----w- c:\users\W-7\AppData\Local\temp
2012-05-31 12:41 . 2012-05-31 12:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-30 19:09 . 2012-05-30 19:09 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FC307A9-4F32-4706-A5A1-3C4988357B1E}\offreg.dll
2012-05-28 08:12 . 2012-05-28 08:12 -------- d-----w- c:\users\W-7\AppData\Local\IsolatedStorage
2012-05-28 08:10 . 2012-05-28 08:10 -------- d-----w- c:\users\W-7\AppData\Local\Freemium TubeBox
2012-05-28 08:10 . 2012-05-28 08:10 -------- d-----w- c:\program files\Freemium
2012-05-28 08:09 . 2012-05-28 08:12 -------- d-----w- c:\users\W-7\AppData\Roaming\Freemium
2012-05-24 14:37 . 2012-05-24 14:37 -------- d-----w- c:\program files\Aspyr
2012-05-23 19:09 . 2012-05-23 19:09 -------- d-----w- c:\program files\Activision
2012-05-23 11:47 . 2012-05-23 11:48 -------- d-----w- c:\program files\Trojan Remover
2012-05-23 06:28 . 2012-05-23 06:28 388096 ----a-r- c:\users\W-7\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-22 20:56 . 2012-05-23 06:28 -------- d-----w- c:\program files\Hijack
2012-05-22 20:54 . 2012-05-22 20:54 -------- d-----w- c:\users\W-7\AppData\Roaming\Malwarebytes
2012-05-22 20:53 . 2012-05-22 20:53 -------- d-----w- c:\programdata\Malwarebytes
2012-05-22 19:50 . 2012-05-22 19:50 -------- d-----w- c:\program files\directx
2012-05-22 13:25 . 2012-05-22 13:25 -------- d-----w- c:\program files\7-Zip
2012-05-20 19:32 . 2004-09-10 18:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-05-20 19:32 . 2006-08-10 00:02 75264 ----a-w- c:\windows\system32\E_FLBBIE.DLL
2012-05-20 19:32 . 2006-04-19 00:00 62976 ----a-w- c:\windows\system32\E_FD4BBIE.DLL
2012-05-20 19:31 . 2012-05-20 19:34 -------- d-----w- c:\programdata\EPSON
2012-05-17 10:10 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FC307A9-4F32-4706-A5A1-3C4988357B1E}\mpengine.dll
2012-05-14 16:01 . 2000-10-02 10:27 125712 ----a-w- c:\windows\system32\VB6DE.DLL
2012-05-14 16:01 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2012-05-14 16:01 . 2006-02-22 17:59 194168 ----a-w- c:\windows\system32\IGScroll40.ocx
2012-05-14 16:01 . 2004-03-08 22:00 1010720 ----a-w- c:\windows\system32\MSCHRT20.OCX
2012-05-14 16:01 . 2012-05-14 16:01 -------- d-----w- c:\program files\Lern-o-Mat
2012-05-14 16:01 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-05-14 16:01 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-05-14 16:01 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-05-14 16:01 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-05-14 16:01 . 2002-07-25 08:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 17:52 . 2012-04-09 15:41 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 17:52 . 2012-04-09 15:41 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 16:33 . 2012-04-09 16:04 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:33 . 2012-02-18 18:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-09 16:20 . 2012-02-26 13:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-08 10:54 . 2012-04-08 10:54 138056 ----a-w- c:\users\W-7\AppData\Roaming\PnkBstrK.sys
2010-04-01 12:36 . 2012-02-10 13:58 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-04-12 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-10-09 90191]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2010-04-01 129976]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 10566174
*Deregistered* - 10566174
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:33]
.
2012-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job
- c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 09:23]
.
2012-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job
- c:\users\W-7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 09:23]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000Core.job
- c:\users\W-7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 15:46]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3620915716-466469500-1012626225-1000UA.job
- c:\users\W-7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 15:46]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={CDFBC819-E9B5-4CAA-B86B-120CDBB0E484}&mid=0324b7f55f3547d1939ad1584f8b7021-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=ft011&pr=sa&d=2012-03-08 15:56&v=10.0.0.7&sap=hp
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\W-7\AppData\Roaming\Mozilla\Firefox\Profiles\qak7miq2.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-05-31 14:43:50
ComboFix-quarantined-files.txt 2012-05-31 12:43
ComboFix2.txt 2012-05-30 18:56
.
Vor Suchlauf: 10 Verzeichnis(se), 133.946.650.624 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 133.901.058.048 Bytes frei
.
- - End Of File - - 2419BC64FD8C84215BF60CCB5320AC67
& hier noch das TDSS Killer Log gefunden falls sie das brauchen. : 14:05:26.0026 0836 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 14:05:26.0073 0836 ============================================================ 14:05:26.0073 0836 Current date / time: 2012/05/31 14:05:26.0073 14:05:26.0073 0836 SystemInfo: 14:05:26.0073 0836 14:05:26.0073 0836 OS Version: 6.1.7600 ServicePack: 0.0 14:05:26.0073 0836 Product type: Workstation 14:05:26.0073 0836 ComputerName: W-7-PC 14:05:26.0073 0836 UserName: W-7 14:05:26.0073 0836 Windows directory: C:\Windows 14:05:26.0073 0836 System windows directory: C:\Windows 14:05:26.0073 0836 Processor architecture: Intel x86 14:05:26.0073 0836 Number of processors: 1 14:05:26.0073 0836 Page size: 0x1000 14:05:26.0073 0836 Boot type: Normal boot 14:05:26.0073 0836 ============================================================ 14:05:27.0745 0836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:05:40.0541 0836 ============================================================ 14:05:40.0541 0836 \Device\Harddisk0\DR0: 14:05:40.0557 0836 MBR partitions: 14:05:40.0557 0836 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800 14:05:40.0557 0836 ============================================================ 14:05:40.0604 0836 C: <-> \Device\Harddisk0\DR0\Partition0 14:05:40.0635 0836 ============================================================ 14:05:40.0635 0836 Initialize success 14:05:40.0635 0836 ============================================================ 14:05:57.0557 2780 ============================================================ 14:05:57.0557 2780 Scan started 14:05:57.0557 2780 Mode: Manual; 14:05:57.0557 2780 ============================================================ 14:05:59.0135 2780 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 14:05:59.0151 2780 1394ohci - ok 14:05:59.0198 2780 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 14:05:59.0213 2780 ACPI - ok 14:05:59.0260 2780 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 14:05:59.0276 2780 AcpiPmi - ok 14:05:59.0370 2780 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 14:05:59.0370 2780 AdobeARMservice - ok 14:05:59.0510 2780 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:05:59.0526 2780 AdobeFlashPlayerUpdateSvc - ok 14:05:59.0604 2780 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 14:05:59.0620 2780 adp94xx - ok 14:05:59.0682 2780 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 14:05:59.0713 2780 adpahci - ok 14:05:59.0776 2780 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 14:05:59.0776 2780 adpu320 - ok 14:05:59.0823 2780 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 14:05:59.0838 2780 AeLookupSvc - ok 14:05:59.0916 2780 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 14:05:59.0948 2780 AFD - ok 14:06:00.0010 2780 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 14:06:00.0010 2780 agp440 - ok 14:06:00.0057 2780 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 14:06:00.0057 2780 aic78xx - ok 14:06:00.0135 2780 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 14:06:00.0135 2780 ALG - ok 14:06:00.0166 2780 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 14:06:00.0166 2780 aliide - ok 14:06:00.0213 2780 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 14:06:00.0213 2780 amdagp - ok 14:06:00.0245 2780 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 14:06:00.0245 2780 amdide - ok 14:06:00.0307 2780 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 14:06:00.0307 2780 AmdK8 - ok 14:06:00.0338 2780 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 14:06:00.0354 2780 AmdPPM - ok 14:06:00.0401 2780 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 14:06:00.0416 2780 amdsata - ok 14:06:00.0463 2780 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 14:06:00.0479 2780 amdsbs - ok 14:06:00.0510 2780 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 14:06:00.0510 2780 amdxata - ok 14:06:00.0620 2780 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe 14:06:00.0635 2780 AntiVirSchedulerService - ok 14:06:00.0682 2780 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 14:06:00.0682 2780 AntiVirService - ok 14:06:00.0745 2780 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 14:06:00.0745 2780 AppID - ok 14:06:00.0776 2780 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 14:06:00.0776 2780 AppIDSvc - ok 14:06:00.0823 2780 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll 14:06:00.0823 2780 Appinfo - ok 14:06:00.0885 2780 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 14:06:00.0885 2780 AppMgmt - ok 14:06:00.0932 2780 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 14:06:00.0932 2780 arc - ok 14:06:00.0963 2780 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 14:06:00.0963 2780 arcsas - ok 14:06:01.0010 2780 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 14:06:01.0010 2780 AsyncMac - ok 14:06:01.0041 2780 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 14:06:01.0041 2780 atapi - ok 14:06:01.0135 2780 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 14:06:01.0151 2780 AudioEndpointBuilder - ok 14:06:01.0166 2780 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 14:06:01.0182 2780 Audiosrv - ok 14:06:01.0229 2780 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys 14:06:01.0229 2780 avgntflt - ok 14:06:01.0307 2780 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys 14:06:01.0307 2780 avipbb - ok 14:06:01.0385 2780 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 14:06:01.0385 2780 avkmgr - ok 14:06:01.0448 2780 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll 14:06:01.0448 2780 AxInstSV - ok 14:06:01.0510 2780 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 14:06:01.0526 2780 b06bdrv - ok 14:06:01.0588 2780 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 14:06:01.0604 2780 b57nd60x - ok 14:06:01.0666 2780 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 14:06:01.0666 2780 BDESVC - ok 14:06:01.0713 2780 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 14:06:01.0713 2780 Beep - ok 14:06:01.0776 2780 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll 14:06:01.0791 2780 BFE - ok 14:06:01.0870 2780 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll 14:06:01.0932 2780 BITS - ok 14:06:01.0979 2780 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 14:06:01.0979 2780 blbdrive - ok 14:06:02.0026 2780 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 14:06:02.0026 2780 bowser - ok 14:06:02.0073 2780 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:06:02.0073 2780 BrFiltLo - ok 14:06:02.0104 2780 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:06:02.0120 2780 BrFiltUp - ok 14:06:02.0166 2780 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 14:06:02.0166 2780 BridgeMP - ok 14:06:02.0213 2780 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll 14:06:02.0213 2780 Browser - ok 14:06:02.0260 2780 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 14:06:02.0276 2780 Brserid - ok 14:06:02.0307 2780 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 14:06:02.0307 2780 BrSerWdm - ok 14:06:02.0338 2780 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:06:02.0338 2780 BrUsbMdm - ok 14:06:02.0370 2780 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 14:06:02.0370 2780 BrUsbSer - ok 14:06:02.0401 2780 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 14:06:02.0401 2780 BTHMODEM - ok 14:06:02.0479 2780 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 14:06:02.0479 2780 bthserv - ok 14:06:02.0604 2780 catchme - ok 14:06:02.0651 2780 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 14:06:02.0666 2780 cdfs - ok 14:06:02.0713 2780 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 14:06:02.0713 2780 cdrom - ok 14:06:02.0776 2780 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 14:06:02.0776 2780 CertPropSvc - ok 14:06:02.0823 2780 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 14:06:02.0823 2780 circlass - ok 14:06:02.0885 2780 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 14:06:02.0916 2780 CLFS - ok 14:06:02.0995 2780 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:06:02.0995 2780 clr_optimization_v2.0.50727_32 - ok 14:06:03.0041 2780 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 14:06:03.0041 2780 CmBatt - ok 14:06:03.0073 2780 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 14:06:03.0073 2780 cmdide - ok 14:06:03.0135 2780 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys 14:06:03.0151 2780 CNG - ok 14:06:03.0213 2780 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 14:06:03.0213 2780 Compbatt - ok 14:06:03.0276 2780 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 14:06:03.0276 2780 CompositeBus - ok 14:06:03.0323 2780 COMSysApp - ok 14:06:03.0385 2780 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 14:06:03.0385 2780 crcdisk - ok 14:06:03.0510 2780 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll 14:06:03.0510 2780 CryptSvc - ok 14:06:03.0573 2780 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 14:06:03.0604 2780 CSC - ok 14:06:03.0651 2780 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll 14:06:03.0682 2780 CscService - ok 14:06:03.0745 2780 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 14:06:03.0760 2780 DcomLaunch - ok 14:06:03.0823 2780 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 14:06:03.0823 2780 defragsvc - ok 14:06:03.0901 2780 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 14:06:03.0901 2780 DfsC - ok 14:06:03.0963 2780 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll 14:06:03.0963 2780 Dhcp - ok 14:06:04.0010 2780 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 14:06:04.0010 2780 discache - ok 14:06:04.0057 2780 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 14:06:04.0057 2780 Disk - ok 14:06:04.0120 2780 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll 14:06:04.0135 2780 Dnscache - ok 14:06:04.0182 2780 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll 14:06:04.0198 2780 dot3svc - ok 14:06:04.0229 2780 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll 14:06:04.0229 2780 DPS - ok 14:06:04.0291 2780 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 14:06:04.0291 2780 drmkaud - ok 14:06:04.0401 2780 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 14:06:04.0416 2780 DXGKrnl - ok 14:06:04.0463 2780 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 14:06:04.0463 2780 EapHost - ok 14:06:04.0682 2780 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 14:06:04.0776 2780 ebdrv - ok 14:06:04.0916 2780 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe 14:06:04.0916 2780 EFS - ok 14:06:05.0010 2780 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe 14:06:05.0041 2780 ehRecvr - ok 14:06:05.0073 2780 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 14:06:05.0088 2780 ehSched - ok 14:06:05.0229 2780 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 14:06:05.0245 2780 elxstor - ok 14:06:05.0276 2780 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 14:06:05.0276 2780 ErrDev - ok 14:06:05.0354 2780 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 14:06:05.0370 2780 EventSystem - ok 14:06:05.0416 2780 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 14:06:05.0416 2780 exfat - ok 14:06:05.0463 2780 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 14:06:05.0463 2780 fastfat - ok 14:06:05.0541 2780 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe 14:06:05.0573 2780 Fax - ok 14:06:05.0635 2780 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 14:06:05.0635 2780 fdc - ok 14:06:05.0666 2780 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 14:06:05.0666 2780 fdPHost - ok 14:06:05.0698 2780 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 14:06:05.0713 2780 FDResPub - ok 14:06:05.0760 2780 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys 14:06:05.0776 2780 FETNDIS - ok 14:06:05.0807 2780 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 14:06:05.0807 2780 FileInfo - ok 14:06:05.0838 2780 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 14:06:05.0838 2780 Filetrace - ok 14:06:05.0885 2780 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 14:06:05.0901 2780 flpydisk - ok 14:06:05.0948 2780 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 14:06:05.0948 2780 FltMgr - ok 14:06:06.0041 2780 FontCache (151258fc2ec8c48bdf8a53350ae0a676) C:\Windows\system32\FntCache.dll 14:06:06.0073 2780 FontCache - ok 14:06:06.0182 2780 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:06:06.0229 2780 FontCache3.0.0.0 - ok 14:06:06.0276 2780 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 14:06:06.0276 2780 FsDepends - ok 14:06:06.0338 2780 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys 14:06:06.0338 2780 Fs_Rec - ok 14:06:06.0401 2780 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 14:06:06.0401 2780 fvevol - ok 14:06:06.0463 2780 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:06:06.0463 2780 gagp30kx - ok 14:06:06.0541 2780 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll 14:06:06.0573 2780 gpsvc - ok 14:06:06.0604 2780 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 14:06:06.0604 2780 hcw85cir - ok 14:06:06.0635 2780 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:06:06.0651 2780 HDAudBus - ok 14:06:06.0682 2780 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 14:06:06.0682 2780 HidBatt - ok 14:06:06.0713 2780 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 14:06:06.0713 2780 HidBth - ok 14:06:06.0776 2780 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 14:06:06.0776 2780 HidIr - ok 14:06:06.0854 2780 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 14:06:06.0854 2780 hidserv - ok 14:06:06.0932 2780 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 14:06:06.0932 2780 HidUsb - ok 14:06:06.0979 2780 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll 14:06:06.0979 2780 hkmsvc - ok 14:06:07.0057 2780 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll 14:06:07.0073 2780 HomeGroupListener - ok 14:06:07.0120 2780 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll 14:06:07.0120 2780 HomeGroupProvider - ok 14:06:07.0182 2780 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 14:06:07.0182 2780 HpSAMD - ok 14:06:07.0229 2780 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 14:06:07.0260 2780 HTTP - ok 14:06:07.0291 2780 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 14:06:07.0291 2780 hwpolicy - ok 14:06:07.0338 2780 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 14:06:07.0338 2780 i8042prt - ok 14:06:07.0416 2780 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 14:06:07.0432 2780 iaStorV - ok 14:06:07.0588 2780 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:06:07.0620 2780 idsvc - ok 14:06:07.0682 2780 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 14:06:07.0682 2780 iirsp - ok 14:06:07.0791 2780 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll 14:06:07.0807 2780 IKEEXT - ok 14:06:07.0854 2780 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 14:06:07.0870 2780 intelide - ok 14:06:07.0932 2780 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 14:06:07.0932 2780 intelppm - ok 14:06:07.0979 2780 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 14:06:07.0995 2780 IPBusEnum - ok 14:06:08.0010 2780 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:06:08.0026 2780 IpFilterDriver - ok 14:06:08.0088 2780 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll 14:06:08.0120 2780 iphlpsvc - ok 14:06:08.0166 2780 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 14:06:08.0182 2780 IPMIDRV - ok 14:06:08.0213 2780 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 14:06:08.0213 2780 IPNAT - ok 14:06:08.0260 2780 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 14:06:08.0260 2780 IRENUM - ok 14:06:08.0307 2780 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 14:06:08.0307 2780 isapnp - ok 14:06:08.0354 2780 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 14:06:08.0354 2780 iScsiPrt - ok 14:06:08.0479 2780 ISODrive (3ff410ccffcc6a25f33080b8f6e345cd) C:\Program Files\UltraISO\drivers\ISODrive.sys 14:06:08.0479 2780 ISODrive - ok 14:06:08.0541 2780 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:06:08.0541 2780 kbdclass - ok 14:06:08.0588 2780 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 14:06:08.0588 2780 kbdhid - ok 14:06:08.0651 2780 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:06:08.0651 2780 KeyIso - ok 14:06:08.0713 2780 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys 14:06:08.0713 2780 KMWDFILTERx86 - ok 14:06:08.0760 2780 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys 14:06:08.0776 2780 KSecDD - ok 14:06:08.0823 2780 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys 14:06:08.0823 2780 KSecPkg - ok 14:06:08.0870 2780 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 14:06:08.0885 2780 KtmRm - ok 14:06:08.0932 2780 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll 14:06:08.0948 2780 LanmanServer - ok 14:06:08.0995 2780 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll 14:06:08.0995 2780 LanmanWorkstation - ok 14:06:09.0057 2780 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 14:06:09.0073 2780 lltdio - ok 14:06:09.0120 2780 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 14:06:09.0120 2780 lltdsvc - ok 14:06:09.0151 2780 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 14:06:09.0151 2780 lmhosts - ok 14:06:09.0213 2780 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:06:09.0213 2780 LSI_FC - ok 14:06:09.0276 2780 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:06:09.0276 2780 LSI_SAS - ok 14:06:09.0323 2780 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:06:09.0323 2780 LSI_SAS2 - ok 14:06:09.0354 2780 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:06:09.0354 2780 LSI_SCSI - ok 14:06:09.0401 2780 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 14:06:09.0401 2780 luafv - ok 14:06:09.0448 2780 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll 14:06:09.0448 2780 Mcx2Svc - ok 14:06:09.0495 2780 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 14:06:09.0495 2780 megasas - ok 14:06:09.0541 2780 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 14:06:09.0557 2780 MegaSR - ok 14:06:09.0588 2780 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:06:09.0604 2780 MMCSS - ok 14:06:09.0635 2780 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 14:06:09.0635 2780 Modem - ok 14:06:09.0682 2780 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 14:06:09.0682 2780 monitor - ok 14:06:09.0729 2780 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 14:06:09.0729 2780 mouclass - ok 14:06:09.0776 2780 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 14:06:09.0776 2780 mouhid - ok 14:06:09.0807 2780 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 14:06:09.0807 2780 mountmgr - ok 14:06:09.0932 2780 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:06:09.0932 2780 MozillaMaintenance - ok 14:06:09.0995 2780 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 14:06:09.0995 2780 mpio - ok 14:06:10.0041 2780 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 14:06:10.0041 2780 mpsdrv - ok 14:06:10.0120 2780 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll 14:06:10.0151 2780 MpsSvc - ok 14:06:10.0198 2780 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 14:06:10.0198 2780 MRxDAV - ok 14:06:10.0245 2780 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:06:10.0245 2780 mrxsmb - ok 14:06:10.0291 2780 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:06:10.0291 2780 mrxsmb10 - ok 14:06:10.0323 2780 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:06:10.0323 2780 mrxsmb20 - ok 14:06:10.0370 2780 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 14:06:10.0370 2780 msahci - ok 14:06:10.0401 2780 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 14:06:10.0401 2780 msdsm - ok 14:06:10.0448 2780 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 14:06:10.0463 2780 MSDTC - ok 14:06:10.0510 2780 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 14:06:10.0510 2780 Msfs - ok 14:06:10.0526 2780 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 14:06:10.0541 2780 mshidkmdf - ok 14:06:10.0573 2780 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 14:06:10.0573 2780 msisadrv - ok 14:06:10.0620 2780 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 14:06:10.0620 2780 MSiSCSI - ok 14:06:10.0651 2780 msiserver - ok 14:06:10.0698 2780 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 14:06:10.0698 2780 MSKSSRV - ok 14:06:10.0713 2780 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 14:06:10.0729 2780 MSPCLOCK - ok 14:06:10.0760 2780 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 14:06:10.0760 2780 MSPQM - ok 14:06:10.0791 2780 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 14:06:10.0807 2780 MsRPC - ok 14:06:10.0838 2780 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 14:06:10.0838 2780 mssmbios - ok 14:06:10.0885 2780 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 14:06:10.0885 2780 MSTEE - ok 14:06:10.0916 2780 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 14:06:10.0932 2780 MTConfig - ok 14:06:10.0963 2780 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 14:06:10.0963 2780 Mup - ok 14:06:11.0010 2780 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll 14:06:11.0026 2780 napagent - ok 14:06:11.0088 2780 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 14:06:11.0104 2780 NativeWifiP - ok 14:06:11.0166 2780 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 14:06:11.0198 2780 NDIS - ok 14:06:11.0245 2780 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 14:06:11.0245 2780 NdisCap - ok 14:06:11.0291 2780 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 14:06:11.0291 2780 NdisTapi - ok 14:06:11.0354 2780 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 14:06:11.0354 2780 Ndisuio - ok 14:06:11.0401 2780 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 14:06:11.0401 2780 NdisWan - ok 14:06:11.0432 2780 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 14:06:11.0448 2780 NDProxy - ok 14:06:11.0479 2780 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 14:06:11.0479 2780 NetBIOS - ok 14:06:11.0573 2780 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 14:06:11.0588 2780 NetBT - ok 14:06:11.0620 2780 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:06:11.0620 2780 Netlogon - ok 14:06:11.0698 2780 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 14:06:11.0729 2780 Netman - ok 14:06:11.0776 2780 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 14:06:11.0791 2780 netprofm - ok 14:06:11.0885 2780 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:06:11.0885 2780 NetTcpPortSharing - ok 14:06:11.0932 2780 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 14:06:11.0948 2780 nfrd960 - ok 14:06:11.0995 2780 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll 14:06:12.0010 2780 NlaSvc - ok 14:06:12.0041 2780 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 14:06:12.0041 2780 Npfs - ok 14:06:12.0073 2780 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 14:06:12.0073 2780 nsi - ok 14:06:12.0120 2780 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 14:06:12.0120 2780 nsiproxy - ok 14:06:12.0245 2780 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 14:06:12.0276 2780 Ntfs - ok 14:06:12.0338 2780 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 14:06:12.0338 2780 Null - ok 14:06:12.0620 2780 nvlddmkm (d37174e8014da46be1a81e7b02237ac0) C:\Windows\system32\DRIVERS\nvlddmkm.sys 14:06:12.0760 2780 nvlddmkm - ok 14:06:12.0916 2780 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 14:06:12.0916 2780 nvraid - ok 14:06:12.0948 2780 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 14:06:12.0963 2780 nvstor - ok 14:06:13.0010 2780 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 14:06:13.0010 2780 nv_agp - ok 14:06:13.0041 2780 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 14:06:13.0041 2780 ohci1394 - ok 14:06:13.0104 2780 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:06:13.0120 2780 p2pimsvc - ok 14:06:13.0166 2780 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 14:06:13.0182 2780 p2psvc - ok 14:06:13.0229 2780 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 14:06:13.0229 2780 Parport - ok 14:06:13.0276 2780 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys 14:06:13.0276 2780 partmgr - ok 14:06:13.0323 2780 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 14:06:13.0323 2780 Parvdm - ok 14:06:13.0370 2780 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 14:06:13.0370 2780 PcaSvc - ok 14:06:13.0416 2780 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 14:06:13.0416 2780 pci - ok 14:06:13.0463 2780 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 14:06:13.0479 2780 pciide - ok 14:06:13.0510 2780 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 14:06:13.0526 2780 pcmcia - ok 14:06:13.0541 2780 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 14:06:13.0557 2780 pcw - ok 14:06:13.0620 2780 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 14:06:13.0635 2780 PEAUTH - ok 14:06:13.0745 2780 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 14:06:13.0776 2780 PeerDistSvc - ok 14:06:13.0932 2780 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll 14:06:13.0979 2780 pla - ok 14:06:14.0151 2780 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll 14:06:14.0166 2780 PlugPlay - ok 14:06:14.0229 2780 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 14:06:14.0229 2780 PNRPAutoReg - ok 14:06:14.0276 2780 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:06:14.0276 2780 PNRPsvc - ok 14:06:14.0338 2780 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll 14:06:14.0354 2780 PolicyAgent - ok 14:06:14.0401 2780 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll 14:06:14.0416 2780 Power - ok 14:06:14.0479 2780 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 14:06:14.0479 2780 PptpMiniport - ok 14:06:14.0510 2780 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 14:06:14.0510 2780 Processor - ok 14:06:14.0588 2780 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll 14:06:14.0588 2780 ProfSvc - ok 14:06:14.0635 2780 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:06:14.0635 2780 ProtectedStorage - ok 14:06:14.0698 2780 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 14:06:14.0698 2780 Psched - ok 14:06:14.0791 2780 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 14:06:14.0838 2780 ql2300 - ok 14:06:14.0979 2780 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 14:06:14.0995 2780 ql40xx - ok 14:06:15.0057 2780 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 14:06:15.0073 2780 QWAVE - ok 14:06:15.0104 2780 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 14:06:15.0104 2780 QWAVEdrv - ok 14:06:15.0182 2780 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll 14:06:15.0198 2780 RapiMgr - ok 14:06:15.0229 2780 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 14:06:15.0229 2780 RasAcd - ok 14:06:15.0291 2780 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:06:15.0291 2780 RasAgileVpn - ok 14:06:15.0354 2780 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 14:06:15.0370 2780 RasAuto - ok 14:06:15.0416 2780 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:06:15.0416 2780 Rasl2tp - ok 14:06:15.0479 2780 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll 14:06:15.0510 2780 RasMan - ok 14:06:15.0557 2780 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 14:06:15.0557 2780 RasPppoe - ok 14:06:15.0604 2780 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 14:06:15.0604 2780 RasSstp - ok 14:06:15.0651 2780 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 14:06:15.0666 2780 rdbss - ok 14:06:15.0698 2780 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 14:06:15.0713 2780 rdpbus - ok 14:06:15.0745 2780 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:06:15.0745 2780 RDPCDD - ok 14:06:15.0807 2780 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 14:06:15.0807 2780 RDPDR - ok 14:06:15.0854 2780 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 14:06:15.0854 2780 RDPENCDD - ok 14:06:15.0901 2780 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 14:06:15.0901 2780 RDPREFMP - ok 14:06:15.0963 2780 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys 14:06:15.0963 2780 RDPWD - ok 14:06:16.0026 2780 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 14:06:16.0026 2780 rdyboost - ok 14:06:16.0073 2780 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 14:06:16.0088 2780 RemoteAccess - ok 14:06:16.0135 2780 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 14:06:16.0135 2780 RemoteRegistry - ok 14:06:16.0182 2780 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 14:06:16.0182 2780 RpcEptMapper - ok 14:06:16.0229 2780 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 14:06:16.0229 2780 RpcLocator - ok 14:06:16.0291 2780 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 14:06:16.0291 2780 RpcSs - ok 14:06:16.0338 2780 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 14:06:16.0354 2780 rspndr - ok 14:06:16.0385 2780 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 14:06:16.0385 2780 s3cap - ok 14:06:16.0416 2780 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:06:16.0416 2780 SamSs - ok 14:06:16.0479 2780 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 14:06:16.0479 2780 sbp2port - ok 14:06:16.0526 2780 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 14:06:16.0526 2780 SCardSvr - ok 14:06:16.0557 2780 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 14:06:16.0573 2780 scfilter - ok 14:06:16.0682 2780 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll 14:06:16.0713 2780 Schedule - ok 14:06:16.0760 2780 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 14:06:16.0760 2780 SCPolicySvc - ok 14:06:16.0807 2780 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll 14:06:16.0823 2780 SDRSVC - ok 14:06:16.0870 2780 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:06:16.0870 2780 secdrv - ok 14:06:16.0916 2780 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 14:06:16.0916 2780 seclogon - ok 14:06:16.0963 2780 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 14:06:16.0963 2780 SENS - ok 14:06:17.0026 2780 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 14:06:17.0026 2780 SensrSvc - ok 14:06:17.0073 2780 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 14:06:17.0073 2780 Serenum - ok 14:06:17.0135 2780 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 14:06:17.0135 2780 Serial - ok 14:06:17.0198 2780 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 14:06:17.0198 2780 sermouse - ok 14:06:17.0260 2780 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll 14:06:17.0276 2780 SessionEnv - ok 14:06:17.0307 2780 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 14:06:17.0307 2780 sffdisk - ok 14:06:17.0338 2780 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 14:06:17.0338 2780 sffp_mmc - ok 14:06:17.0354 2780 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 14:06:17.0354 2780 sffp_sd - ok 14:06:17.0385 2780 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 14:06:17.0385 2780 sfloppy - ok 14:06:17.0448 2780 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 14:06:17.0463 2780 SharedAccess - ok 14:06:17.0526 2780 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll 14:06:17.0541 2780 ShellHWDetection - ok 14:06:17.0604 2780 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:06:17.0604 2780 SiSRaid2 - ok 14:06:17.0635 2780 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 14:06:17.0635 2780 SiSRaid4 - ok 14:06:17.0745 2780 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files\Skype\Updater\Updater.exe 14:06:17.0745 2780 SkypeUpdate - ok 14:06:17.0807 2780 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 14:06:17.0807 2780 Smb - ok 14:06:17.0870 2780 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 14:06:17.0870 2780 SNMPTRAP - ok 14:06:18.0510 2780 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys 14:06:18.0823 2780 SNPSTD3 - ok 14:06:18.0963 2780 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 14:06:18.0963 2780 spldr - ok 14:06:19.0026 2780 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe 14:06:19.0057 2780 Spooler - ok 14:06:19.0245 2780 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe 14:06:19.0338 2780 sppsvc - ok 14:06:19.0463 2780 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll 14:06:19.0479 2780 sppuinotify - ok 14:06:19.0557 2780 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 14:06:19.0573 2780 srv - ok 14:06:19.0635 2780 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 14:06:19.0682 2780 srv2 - ok 14:06:19.0713 2780 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 14:06:19.0713 2780 srvnet - ok 14:06:19.0760 2780 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 14:06:19.0760 2780 SSDPSRV - ok 14:06:19.0823 2780 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 14:06:19.0823 2780 ssmdrv - ok 14:06:19.0870 2780 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 14:06:19.0885 2780 SstpSvc - ok 14:06:19.0916 2780 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 14:06:19.0916 2780 stexstor - ok 14:06:20.0010 2780 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll 14:06:20.0041 2780 StiSvc - ok 14:06:20.0088 2780 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 14:06:20.0088 2780 storflt - ok 14:06:20.0135 2780 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 14:06:20.0135 2780 storvsc - ok 14:06:20.0182 2780 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 14:06:20.0182 2780 swenum - ok 14:06:20.0245 2780 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 14:06:20.0260 2780 swprv - ok 14:06:20.0370 2780 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll 14:06:20.0416 2780 SysMain - ok 14:06:20.0463 2780 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll 14:06:20.0463 2780 TabletInputService - ok 14:06:20.0510 2780 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll 14:06:20.0526 2780 TapiSrv - ok 14:06:20.0557 2780 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 14:06:20.0573 2780 TBS - ok 14:06:20.0698 2780 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys 14:06:20.0745 2780 Tcpip - ok 14:06:20.0776 2780 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys 14:06:20.0791 2780 TCPIP6 - ok 14:06:20.0854 2780 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 14:06:20.0854 2780 tcpipreg - ok 14:06:20.0885 2780 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 14:06:20.0901 2780 TDPIPE - ok 14:06:20.0948 2780 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys 14:06:20.0948 2780 TDTCP - ok 14:06:20.0979 2780 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 14:06:20.0995 2780 tdx - ok 14:06:21.0245 2780 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe 14:06:21.0354 2780 TeamViewer7 - ok 14:06:21.0541 2780 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 14:06:21.0541 2780 TermDD - ok 14:06:21.0635 2780 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll 14:06:21.0666 2780 TermService - ok 14:06:21.0713 2780 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 14:06:21.0713 2780 Themes - ok 14:06:21.0791 2780 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:06:21.0807 2780 THREADORDER - ok 14:06:21.0870 2780 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 14:06:21.0885 2780 TrkWks - ok 14:06:21.0948 2780 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe 14:06:21.0963 2780 TrustedInstaller - ok 14:06:21.0995 2780 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:06:21.0995 2780 tssecsrv - ok 14:06:22.0041 2780 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 14:06:22.0041 2780 tunnel - ok 14:06:22.0088 2780 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 14:06:22.0088 2780 uagp35 - ok 14:06:22.0151 2780 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 14:06:22.0151 2780 udfs - ok 14:06:22.0213 2780 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 14:06:22.0213 2780 UI0Detect - ok 14:06:22.0260 2780 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 14:06:22.0276 2780 uliagpkx - ok 14:06:22.0307 2780 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 14:06:22.0307 2780 umbus - ok 14:06:22.0354 2780 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 14:06:22.0354 2780 UmPass - ok 14:06:22.0401 2780 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll 14:06:22.0416 2780 UmRdpService - ok 14:06:22.0479 2780 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 14:06:22.0495 2780 upnphost - ok 14:06:22.0541 2780 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 14:06:22.0541 2780 usbaudio - ok 14:06:22.0620 2780 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys 14:06:22.0635 2780 usbccgp - ok 14:06:22.0682 2780 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 14:06:22.0682 2780 usbcir - ok 14:06:22.0729 2780 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys 14:06:22.0729 2780 usbehci - ok 14:06:22.0791 2780 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys 14:06:22.0807 2780 usbhub - ok 14:06:22.0838 2780 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys 14:06:22.0838 2780 usbohci - ok 14:06:22.0916 2780 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 14:06:22.0916 2780 usbprint - ok 14:06:22.0963 2780 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 14:06:22.0963 2780 usbscan - ok 14:06:23.0010 2780 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:06:23.0010 2780 USBSTOR - ok 14:06:23.0041 2780 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys 14:06:23.0041 2780 usbuhci - ok 14:06:23.0088 2780 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys 14:06:23.0088 2780 usb_rndisx - ok 14:06:23.0120 2780 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 14:06:23.0135 2780 UxSms - ok 14:06:23.0182 2780 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:06:23.0182 2780 VaultSvc - ok 14:06:23.0229 2780 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 14:06:23.0229 2780 vdrvroot - ok 14:06:23.0291 2780 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe 14:06:23.0307 2780 vds - ok 14:06:23.0370 2780 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 14:06:23.0370 2780 vga - ok 14:06:23.0401 2780 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 14:06:23.0401 2780 VgaSave - ok 14:06:23.0448 2780 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 14:06:23.0448 2780 vhdmp - ok 14:06:23.0495 2780 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 14:06:23.0495 2780 viaagp - ok 14:06:23.0526 2780 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 14:06:23.0526 2780 ViaC7 - ok 14:06:23.0573 2780 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 14:06:23.0573 2780 viaide - ok 14:06:23.0635 2780 VIAudio (178a48f413453c99a59a7d3eb5f23524) C:\Windows\system32\drivers\ac97via.sys 14:06:23.0635 2780 VIAudio - ok 14:06:23.0713 2780 videX32 (4cc623591204acd5fc89bd0dad70e838) C:\Windows\system32\DRIVERS\videX32.sys 14:06:23.0713 2780 videX32 - ok 14:06:23.0776 2780 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 14:06:23.0776 2780 vmbus - ok 14:06:23.0807 2780 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 14:06:23.0823 2780 VMBusHID - ok 14:06:23.0854 2780 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 14:06:23.0854 2780 volmgr - ok 14:06:23.0901 2780 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 14:06:23.0916 2780 volmgrx - ok 14:06:23.0963 2780 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 14:06:23.0963 2780 volsnap - ok 14:06:24.0026 2780 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 14:06:24.0026 2780 vsmraid - ok 14:06:24.0104 2780 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe 14:06:24.0151 2780 VSS - ok 14:06:24.0182 2780 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 14:06:24.0182 2780 vwifibus - ok 14:06:24.0213 2780 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 14:06:24.0229 2780 W32Time - ok 14:06:24.0276 2780 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 14:06:24.0276 2780 WacomPen - ok 14:06:24.0323 2780 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 14:06:24.0323 2780 WANARP - ok 14:06:24.0338 2780 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 14:06:24.0338 2780 Wanarpv6 - ok 14:06:24.0463 2780 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe 14:06:24.0495 2780 wbengine - ok 14:06:24.0526 2780 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 14:06:24.0541 2780 WbioSrvc - ok 14:06:24.0635 2780 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll 14:06:24.0666 2780 WcesComm - ok 14:06:24.0729 2780 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll 14:06:24.0745 2780 wcncsvc - ok 14:06:24.0791 2780 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 14:06:24.0791 2780 WcsPlugInService - ok 14:06:24.0854 2780 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 14:06:24.0854 2780 Wd - ok 14:06:24.0901 2780 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 14:06:24.0916 2780 Wdf01000 - ok 14:06:24.0948 2780 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:06:24.0963 2780 WdiServiceHost - ok 14:06:24.0979 2780 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:06:24.0979 2780 WdiSystemHost - ok 14:06:25.0041 2780 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll 14:06:25.0057 2780 WebClient - ok 14:06:25.0104 2780 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 14:06:25.0120 2780 Wecsvc - ok 14:06:25.0151 2780 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 14:06:25.0151 2780 wercplsupport - ok 14:06:25.0198 2780 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 14:06:25.0213 2780 WerSvc - ok 14:06:25.0245 2780 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 14:06:25.0260 2780 WfpLwf - ok 14:06:25.0291 2780 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 14:06:25.0291 2780 WIMMount - ok 14:06:25.0416 2780 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 14:06:25.0463 2780 WinDefend - ok 14:06:25.0495 2780 WinHttpAutoProxySvc - ok 14:06:25.0573 2780 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 14:06:25.0573 2780 Winmgmt - ok 14:06:25.0682 2780 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll 14:06:25.0729 2780 WinRM - ok 14:06:25.0823 2780 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 14:06:25.0823 2780 WinUsb - ok 14:06:25.0932 2780 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 14:06:25.0963 2780 Wlansvc - ok 14:06:26.0010 2780 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 14:06:26.0010 2780 WmiAcpi - ok 14:06:26.0104 2780 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 14:06:26.0104 2780 wmiApSrv - ok 14:06:26.0229 2780 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:06:26.0260 2780 WMPNetworkSvc - ok 14:06:26.0307 2780 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 14:06:26.0307 2780 WPCSvc - ok 14:06:26.0338 2780 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll 14:06:26.0354 2780 WPDBusEnum - ok 14:06:26.0416 2780 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 14:06:26.0416 2780 ws2ifsl - ok 14:06:26.0495 2780 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll 14:06:26.0495 2780 wscsvc - ok 14:06:26.0510 2780 WSearch - ok 14:06:26.0666 2780 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll 14:06:26.0745 2780 wuauserv - ok 14:06:26.0901 2780 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 14:06:26.0916 2780 WudfPf - ok 14:06:26.0948 2780 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:06:26.0963 2780 WUDFRd - ok 14:06:27.0010 2780 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll 14:06:27.0026 2780 wudfsvc - ok 14:06:27.0073 2780 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 14:06:27.0073 2780 WwanSvc - ok 14:06:27.0151 2780 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:06:27.0338 2780 \Device\Harddisk0\DR0 - ok 14:06:27.0354 2780 Boot (0x1200) (ee0c681314dcc65034529cfcef5cbcd1) \Device\Harddisk0\DR0\Partition0 14:06:27.0354 2780 \Device\Harddisk0\DR0\Partition0 - ok 14:06:27.0354 2780 ============================================================ 14:06:27.0354 2780 Scan finished 14:06:27.0354 2780 ============================================================ 14:06:27.0385 1948 Detected object count: 0 14:06:27.0385 1948 Actual detected object count: 0 14:07:18.0323 3620 ============================================================ 14:07:18.0323 3620 Scan started 14:07:18.0323 3620 Mode: Manual; 14:07:18.0323 3620 ============================================================ 14:07:18.0495 3620 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 14:07:18.0495 3620 1394ohci - ok 14:07:18.0541 3620 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 14:07:18.0557 3620 ACPI - ok 14:07:18.0573 3620 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 14:07:18.0588 3620 AcpiPmi - ok 14:07:18.0666 3620 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 14:07:18.0666 3620 AdobeARMservice - ok 14:07:18.0745 3620 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:07:18.0760 3620 AdobeFlashPlayerUpdateSvc - ok 14:07:18.0854 3620 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 14:07:18.0854 3620 adp94xx - ok 14:07:18.0916 3620 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 14:07:18.0916 3620 adpahci - ok 14:07:18.0979 3620 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 14:07:18.0979 3620 adpu320 - ok 14:07:19.0026 3620 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 14:07:19.0041 3620 AeLookupSvc - ok 14:07:19.0135 3620 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 14:07:19.0135 3620 AFD - ok 14:07:19.0166 3620 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 14:07:19.0182 3620 agp440 - ok 14:07:19.0198 3620 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 14:07:19.0198 3620 aic78xx - ok 14:07:19.0260 3620 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 14:07:19.0260 3620 ALG - ok 14:07:19.0291 3620 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 14:07:19.0291 3620 aliide - ok 14:07:19.0323 3620 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 14:07:19.0323 3620 amdagp - ok 14:07:19.0354 3620 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 14:07:19.0354 3620 amdide - ok 14:07:19.0385 3620 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 14:07:19.0385 3620 AmdK8 - ok 14:07:19.0416 3620 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 14:07:19.0416 3620 AmdPPM - ok 14:07:19.0479 3620 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 14:07:19.0479 3620 amdsata - ok 14:07:19.0526 3620 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 14:07:19.0526 3620 amdsbs - ok 14:07:19.0557 3620 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 14:07:19.0557 3620 amdxata - ok 14:07:19.0666 3620 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe 14:07:19.0666 3620 AntiVirSchedulerService - ok 14:07:19.0713 3620 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 14:07:19.0713 3620 AntiVirService - ok 14:07:19.0791 3620 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 14:07:19.0791 3620 AppID - ok 14:07:19.0838 3620 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 14:07:19.0838 3620 AppIDSvc - ok 14:07:19.0854 3620 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll 14:07:19.0870 3620 Appinfo - ok 14:07:19.0916 3620 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 14:07:19.0932 3620 AppMgmt - ok 14:07:19.0979 3620 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 14:07:19.0979 3620 arc - ok 14:07:20.0010 3620 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 14:07:20.0010 3620 arcsas - ok 14:07:20.0041 3620 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 14:07:20.0041 3620 AsyncMac - ok 14:07:20.0057 3620 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 14:07:20.0057 3620 atapi - ok 14:07:20.0120 3620 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 14:07:20.0135 3620 AudioEndpointBuilder - ok 14:07:20.0151 3620 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll 14:07:20.0166 3620 Audiosrv - ok 14:07:20.0198 3620 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys 14:07:20.0198 3620 avgntflt - ok 14:07:20.0229 3620 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys 14:07:20.0229 3620 avipbb - ok 14:07:20.0260 3620 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 14:07:20.0260 3620 avkmgr - ok 14:07:20.0307 3620 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll 14:07:20.0307 3620 AxInstSV - ok 14:07:20.0370 3620 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 14:07:20.0385 3620 b06bdrv - ok 14:07:20.0432 3620 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 14:07:20.0432 3620 b57nd60x - ok 14:07:20.0479 3620 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 14:07:20.0479 3620 BDESVC - ok 14:07:20.0526 3620 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 14:07:20.0526 3620 Beep - ok 14:07:20.0588 3620 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll 14:07:20.0604 3620 BFE - ok 14:07:20.0682 3620 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll 14:07:20.0682 3620 BITS - ok 14:07:20.0729 3620 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 14:07:20.0729 3620 blbdrive - ok 14:07:20.0776 3620 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 14:07:20.0776 3620 bowser - ok 14:07:20.0807 3620 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:07:20.0807 3620 BrFiltLo - ok 14:07:20.0854 3620 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:07:20.0854 3620 BrFiltUp - ok 14:07:20.0885 3620 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 14:07:20.0885 3620 BridgeMP - ok 14:07:20.0916 3620 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll 14:07:20.0932 3620 Browser - ok 14:07:20.0979 3620 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 14:07:20.0979 3620 Brserid - ok 14:07:21.0010 3620 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 14:07:21.0010 3620 BrSerWdm - ok 14:07:21.0041 3620 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:07:21.0041 3620 BrUsbMdm - ok 14:07:21.0073 3620 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 14:07:21.0073 3620 BrUsbSer - ok 14:07:21.0104 3620 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 14:07:21.0104 3620 BTHMODEM - ok 14:07:21.0166 3620 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 14:07:21.0166 3620 bthserv - ok 14:07:21.0276 3620 catchme - ok 14:07:21.0323 3620 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 14:07:21.0323 3620 cdfs - ok 14:07:21.0354 3620 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 14:07:21.0354 3620 cdrom - ok 14:07:21.0385 3620 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 14:07:21.0401 3620 CertPropSvc - ok 14:07:21.0448 3620 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 14:07:21.0448 3620 circlass - ok 14:07:21.0495 3620 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 14:07:21.0495 3620 CLFS - ok 14:07:21.0557 3620 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:07:21.0557 3620 clr_optimization_v2.0.50727_32 - ok 14:07:21.0604 3620 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 14:07:21.0604 3620 CmBatt - ok 14:07:21.0620 3620 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 14:07:21.0635 3620 cmdide - ok 14:07:21.0682 3620 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys 14:07:21.0698 3620 CNG - ok 14:07:21.0729 3620 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 14:07:21.0729 3620 Compbatt - ok 14:07:21.0760 3620 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 14:07:21.0760 3620 CompositeBus - ok 14:07:21.0791 3620 COMSysApp - ok 14:07:21.0807 3620 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 14:07:21.0807 3620 crcdisk - ok 14:07:21.0854 3620 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll 14:07:21.0870 3620 CryptSvc - ok 14:07:21.0916 3620 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 14:07:21.0932 3620 CSC - ok 14:07:21.0995 3620 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll 14:07:21.0995 3620 CscService - ok 14:07:22.0073 3620 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 14:07:22.0073 3620 DcomLaunch - ok 14:07:22.0135 3620 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 14:07:22.0135 3620 defragsvc - ok 14:07:22.0198 3620 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 14:07:22.0198 3620 DfsC - ok 14:07:22.0245 3620 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll 14:07:22.0260 3620 Dhcp - ok 14:07:22.0291 3620 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 14:07:22.0291 3620 discache - ok 14:07:22.0323 3620 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 14:07:22.0323 3620 Disk - ok 14:07:22.0385 3620 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll 14:07:22.0385 3620 Dnscache - ok 14:07:22.0448 3620 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll 14:07:22.0448 3620 dot3svc - ok 14:07:22.0479 3620 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll 14:07:22.0495 3620 DPS - ok 14:07:22.0541 3620 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 14:07:22.0541 3620 drmkaud - ok 14:07:22.0651 3620 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 14:07:22.0651 3620 DXGKrnl - ok 14:07:22.0713 3620 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 14:07:22.0713 3620 EapHost - ok 14:07:22.0916 3620 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 14:07:22.0932 3620 ebdrv - ok 14:07:23.0073 3620 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe 14:07:23.0073 3620 EFS - ok 14:07:23.0182 3620 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe 14:07:23.0198 3620 ehRecvr - ok 14:07:23.0245 3620 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 14:07:23.0245 3620 ehSched - ok 14:07:23.0323 3620 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 14:07:23.0338 3620 elxstor - ok 14:07:23.0370 3620 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 14:07:23.0370 3620 ErrDev - ok 14:07:23.0448 3620 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 14:07:23.0448 3620 EventSystem - ok 14:07:23.0495 3620 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 14:07:23.0495 3620 exfat - ok 14:07:23.0526 3620 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 14:07:23.0541 3620 fastfat - ok 14:07:23.0666 3620 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe 14:07:23.0666 3620 Fax - ok 14:07:23.0745 3620 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 14:07:23.0745 3620 fdc - ok 14:07:23.0791 3620 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 14:07:23.0791 3620 fdPHost - ok 14:07:23.0823 3620 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 14:07:23.0823 3620 FDResPub - ok 14:07:23.0854 3620 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys 14:07:23.0854 3620 FETNDIS - ok 14:07:23.0885 3620 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 14:07:23.0901 3620 FileInfo - ok 14:07:23.0916 3620 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 14:07:23.0916 3620 Filetrace - ok 14:07:23.0979 3620 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 14:07:23.0979 3620 flpydisk - ok 14:07:24.0026 3620 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 14:07:24.0026 3620 FltMgr - ok 14:07:24.0120 3620 FontCache (151258fc2ec8c48bdf8a53350ae0a676) C:\Windows\system32\FntCache.dll 14:07:24.0135 3620 FontCache - ok 14:07:24.0229 3620 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:07:24.0245 3620 FontCache3.0.0.0 - ok 14:07:24.0276 3620 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 14:07:24.0276 3620 FsDepends - ok 14:07:24.0323 3620 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys 14:07:24.0323 3620 Fs_Rec - ok 14:07:24.0385 3620 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 14:07:24.0385 3620 fvevol - ok 14:07:24.0432 3620 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:07:24.0432 3620 gagp30kx - ok 14:07:24.0495 3620 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll 14:07:24.0510 3620 gpsvc - ok 14:07:24.0557 3620 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 14:07:24.0557 3620 hcw85cir - ok 14:07:24.0588 3620 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:07:24.0588 3620 HDAudBus - ok 14:07:24.0620 3620 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 14:07:24.0620 3620 HidBatt - ok 14:07:24.0651 3620 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 14:07:24.0651 3620 HidBth - ok 14:07:24.0698 3620 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 14:07:24.0698 3620 HidIr - ok 14:07:24.0729 3620 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 14:07:24.0729 3620 hidserv - ok 14:07:24.0776 3620 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 14:07:24.0776 3620 HidUsb - ok 14:07:24.0823 3620 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll 14:07:24.0823 3620 hkmsvc - ok 14:07:24.0870 3620 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll 14:07:24.0870 3620 HomeGroupListener - ok 14:07:24.0916 3620 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll 14:07:24.0932 3620 HomeGroupProvider - ok 14:07:24.0979 3620 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 14:07:24.0979 3620 HpSAMD - ok 14:07:25.0041 3620 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 14:07:25.0041 3620 HTTP - ok 14:07:25.0073 3620 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 14:07:25.0073 3620 hwpolicy - ok 14:07:25.0120 3620 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 14:07:25.0120 3620 i8042prt - ok 14:07:25.0198 3620 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 14:07:25.0198 3620 iaStorV - ok 14:07:25.0338 3620 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:07:25.0354 3620 idsvc - ok 14:07:25.0401 3620 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 14:07:25.0401 3620 iirsp - ok 14:07:25.0479 3620 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll 14:07:25.0479 3620 IKEEXT - ok 14:07:25.0526 3620 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 14:07:25.0526 3620 intelide - ok 14:07:25.0573 3620 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 14:07:25.0573 3620 intelppm - ok 14:07:25.0604 3620 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 14:07:25.0604 3620 IPBusEnum - ok 14:07:25.0635 3620 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:07:25.0635 3620 IpFilterDriver - ok 14:07:25.0713 3620 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll 14:07:25.0713 3620 iphlpsvc - ok 14:07:25.0760 3620 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 14:07:25.0760 3620 IPMIDRV - ok 14:07:25.0791 3620 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 14:07:25.0791 3620 IPNAT - ok 14:07:25.0823 3620 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 14:07:25.0823 3620 IRENUM - ok 14:07:25.0854 3620 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 14:07:25.0870 3620 isapnp - ok 14:07:25.0901 3620 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 14:07:25.0916 3620 iScsiPrt - ok 14:07:25.0995 3620 ISODrive (3ff410ccffcc6a25f33080b8f6e345cd) C:\Program Files\UltraISO\drivers\ISODrive.sys 14:07:25.0995 3620 ISODrive - ok 14:07:26.0041 3620 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:07:26.0041 3620 kbdclass - ok 14:07:26.0088 3620 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 14:07:26.0088 3620 kbdhid - ok 14:07:26.0135 3620 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:07:26.0135 3620 KeyIso - ok 14:07:26.0182 3620 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys 14:07:26.0182 3620 KMWDFILTERx86 - ok 14:07:26.0245 3620 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys 14:07:26.0245 3620 KSecDD - ok 14:07:26.0307 3620 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys 14:07:26.0307 3620 KSecPkg - ok 14:07:26.0370 3620 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 14:07:26.0385 3620 KtmRm - ok 14:07:26.0432 3620 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll 14:07:26.0448 3620 LanmanServer - ok 14:07:26.0479 3620 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll 14:07:26.0495 3620 LanmanWorkstation - ok 14:07:26.0541 3620 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 14:07:26.0541 3620 lltdio - ok 14:07:26.0588 3620 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 14:07:26.0588 3620 lltdsvc - ok 14:07:26.0635 3620 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 14:07:26.0635 3620 lmhosts - ok 14:07:26.0682 3620 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:07:26.0682 3620 LSI_FC - ok 14:07:26.0729 3620 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:07:26.0729 3620 LSI_SAS - ok 14:07:26.0760 3620 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:07:26.0760 3620 LSI_SAS2 - ok 14:07:26.0791 3620 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:07:26.0791 3620 LSI_SCSI - ok 14:07:26.0838 3620 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 14:07:26.0838 3620 luafv - ok 14:07:26.0885 3620 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll 14:07:26.0885 3620 Mcx2Svc - ok 14:07:26.0916 3620 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 14:07:26.0916 3620 megasas - ok 14:07:26.0963 3620 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 14:07:26.0963 3620 MegaSR - ok 14:07:27.0010 3620 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:07:27.0026 3620 MMCSS - ok 14:07:27.0057 3620 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 14:07:27.0057 3620 Modem - ok 14:07:27.0088 3620 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 14:07:27.0104 3620 monitor - ok 14:07:27.0135 3620 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 14:07:27.0135 3620 mouclass - ok 14:07:27.0166 3620 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 14:07:27.0166 3620 mouhid - ok 14:07:27.0182 3620 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 14:07:27.0198 3620 mountmgr - ok 14:07:27.0276 3620 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:07:27.0276 3620 MozillaMaintenance - ok 14:07:27.0323 3620 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 14:07:27.0323 3620 mpio - ok 14:07:27.0354 3620 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 14:07:27.0354 3620 mpsdrv - ok 14:07:27.0416 3620 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll 14:07:27.0432 3620 MpsSvc - ok 14:07:27.0463 3620 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 14:07:27.0479 3620 MRxDAV - ok 14:07:27.0510 3620 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:07:27.0526 3620 mrxsmb - ok 14:07:27.0557 3620 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:07:27.0573 3620 mrxsmb10 - ok 14:07:27.0588 3620 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:07:27.0604 3620 mrxsmb20 - ok 14:07:27.0635 3620 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 14:07:27.0635 3620 msahci - ok 14:07:27.0666 3620 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 14:07:27.0666 3620 msdsm - ok 14:07:27.0713 3620 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 14:07:27.0729 3620 MSDTC - ok 14:07:27.0776 3620 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 14:07:27.0776 3620 Msfs - ok 14:07:27.0791 3620 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 14:07:27.0791 3620 mshidkmdf - ok 14:07:27.0823 3620 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 14:07:27.0823 3620 msisadrv - ok 14:07:27.0870 3620 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 14:07:27.0870 3620 MSiSCSI - ok 14:07:27.0901 3620 msiserver - ok 14:07:27.0932 3620 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 14:07:27.0932 3620 MSKSSRV - ok 14:07:27.0979 3620 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 14:07:27.0979 3620 MSPCLOCK - ok 14:07:27.0995 3620 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 14:07:27.0995 3620 MSPQM - ok 14:07:28.0026 3620 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 14:07:28.0041 3620 MsRPC - ok 14:07:28.0073 3620 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 14:07:28.0088 3620 mssmbios - ok 14:07:28.0120 3620 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 14:07:28.0120 3620 MSTEE - ok 14:07:28.0135 3620 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 14:07:28.0151 3620 MTConfig - ok 14:07:28.0198 3620 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 14:07:28.0198 3620 Mup - ok 14:07:28.0260 3620 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll 14:07:28.0260 3620 napagent - ok 14:07:28.0307 3620 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 14:07:28.0323 3620 NativeWifiP - ok 14:07:28.0385 3620 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 14:07:28.0385 3620 NDIS - ok 14:07:28.0416 3620 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 14:07:28.0416 3620 NdisCap - ok 14:07:28.0448 3620 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 14:07:28.0448 3620 NdisTapi - ok 14:07:28.0495 3620 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 14:07:28.0495 3620 Ndisuio - ok 14:07:28.0526 3620 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 14:07:28.0526 3620 NdisWan - ok 14:07:28.0557 3620 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 14:07:28.0557 3620 NDProxy - ok 14:07:28.0588 3620 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 14:07:28.0588 3620 NetBIOS - ok 14:07:28.0635 3620 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 14:07:28.0651 3620 NetBT - ok 14:07:28.0698 3620 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:07:28.0698 3620 Netlogon - ok 14:07:28.0760 3620 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 14:07:28.0760 3620 Netman - ok 14:07:28.0807 3620 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 14:07:28.0823 3620 netprofm - ok 14:07:28.0916 3620 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:07:28.0916 3620 NetTcpPortSharing - ok 14:07:28.0963 3620 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 14:07:28.0963 3620 nfrd960 - ok 14:07:29.0026 3620 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll 14:07:29.0026 3620 NlaSvc - ok 14:07:29.0057 3620 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 14:07:29.0057 3620 Npfs - ok 14:07:29.0088 3620 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 14:07:29.0088 3620 nsi - ok 14:07:29.0135 3620 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 14:07:29.0135 3620 nsiproxy - ok 14:07:29.0245 3620 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 14:07:29.0260 3620 Ntfs - ok 14:07:29.0307 3620 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 14:07:29.0307 3620 Null - ok 14:07:29.0541 3620 nvlddmkm (d37174e8014da46be1a81e7b02237ac0) C:\Windows\system32\DRIVERS\nvlddmkm.sys 14:07:29.0588 3620 nvlddmkm - ok 14:07:29.0745 3620 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 14:07:29.0745 3620 nvraid - ok 14:07:29.0776 3620 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 14:07:29.0776 3620 nvstor - ok 14:07:29.0838 3620 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 14:07:29.0838 3620 nv_agp - ok 14:07:29.0870 3620 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 14:07:29.0870 3620 ohci1394 - ok 14:07:29.0932 3620 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:07:29.0932 3620 p2pimsvc - ok 14:07:29.0995 3620 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 14:07:29.0995 3620 p2psvc - ok 14:07:30.0041 3620 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 14:07:30.0041 3620 Parport - ok 14:07:30.0088 3620 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys 14:07:30.0088 3620 partmgr - ok 14:07:30.0135 3620 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 14:07:30.0135 3620 Parvdm - ok 14:07:30.0182 3620 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 14:07:30.0182 3620 PcaSvc - ok 14:07:30.0245 3620 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 14:07:30.0245 3620 pci - ok 14:07:30.0276 3620 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 14:07:30.0276 3620 pciide - ok 14:07:30.0323 3620 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 14:07:30.0323 3620 pcmcia - ok 14:07:30.0354 3620 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 14:07:30.0354 3620 pcw - ok 14:07:30.0432 3620 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 14:07:30.0432 3620 PEAUTH - ok 14:07:30.0526 3620 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 14:07:30.0541 3620 PeerDistSvc - ok 14:07:30.0682 3620 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll 14:07:30.0713 3620 pla - ok 14:07:30.0916 3620 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll 14:07:30.0948 3620 PlugPlay - ok 14:07:31.0010 3620 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 14:07:31.0010 3620 PNRPAutoReg - ok 14:07:31.0073 3620 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:07:31.0073 3620 PNRPsvc - ok 14:07:31.0151 3620 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll 14:07:31.0151 3620 PolicyAgent - ok 14:07:31.0213 3620 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll 14:07:31.0213 3620 Power - ok 14:07:31.0276 3620 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 14:07:31.0276 3620 PptpMiniport - ok 14:07:31.0323 3620 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 14:07:31.0323 3620 Processor - ok 14:07:31.0370 3620 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll 14:07:31.0370 3620 ProfSvc - ok 14:07:31.0416 3620 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:07:31.0416 3620 ProtectedStorage - ok 14:07:31.0463 3620 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 14:07:31.0463 3620 Psched - ok 14:07:31.0573 3620 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 14:07:31.0588 3620 ql2300 - ok 14:07:31.0745 3620 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 14:07:31.0745 3620 ql40xx - ok 14:07:31.0807 3620 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 14:07:31.0807 3620 QWAVE - ok 14:07:31.0870 3620 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 14:07:31.0870 3620 QWAVEdrv - ok 14:07:31.0932 3620 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll 14:07:31.0948 3620 RapiMgr - ok 14:07:31.0979 3620 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 14:07:31.0979 3620 RasAcd - ok 14:07:32.0010 3620 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:07:32.0026 3620 RasAgileVpn - ok 14:07:32.0073 3620 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 14:07:32.0073 3620 RasAuto - ok 14:07:32.0104 3620 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:07:32.0104 3620 Rasl2tp - ok 14:07:32.0151 3620 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll 14:07:32.0166 3620 RasMan - ok 14:07:32.0213 3620 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 14:07:32.0213 3620 RasPppoe - ok 14:07:32.0245 3620 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 14:07:32.0245 3620 RasSstp - ok 14:07:32.0291 3620 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 14:07:32.0307 3620 rdbss - ok 14:07:32.0338 3620 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 14:07:32.0338 3620 rdpbus - ok 14:07:32.0370 3620 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:07:32.0370 3620 RDPCDD - ok 14:07:32.0416 3620 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 14:07:32.0432 3620 RDPDR - ok 14:07:32.0448 3620 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 14:07:32.0448 3620 RDPENCDD - ok 14:07:32.0495 3620 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 14:07:32.0495 3620 RDPREFMP - ok 14:07:32.0541 3620 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys 14:07:32.0541 3620 RDPWD - ok 14:07:32.0588 3620 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 14:07:32.0588 3620 rdyboost - ok 14:07:32.0635 3620 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 14:07:32.0635 3620 RemoteAccess - ok 14:07:32.0682 3620 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 14:07:32.0682 3620 RemoteRegistry - ok 14:07:32.0713 3620 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 14:07:32.0713 3620 RpcEptMapper - ok 14:07:32.0760 3620 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 14:07:32.0760 3620 RpcLocator - ok 14:07:32.0823 3620 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll 14:07:32.0838 3620 RpcSs - ok 14:07:32.0870 3620 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 14:07:32.0870 3620 rspndr - ok 14:07:32.0916 3620 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 14:07:32.0916 3620 s3cap - ok 14:07:32.0963 3620 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:07:32.0963 3620 SamSs - ok 14:07:32.0995 3620 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 14:07:32.0995 3620 sbp2port - ok 14:07:33.0041 3620 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 14:07:33.0057 3620 SCardSvr - ok 14:07:33.0088 3620 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 14:07:33.0088 3620 scfilter - ok 14:07:33.0182 3620 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll 14:07:33.0182 3620 Schedule - ok 14:07:33.0229 3620 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll 14:07:33.0229 3620 SCPolicySvc - ok 14:07:33.0276 3620 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll 14:07:33.0291 3620 SDRSVC - ok 14:07:33.0323 3620 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:07:33.0338 3620 secdrv - ok 14:07:33.0385 3620 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 14:07:33.0385 3620 seclogon - ok 14:07:33.0416 3620 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 14:07:33.0416 3620 SENS - ok 14:07:33.0479 3620 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 14:07:33.0495 3620 SensrSvc - ok 14:07:33.0510 3620 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 14:07:33.0510 3620 Serenum - ok 14:07:33.0573 3620 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 14:07:33.0573 3620 Serial - ok 14:07:33.0604 3620 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 14:07:33.0604 3620 sermouse - ok 14:07:33.0698 3620 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll 14:07:33.0698 3620 SessionEnv - ok 14:07:33.0745 3620 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 14:07:33.0745 3620 sffdisk - ok 14:07:33.0776 3620 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 14:07:33.0776 3620 sffp_mmc - ok 14:07:33.0791 3620 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 14:07:33.0791 3620 sffp_sd - ok 14:07:33.0823 3620 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 14:07:33.0823 3620 sfloppy - ok 14:07:33.0885 3620 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 14:07:33.0885 3620 SharedAccess - ok 14:07:33.0948 3620 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll 14:07:33.0948 3620 ShellHWDetection - ok 14:07:33.0995 3620 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:07:33.0995 3620 SiSRaid2 - ok 14:07:34.0026 3620 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 14:07:34.0026 3620 SiSRaid4 - ok 14:07:34.0120 3620 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files\Skype\Updater\Updater.exe 14:07:34.0120 3620 SkypeUpdate - ok 14:07:34.0166 3620 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 14:07:34.0166 3620 Smb - ok 14:07:34.0229 3620 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 14:07:34.0229 3620 SNMPTRAP - ok 14:07:34.0807 3620 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys 14:07:34.0916 3620 SNPSTD3 - ok 14:07:35.0057 3620 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 14:07:35.0057 3620 spldr - ok 14:07:35.0135 3620 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe 14:07:35.0135 3620 Spooler - ok 14:07:35.0338 3620 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe 14:07:35.0370 3620 sppsvc - ok 14:07:35.0495 3620 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll 14:07:35.0495 3620 sppuinotify - ok 14:07:35.0573 3620 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 14:07:35.0573 3620 srv - ok 14:07:35.0635 3620 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 14:07:35.0635 3620 srv2 - ok 14:07:35.0682 3620 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 14:07:35.0682 3620 srvnet - ok 14:07:35.0729 3620 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 14:07:35.0729 3620 SSDPSRV - ok 14:07:35.0776 3620 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 14:07:35.0776 3620 ssmdrv - ok 14:07:35.0823 3620 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 14:07:35.0823 3620 SstpSvc - ok 14:07:35.0870 3620 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 14:07:35.0870 3620 stexstor - ok 14:07:35.0932 3620 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll 14:07:35.0948 3620 StiSvc - ok 14:07:35.0979 3620 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 14:07:35.0979 3620 storflt - ok 14:07:36.0057 3620 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 14:07:36.0057 3620 storvsc - ok 14:07:36.0104 3620 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 14:07:36.0104 3620 swenum - ok 14:07:36.0166 3620 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 14:07:36.0166 3620 swprv - ok 14:07:36.0307 3620 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll 14:07:36.0323 3620 SysMain - ok 14:07:36.0354 3620 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll 14:07:36.0370 3620 TabletInputService - ok 14:07:36.0416 3620 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll 14:07:36.0432 3620 TapiSrv - ok 14:07:36.0463 3620 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 14:07:36.0479 3620 TBS - ok 14:07:36.0620 3620 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys 14:07:36.0635 3620 Tcpip - ok 14:07:36.0666 3620 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys 14:07:36.0682 3620 TCPIP6 - ok 14:07:36.0745 3620 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 14:07:36.0745 3620 tcpipreg - ok 14:07:36.0776 3620 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 14:07:36.0776 3620 TDPIPE - ok 14:07:36.0823 3620 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys 14:07:36.0823 3620 TDTCP - ok 14:07:36.0854 3620 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 14:07:36.0854 3620 tdx - ok 14:07:37.0088 3620 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe 14:07:37.0135 3620 TeamViewer7 - ok 14:07:37.0338 3620 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 14:07:37.0338 3620 TermDD - ok 14:07:37.0416 3620 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll 14:07:37.0416 3620 TermService - ok 14:07:37.0448 3620 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 14:07:37.0463 3620 Themes - ok 14:07:37.0510 3620 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:07:37.0510 3620 THREADORDER - ok 14:07:37.0557 3620 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 14:07:37.0557 3620 TrkWks - ok 14:07:37.0635 3620 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe 14:07:37.0651 3620 TrustedInstaller - ok 14:07:37.0682 3620 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:07:37.0682 3620 tssecsrv - ok 14:07:37.0713 3620 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 14:07:37.0713 3620 tunnel - ok 14:07:37.0760 3620 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 14:07:37.0760 3620 uagp35 - ok 14:07:37.0807 3620 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 14:07:37.0823 3620 udfs - ok 14:07:37.0870 3620 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 14:07:37.0885 3620 UI0Detect - ok 14:07:37.0916 3620 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 14:07:37.0916 3620 uliagpkx - ok 14:07:37.0963 3620 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 14:07:37.0963 3620 umbus - ok 14:07:37.0979 3620 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 14:07:37.0979 3620 UmPass - ok 14:07:38.0026 3620 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll 14:07:38.0026 3620 UmRdpService - ok 14:07:38.0104 3620 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 14:07:38.0120 3620 upnphost - ok 14:07:38.0213 3620 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 14:07:38.0213 3620 usbaudio - ok 14:07:38.0276 3620 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys 14:07:38.0276 3620 usbccgp - ok 14:07:38.0323 3620 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 14:07:38.0323 3620 usbcir - ok 14:07:38.0370 3620 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys 14:07:38.0370 3620 usbehci - ok 14:07:38.0432 3620 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys 14:07:38.0432 3620 usbhub - ok 14:07:38.0448 3620 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys 14:07:38.0463 3620 usbohci - ok 14:07:38.0495 3620 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 14:07:38.0495 3620 usbprint - ok 14:07:38.0526 3620 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 14:07:38.0526 3620 usbscan - ok 14:07:38.0588 3620 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:07:38.0588 3620 USBSTOR - ok 14:07:38.0620 3620 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys 14:07:38.0620 3620 usbuhci - ok 14:07:38.0666 3620 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys 14:07:38.0666 3620 usb_rndisx - ok 14:07:38.0713 3620 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 14:07:38.0713 3620 UxSms - ok 14:07:38.0760 3620 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe 14:07:38.0760 3620 VaultSvc - ok 14:07:38.0807 3620 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 14:07:38.0807 3620 vdrvroot - ok 14:07:38.0885 3620 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe 14:07:38.0885 3620 vds - ok 14:07:38.0932 3620 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 14:07:38.0932 3620 vga - ok 14:07:38.0963 3620 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 14:07:38.0963 3620 VgaSave - ok 14:07:38.0995 3620 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 14:07:38.0995 3620 vhdmp - ok 14:07:39.0041 3620 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 14:07:39.0041 3620 viaagp - ok 14:07:39.0073 3620 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 14:07:39.0073 3620 ViaC7 - ok 14:07:39.0104 3620 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 14:07:39.0104 3620 viaide - ok 14:07:39.0151 3620 VIAudio (178a48f413453c99a59a7d3eb5f23524) C:\Windows\system32\drivers\ac97via.sys 14:07:39.0151 3620 VIAudio - ok 14:07:39.0198 3620 videX32 (4cc623591204acd5fc89bd0dad70e838) C:\Windows\system32\DRIVERS\videX32.sys 14:07:39.0198 3620 videX32 - ok 14:07:39.0245 3620 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 14:07:39.0260 3620 vmbus - ok 14:07:39.0291 3620 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 14:07:39.0291 3620 VMBusHID - ok 14:07:39.0323 3620 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 14:07:39.0323 3620 volmgr - ok 14:07:39.0370 3620 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 14:07:39.0370 3620 volmgrx - ok 14:07:39.0416 3620 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 14:07:39.0432 3620 volsnap - ok 14:07:39.0463 3620 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 14:07:39.0463 3620 vsmraid - ok 14:07:39.0557 3620 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe 14:07:39.0573 3620 VSS - ok 14:07:39.0588 3620 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 14:07:39.0604 3620 vwifibus - ok 14:07:39.0651 3620 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 14:07:39.0651 3620 W32Time - ok 14:07:39.0698 3620 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 14:07:39.0698 3620 WacomPen - ok 14:07:39.0729 3620 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 14:07:39.0729 3620 WANARP - ok 14:07:39.0745 3620 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 14:07:39.0745 3620 Wanarpv6 - ok 14:07:39.0916 3620 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe 14:07:39.0932 3620 wbengine - ok 14:07:39.0979 3620 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 14:07:39.0995 3620 WbioSrvc - ok 14:07:40.0057 3620 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll 14:07:40.0057 3620 WcesComm - ok 14:07:40.0120 3620 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll 14:07:40.0135 3620 wcncsvc - ok 14:07:40.0166 3620 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 14:07:40.0182 3620 WcsPlugInService - ok 14:07:40.0229 3620 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 14:07:40.0229 3620 Wd - ok 14:07:40.0291 3620 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 14:07:40.0291 3620 Wdf01000 - ok 14:07:40.0323 3620 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:07:40.0323 3620 WdiServiceHost - ok 14:07:40.0338 3620 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:07:40.0354 3620 WdiSystemHost - ok 14:07:40.0401 3620 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll 14:07:40.0401 3620 WebClient - ok 14:07:40.0448 3620 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 14:07:40.0463 3620 Wecsvc - ok 14:07:40.0495 3620 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 14:07:40.0495 3620 wercplsupport - ok 14:07:40.0526 3620 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 14:07:40.0526 3620 WerSvc - ok 14:07:40.0588 3620 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 14:07:40.0588 3620 WfpLwf - ok 14:07:40.0604 3620 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 14:07:40.0620 3620 WIMMount - ok 14:07:40.0745 3620 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 14:07:40.0745 3620 WinDefend - ok 14:07:40.0776 3620 WinHttpAutoProxySvc - ok 14:07:40.0854 3620 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 14:07:40.0854 3620 Winmgmt - ok 14:07:40.0995 3620 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll 14:07:41.0010 3620 WinRM - ok 14:07:41.0104 3620 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 14:07:41.0104 3620 WinUsb - ok 14:07:41.0198 3620 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 14:07:41.0198 3620 Wlansvc - ok 14:07:41.0245 3620 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 14:07:41.0245 3620 WmiAcpi - ok 14:07:41.0338 3620 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 14:07:41.0354 3620 wmiApSrv - ok 14:07:41.0510 3620 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:07:41.0526 3620 WMPNetworkSvc - ok 14:07:41.0557 3620 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 14:07:41.0573 3620 WPCSvc - ok 14:07:41.0604 3620 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll 14:07:41.0604 3620 WPDBusEnum - ok 14:07:41.0666 3620 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 14:07:41.0666 3620 ws2ifsl - ok 14:07:41.0713 3620 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll 14:07:41.0713 3620 wscsvc - ok 14:07:41.0729 3620 WSearch - ok 14:07:41.0932 3620 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll 14:07:41.0963 3620 wuauserv - ok 14:07:42.0120 3620 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 14:07:42.0120 3620 WudfPf - ok 14:07:42.0166 3620 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:07:42.0166 3620 WUDFRd - ok 14:07:42.0213 3620 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll 14:07:42.0213 3620 wudfsvc - ok 14:07:42.0260 3620 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 14:07:42.0260 3620 WwanSvc - ok 14:07:42.0323 3620 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:07:42.0495 3620 \Device\Harddisk0\DR0 - ok 14:07:42.0510 3620 Boot (0x1200) (ee0c681314dcc65034529cfcef5cbcd1) \Device\Harddisk0\DR0\Partition0 14:07:42.0510 3620 \Device\Harddisk0\DR0\Partition0 - ok 14:07:42.0526 3620 ============================================================ 14:07:42.0526 3620 Scan finished 14:07:42.0526 3620 ============================================================ 14:07:42.0557 3876 Detected object count: 0 14:07:42.0557 3876 Actual detected object count: 0 14:07:44.0948 2084 Deinitialize success |
|
| Themen zu TR/Traps.Gen2 Trojaner von Avira entdeckt. |
| alarm, atraps.gen2, avira, c:\windows, dateien, entdeck, entdeckt, entferne, gestern, hilft, installer, klicke, namen, ordner, plötzlich, problem, sache, schnell, sicherheitshinweis, tagen, tr/atraps.gen, tr/traps.gen2, troja, trojaner, versucht, virus, windows |
Linear-Darstellung
