| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.06.2012, 23:25
| #16 |
 |  Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" alles erledigt, hier der log Code:
ATTFilter All processes killed
========== OTL ==========
HKU\S-1-5-21-2571331456-2068494994-131038660-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2571331456-2068494994-131038660-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-2571331456-2068494994-131038660-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2571331456-2068494994-131038660-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully.
HKEY_USERS\S-1-5-21-2571331456-2068494994-131038660-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2571331456-2068494994-131038660-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=f2d3d60c00000000000078929c4e2633" removed from browser.startup.homepage
Prefs.js: "hxxp://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=KW_ss&mntrId=f2d3d60c00000000000078929c4e2633&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
C:\user.js moved successfully.
C:\Users\Steffen\AppData\Roaming\Babylon folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Steffen
->Temp folder emptied: 2365260638 bytes
->Temporary Internet Files folder emptied: 46310501 bytes
->Java cache emptied: 30975635 bytes
->FireFox cache emptied: 47399829 bytes
->Google Chrome cache emptied: 203645519 bytes
->Flash cache emptied: 92969 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 256990520 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2.814,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Steffen
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.48.0 log created on 06132012_001551
Files\Folders moved on Reboot...
C:\Users\Steffen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\master33041 moved successfully.
Registry entries deleted on Reboot...
|
|
13.06.2012, 09:08
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
13.06.2012, 09:40
| #18 |
| | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" tdss-log:
__________________Code:
ATTFilter 10:35:40.0143 1800 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
10:35:40.0689 1800 ============================================================
10:35:40.0689 1800 Current date / time: 2012/06/13 10:35:40.0689
10:35:40.0689 1800 SystemInfo:
10:35:40.0689 1800
10:35:40.0689 1800 OS Version: 6.1.7601 ServicePack: 1.0
10:35:40.0689 1800 Product type: Workstation
10:35:40.0689 1800 ComputerName: STEFFEN-PC
10:35:40.0689 1800 UserName: Steffen
10:35:40.0689 1800 Windows directory: C:\Windows
10:35:40.0689 1800 System windows directory: C:\Windows
10:35:40.0689 1800 Running under WOW64
10:35:40.0689 1800 Processor architecture: Intel x64
10:35:40.0689 1800 Number of processors: 2
10:35:40.0689 1800 Page size: 0x1000
10:35:40.0689 1800 Boot type: Normal boot
10:35:40.0689 1800 ============================================================
10:35:41.0329 1800 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:35:41.0329 1800 ============================================================
10:35:41.0329 1800 \Device\Harddisk0\DR0:
10:35:41.0329 1800 MBR partitions:
10:35:41.0329 1800 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:35:41.0329 1800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x33D53800
10:35:41.0360 1800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33D86800, BlocksNum 0x5FFE000
10:35:41.0407 1800 ============================================================
10:35:41.0454 1800 C: <-> \Device\Harddisk0\DR0\Partition1
10:35:41.0500 1800 D: <-> \Device\Harddisk0\DR0\Partition2
10:35:41.0500 1800 ============================================================
10:35:41.0500 1800 Initialize success
10:35:41.0500 1800 ============================================================
10:35:45.0260 5188 ============================================================
10:35:45.0260 5188 Scan started
10:35:45.0260 5188 Mode: Manual;
10:35:45.0260 5188 ============================================================
10:35:47.0335 5188 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:35:47.0335 5188 1394ohci - ok
10:35:47.0382 5188 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:35:47.0397 5188 ACPI - ok
10:35:47.0428 5188 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:35:47.0428 5188 AcpiPmi - ok
10:35:47.0584 5188 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:35:47.0584 5188 AdobeARMservice - ok
10:35:47.0740 5188 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:35:47.0740 5188 AdobeFlashPlayerUpdateSvc - ok
10:35:47.0818 5188 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:35:47.0834 5188 adp94xx - ok
10:35:47.0865 5188 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:35:47.0865 5188 adpahci - ok
10:35:47.0912 5188 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:35:47.0912 5188 adpu320 - ok
10:35:47.0928 5188 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:35:47.0928 5188 AeLookupSvc - ok
10:35:47.0990 5188 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:35:48.0006 5188 AFD - ok
10:35:48.0052 5188 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:35:48.0052 5188 agp440 - ok
10:35:48.0084 5188 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:35:48.0084 5188 ALG - ok
10:35:48.0130 5188 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:35:48.0130 5188 aliide - ok
10:35:48.0162 5188 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:35:48.0162 5188 amdide - ok
10:35:48.0193 5188 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:35:48.0193 5188 AmdK8 - ok
10:35:48.0224 5188 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:35:48.0224 5188 AmdPPM - ok
10:35:48.0255 5188 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:35:48.0255 5188 amdsata - ok
10:35:48.0302 5188 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:35:48.0302 5188 amdsbs - ok
10:35:48.0318 5188 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:35:48.0318 5188 amdxata - ok
10:35:48.0364 5188 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS
10:35:48.0364 5188 AmUStor - ok
10:35:48.0583 5188 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:35:48.0583 5188 AntiVirSchedulerService - ok
10:35:48.0630 5188 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:35:48.0630 5188 AntiVirService - ok
10:35:48.0676 5188 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:35:48.0676 5188 AppID - ok
10:35:48.0708 5188 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:35:48.0708 5188 AppIDSvc - ok
10:35:48.0708 5188 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:35:48.0723 5188 Appinfo - ok
10:35:48.0754 5188 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:35:48.0754 5188 arc - ok
10:35:48.0770 5188 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:35:48.0770 5188 arcsas - ok
10:35:48.0848 5188 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
10:35:48.0848 5188 ASLDRService - ok
10:35:48.0879 5188 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:35:48.0879 5188 AsyncMac - ok
10:35:48.0910 5188 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:35:48.0910 5188 atapi - ok
10:35:48.0957 5188 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:35:48.0988 5188 AudioEndpointBuilder - ok
10:35:48.0988 5188 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:35:48.0988 5188 AudioSrv - ok
10:35:49.0035 5188 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
10:35:49.0035 5188 avgntflt - ok
10:35:49.0098 5188 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
10:35:49.0098 5188 avipbb - ok
10:35:49.0144 5188 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
10:35:49.0144 5188 avkmgr - ok
10:35:49.0207 5188 AVP (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
10:35:49.0222 5188 AVP - ok
10:35:49.0285 5188 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:35:49.0285 5188 AxInstSV - ok
10:35:49.0300 5188 Scan interrupted by user!
10:35:49.0300 5188 Scan interrupted by user!
10:35:49.0300 5188 Scan interrupted by user!
10:35:49.0300 5188 ============================================================
10:35:49.0300 5188 Scan finished
10:35:49.0300 5188 ============================================================
10:35:49.0300 3524 Detected object count: 0
10:35:49.0300 3524 Actual detected object count: 0
10:35:59.0175 5428 ============================================================
10:35:59.0175 5428 Scan started
10:35:59.0175 5428 Mode: Manual; SigCheck; TDLFS;
10:35:59.0175 5428 ============================================================
10:35:59.0331 5428 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:35:59.0472 5428 1394ohci - ok
10:35:59.0518 5428 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:35:59.0534 5428 ACPI - ok
10:35:59.0550 5428 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:35:59.0659 5428 AcpiPmi - ok
10:35:59.0721 5428 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:35:59.0737 5428 AdobeARMservice - ok
10:35:59.0830 5428 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:35:59.0846 5428 AdobeFlashPlayerUpdateSvc - ok
10:35:59.0893 5428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:35:59.0924 5428 adp94xx - ok
10:35:59.0955 5428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:35:59.0986 5428 adpahci - ok
10:36:00.0018 5428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:36:00.0033 5428 adpu320 - ok
10:36:00.0064 5428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:36:00.0220 5428 AeLookupSvc - ok
10:36:00.0283 5428 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:36:00.0330 5428 AFD - ok
10:36:00.0361 5428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:36:00.0376 5428 agp440 - ok
10:36:00.0408 5428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:36:00.0454 5428 ALG - ok
10:36:00.0501 5428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:36:00.0517 5428 aliide - ok
10:36:00.0548 5428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:36:00.0564 5428 amdide - ok
10:36:00.0595 5428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:36:00.0626 5428 AmdK8 - ok
10:36:00.0657 5428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:36:00.0688 5428 AmdPPM - ok
10:36:00.0704 5428 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:36:00.0720 5428 amdsata - ok
10:36:00.0766 5428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:36:00.0782 5428 amdsbs - ok
10:36:00.0798 5428 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:36:00.0813 5428 amdxata - ok
10:36:00.0860 5428 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS
10:36:00.0907 5428 AmUStor - ok
10:36:01.0110 5428 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:36:01.0141 5428 AntiVirSchedulerService - ok
10:36:01.0188 5428 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:36:01.0188 5428 AntiVirService - ok
10:36:01.0234 5428 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:36:01.0406 5428 AppID - ok
10:36:01.0422 5428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:36:01.0484 5428 AppIDSvc - ok
10:36:01.0500 5428 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:36:01.0578 5428 Appinfo - ok
10:36:01.0624 5428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:36:01.0640 5428 arc - ok
10:36:01.0671 5428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:36:01.0687 5428 arcsas - ok
10:36:01.0734 5428 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
10:36:01.0765 5428 ASLDRService - ok
10:36:01.0796 5428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:36:01.0858 5428 AsyncMac - ok
10:36:01.0890 5428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:36:01.0905 5428 atapi - ok
10:36:01.0952 5428 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:36:02.0030 5428 AudioEndpointBuilder - ok
10:36:02.0046 5428 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:36:02.0092 5428 AudioSrv - ok
10:36:02.0124 5428 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
10:36:02.0139 5428 avgntflt - ok
10:36:02.0170 5428 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
10:36:02.0170 5428 avipbb - ok
10:36:02.0186 5428 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
10:36:02.0202 5428 avkmgr - ok
10:36:02.0295 5428 AVP (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
10:36:02.0311 5428 AVP - ok
10:36:02.0342 5428 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:36:02.0451 5428 AxInstSV - ok
10:36:02.0498 5428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:36:02.0560 5428 b06bdrv - ok
10:36:02.0592 5428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:36:02.0638 5428 b57nd60a - ok
10:36:02.0685 5428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:36:02.0716 5428 BDESVC - ok
10:36:02.0763 5428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:36:02.0826 5428 Beep - ok
10:36:02.0919 5428 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:36:02.0997 5428 BFE - ok
10:36:03.0060 5428 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:36:03.0153 5428 BITS - ok
10:36:03.0200 5428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:36:03.0247 5428 blbdrive - ok
10:36:03.0294 5428 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:36:03.0340 5428 bowser - ok
10:36:03.0387 5428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:36:03.0418 5428 BrFiltLo - ok
10:36:03.0434 5428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:36:03.0465 5428 BrFiltUp - ok
10:36:03.0481 5428 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:36:03.0559 5428 Browser - ok
10:36:03.0621 5428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:36:03.0668 5428 Brserid - ok
10:36:03.0684 5428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:36:03.0730 5428 BrSerWdm - ok
10:36:03.0777 5428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:36:03.0808 5428 BrUsbMdm - ok
10:36:03.0855 5428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:36:03.0886 5428 BrUsbSer - ok
10:36:03.0918 5428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:36:03.0964 5428 BTHMODEM - ok
10:36:04.0011 5428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:36:04.0058 5428 bthserv - ok
10:36:04.0120 5428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:36:04.0167 5428 cdfs - ok
10:36:04.0214 5428 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:36:04.0261 5428 cdrom - ok
10:36:04.0308 5428 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:36:04.0386 5428 CertPropSvc - ok
10:36:04.0448 5428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:36:04.0495 5428 circlass - ok
10:36:04.0557 5428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:36:04.0588 5428 CLFS - ok
10:36:04.0651 5428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:36:04.0651 5428 clr_optimization_v2.0.50727_32 - ok
10:36:04.0713 5428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:36:04.0713 5428 clr_optimization_v2.0.50727_64 - ok
10:36:04.0822 5428 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:36:04.0838 5428 clr_optimization_v4.0.30319_32 - ok
10:36:04.0869 5428 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:36:04.0885 5428 clr_optimization_v4.0.30319_64 - ok
10:36:04.0932 5428 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
10:36:04.0947 5428 clwvd - ok
10:36:04.0994 5428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:36:05.0025 5428 CmBatt - ok
10:36:05.0056 5428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:36:05.0072 5428 cmdide - ok
10:36:05.0119 5428 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:36:05.0181 5428 CNG - ok
10:36:05.0290 5428 CnxtHdAudService (a260be645dd096d90318c8cf98536720) C:\Windows\system32\drivers\CHDRT64.sys
10:36:05.0353 5428 CnxtHdAudService - ok
10:36:05.0478 5428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:36:05.0493 5428 Compbatt - ok
10:36:05.0524 5428 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:36:05.0571 5428 CompositeBus - ok
10:36:05.0587 5428 COMSysApp - ok
10:36:05.0618 5428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:36:05.0618 5428 crcdisk - ok
10:36:05.0680 5428 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:36:05.0743 5428 CryptSvc - ok
10:36:05.0790 5428 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe
10:36:05.0805 5428 CxAudMsg - ok
10:36:05.0946 5428 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
10:36:05.0961 5428 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning
10:36:05.0961 5428 DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)
10:36:06.0024 5428 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:36:06.0133 5428 DcomLaunch - ok
10:36:06.0180 5428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:36:06.0258 5428 defragsvc - ok
10:36:06.0289 5428 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:36:06.0351 5428 DfsC - ok
10:36:06.0414 5428 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:36:06.0460 5428 Dhcp - ok
10:36:06.0476 5428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:36:06.0523 5428 discache - ok
10:36:06.0585 5428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:36:06.0601 5428 Disk - ok
10:36:06.0648 5428 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:36:06.0694 5428 Dnscache - ok
10:36:06.0757 5428 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:36:06.0819 5428 dot3svc - ok
10:36:06.0913 5428 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
10:36:06.0928 5428 Dot4 - ok
10:36:06.0975 5428 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:36:07.0084 5428 Dot4Print - ok
10:36:07.0147 5428 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
10:36:07.0178 5428 dot4usb - ok
10:36:07.0209 5428 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:36:07.0272 5428 DPS - ok
10:36:07.0334 5428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:36:07.0381 5428 drmkaud - ok
10:36:07.0443 5428 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:36:07.0490 5428 DXGKrnl - ok
10:36:07.0521 5428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:36:07.0584 5428 EapHost - ok
10:36:07.0724 5428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:36:07.0833 5428 ebdrv - ok
10:36:07.0942 5428 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:36:07.0989 5428 EFS - ok
10:36:08.0067 5428 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:36:08.0145 5428 ehRecvr - ok
10:36:08.0161 5428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:36:08.0223 5428 ehSched - ok
10:36:08.0301 5428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:36:08.0332 5428 elxstor - ok
10:36:08.0364 5428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:36:08.0395 5428 ErrDev - ok
10:36:08.0442 5428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:36:08.0504 5428 EventSystem - ok
10:36:08.0691 5428 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:36:08.0769 5428 EvtEng - ok
10:36:08.0910 5428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:36:08.0956 5428 exfat - ok
10:36:08.0988 5428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:36:09.0050 5428 fastfat - ok
10:36:09.0128 5428 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:36:09.0190 5428 Fax - ok
10:36:09.0222 5428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:36:09.0268 5428 fdc - ok
10:36:09.0300 5428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:36:09.0362 5428 fdPHost - ok
10:36:09.0362 5428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:36:09.0440 5428 FDResPub - ok
10:36:09.0487 5428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:36:09.0502 5428 FileInfo - ok
10:36:09.0518 5428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:36:09.0580 5428 Filetrace - ok
10:36:09.0612 5428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:36:09.0643 5428 flpydisk - ok
10:36:09.0674 5428 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:36:09.0690 5428 FltMgr - ok
10:36:09.0768 5428 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:36:09.0846 5428 FontCache - ok
10:36:09.0924 5428 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:36:09.0939 5428 FontCache3.0.0.0 - ok
10:36:09.0986 5428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:36:10.0002 5428 FsDepends - ok
10:36:10.0048 5428 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:36:10.0064 5428 Fs_Rec - ok
10:36:10.0111 5428 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:36:10.0126 5428 fvevol - ok
10:36:10.0158 5428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:36:10.0173 5428 gagp30kx - ok
10:36:10.0314 5428 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
10:36:10.0345 5428 GFNEXSrv - ok
10:36:10.0438 5428 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:36:10.0579 5428 gpsvc - ok
10:36:10.0672 5428 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:36:10.0704 5428 gupdate - ok
10:36:10.0719 5428 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:36:10.0750 5428 gupdatem - ok
10:36:10.0782 5428 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:36:10.0797 5428 gusvc - ok
10:36:10.0860 5428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:36:10.0938 5428 hcw85cir - ok
10:36:11.0016 5428 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:36:11.0094 5428 HdAudAddService - ok
10:36:11.0156 5428 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:36:11.0203 5428 HDAudBus - ok
10:36:11.0234 5428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:36:11.0265 5428 HidBatt - ok
10:36:11.0296 5428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:36:11.0359 5428 HidBth - ok
10:36:11.0406 5428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:36:11.0437 5428 HidIr - ok
10:36:11.0468 5428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:36:11.0546 5428 hidserv - ok
10:36:11.0593 5428 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:36:11.0624 5428 HidUsb - ok
10:36:11.0671 5428 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:36:11.0733 5428 hkmsvc - ok
10:36:11.0764 5428 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:36:11.0811 5428 HomeGroupListener - ok
10:36:11.0858 5428 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:36:11.0920 5428 HomeGroupProvider - ok
10:36:12.0248 5428 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:36:12.0310 5428 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:36:12.0310 5428 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:36:12.0357 5428 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:36:12.0404 5428 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:36:12.0404 5428 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:36:12.0451 5428 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:36:12.0482 5428 HpSAMD - ok
10:36:12.0607 5428 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:36:12.0669 5428 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
10:36:12.0669 5428 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
10:36:12.0747 5428 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:36:12.0888 5428 HTTP - ok
10:36:12.0903 5428 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:36:12.0919 5428 hwpolicy - ok
10:36:12.0950 5428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:36:12.0997 5428 i8042prt - ok
10:36:13.0059 5428 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys
10:36:13.0075 5428 iaStor - ok
10:36:13.0215 5428 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:36:13.0246 5428 IAStorDataMgrSvc - ok
10:36:13.0309 5428 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:36:13.0387 5428 iaStorV - ok
10:36:13.0527 5428 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:36:13.0621 5428 idsvc - ok
10:36:14.0354 5428 igfx (10bb0dc3361c9420cc1b0b2128bb89db) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:36:14.0806 5428 igfx - ok
10:36:14.0962 5428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:36:14.0994 5428 iirsp - ok
10:36:15.0087 5428 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:36:15.0228 5428 IKEEXT - ok
10:36:15.0306 5428 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:36:15.0368 5428 IntcDAud - ok
10:36:15.0415 5428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:36:15.0430 5428 intelide - ok
10:36:15.0477 5428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:36:15.0524 5428 intelppm - ok
10:36:15.0555 5428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:36:15.0680 5428 IPBusEnum - ok
10:36:15.0696 5428 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:36:15.0758 5428 IpFilterDriver - ok
10:36:15.0820 5428 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:36:15.0961 5428 iphlpsvc - ok
10:36:16.0008 5428 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:36:16.0039 5428 IPMIDRV - ok
10:36:16.0070 5428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:36:16.0117 5428 IPNAT - ok
10:36:16.0132 5428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:36:16.0164 5428 IRENUM - ok
10:36:16.0164 5428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:36:16.0179 5428 isapnp - ok
10:36:16.0226 5428 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:36:16.0288 5428 iScsiPrt - ok
10:36:16.0304 5428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:36:16.0320 5428 kbdclass - ok
10:36:16.0351 5428 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:36:16.0398 5428 kbdhid - ok
10:36:16.0429 5428 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:36:16.0460 5428 KeyIso - ok
10:36:16.0554 5428 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
10:36:16.0616 5428 KL1 - ok
10:36:16.0647 5428 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
10:36:16.0663 5428 kl2 - ok
10:36:16.0725 5428 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
10:36:16.0756 5428 KLIF - ok
10:36:16.0803 5428 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
10:36:16.0819 5428 KLIM6 - ok
10:36:16.0850 5428 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
10:36:16.0881 5428 klmouflt - ok
10:36:16.0928 5428 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:36:16.0975 5428 KSecDD - ok
10:36:17.0006 5428 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:36:17.0022 5428 KSecPkg - ok
10:36:17.0053 5428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:36:17.0131 5428 ksthunk - ok
10:36:17.0178 5428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:36:17.0318 5428 KtmRm - ok
10:36:17.0365 5428 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
10:36:17.0396 5428 L1C - ok
10:36:17.0443 5428 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:36:17.0552 5428 LanmanServer - ok
10:36:17.0599 5428 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:36:17.0692 5428 LanmanWorkstation - ok
10:36:17.0724 5428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:36:17.0833 5428 lltdio - ok
10:36:17.0895 5428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:36:17.0973 5428 lltdsvc - ok
10:36:17.0989 5428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:36:18.0036 5428 lmhosts - ok
10:36:18.0207 5428 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:36:18.0254 5428 LMS - ok
10:36:18.0332 5428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:36:18.0363 5428 LSI_FC - ok
10:36:18.0379 5428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:36:18.0410 5428 LSI_SAS - ok
10:36:18.0441 5428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:36:18.0472 5428 LSI_SAS2 - ok
10:36:18.0488 5428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:36:18.0519 5428 LSI_SCSI - ok
10:36:18.0535 5428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:36:18.0597 5428 luafv - ok
10:36:18.0691 5428 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
10:36:18.0722 5428 MBAMProtector - ok
10:36:18.0831 5428 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:36:18.0878 5428 MBAMService - ok
10:36:18.0925 5428 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:36:18.0972 5428 Mcx2Svc - ok
10:36:19.0018 5428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:36:19.0034 5428 megasas - ok
10:36:19.0081 5428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:36:19.0112 5428 MegaSR - ok
10:36:19.0159 5428 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
10:36:19.0174 5428 MEIx64 - ok
10:36:19.0502 5428 Microsoft SharePoint Workspace Audit Service - ok
10:36:19.0533 5428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:36:19.0642 5428 MMCSS - ok
10:36:19.0658 5428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:36:19.0736 5428 Modem - ok
10:36:19.0752 5428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:36:19.0798 5428 monitor - ok
10:36:19.0830 5428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:36:19.0845 5428 mouclass - ok
10:36:19.0923 5428 moufiltr (21b7acea1bb49c3371dd5427bf309d6a) C:\Windows\system32\DRIVERS\moufiltr.sys
10:36:19.0986 5428 moufiltr - ok
10:36:20.0032 5428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:36:20.0079 5428 mouhid - ok
10:36:20.0126 5428 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:36:20.0157 5428 mountmgr - ok
10:36:20.0204 5428 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:36:20.0235 5428 mpio - ok
10:36:20.0251 5428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:36:20.0329 5428 mpsdrv - ok
10:36:20.0407 5428 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:36:20.0516 5428 MpsSvc - ok
10:36:20.0547 5428 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:36:20.0594 5428 MRxDAV - ok
10:36:20.0625 5428 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:36:20.0688 5428 mrxsmb - ok
10:36:20.0734 5428 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:36:20.0812 5428 mrxsmb10 - ok
10:36:20.0828 5428 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:36:20.0890 5428 mrxsmb20 - ok
10:36:20.0922 5428 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:36:20.0953 5428 msahci - ok
10:36:20.0984 5428 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:36:21.0000 5428 msdsm - ok
10:36:21.0046 5428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:36:21.0093 5428 MSDTC - ok
10:36:21.0124 5428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:36:21.0171 5428 Msfs - ok
10:36:21.0187 5428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:36:21.0234 5428 mshidkmdf - ok
10:36:21.0265 5428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:36:21.0280 5428 msisadrv - ok
10:36:21.0343 5428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:36:21.0421 5428 MSiSCSI - ok
10:36:21.0421 5428 msiserver - ok
10:36:21.0452 5428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:36:21.0499 5428 MSKSSRV - ok
10:36:21.0514 5428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:36:21.0546 5428 MSPCLOCK - ok
10:36:21.0561 5428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:36:21.0608 5428 MSPQM - ok
10:36:21.0639 5428 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:36:21.0686 5428 MsRPC - ok
10:36:21.0702 5428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:36:21.0733 5428 mssmbios - ok
10:36:21.0748 5428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:36:21.0826 5428 MSTEE - ok
10:36:21.0858 5428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:36:21.0889 5428 MTConfig - ok
10:36:21.0920 5428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:36:21.0936 5428 Mup - ok
10:36:22.0076 5428 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:36:22.0107 5428 MyWiFiDHCPDNS - ok
10:36:22.0170 5428 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:36:22.0294 5428 napagent - ok
10:36:22.0372 5428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:36:22.0450 5428 NativeWifiP - ok
10:36:22.0560 5428 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:36:22.0638 5428 NDIS - ok
10:36:22.0669 5428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:36:22.0762 5428 NdisCap - ok
10:36:22.0809 5428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:36:22.0903 5428 NdisTapi - ok
10:36:22.0934 5428 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:36:23.0012 5428 Ndisuio - ok
10:36:23.0043 5428 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:36:23.0090 5428 NdisWan - ok
10:36:23.0106 5428 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:36:23.0137 5428 NDProxy - ok
10:36:23.0215 5428 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
10:36:23.0246 5428 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:36:23.0246 5428 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:36:23.0293 5428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:36:23.0386 5428 NetBIOS - ok
10:36:23.0418 5428 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:36:23.0464 5428 NetBT - ok
10:36:23.0511 5428 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:36:23.0527 5428 Netlogon - ok
10:36:23.0589 5428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:36:23.0745 5428 Netman - ok
10:36:23.0808 5428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:36:23.0932 5428 netprofm - ok
10:36:24.0010 5428 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:36:24.0042 5428 NetTcpPortSharing - ok
10:36:24.0572 5428 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
10:36:24.0822 5428 NETwNs64 - ok
10:36:24.0978 5428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:36:25.0009 5428 nfrd960 - ok
10:36:25.0071 5428 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:36:25.0134 5428 NlaSvc - ok
10:36:25.0165 5428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:36:25.0274 5428 Npfs - ok
10:36:25.0290 5428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:36:25.0368 5428 nsi - ok
10:36:25.0383 5428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:36:25.0430 5428 nsiproxy - ok
10:36:25.0555 5428 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:36:25.0664 5428 Ntfs - ok
10:36:25.0789 5428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:36:25.0882 5428 Null - ok
10:36:25.0929 5428 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
10:36:25.0992 5428 nusb3hub - ok
10:36:26.0038 5428 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
10:36:26.0101 5428 nusb3xhc - ok
10:36:26.0163 5428 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:36:26.0194 5428 nvraid - ok
10:36:26.0241 5428 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:36:26.0257 5428 nvstor - ok
10:36:26.0304 5428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:36:26.0335 5428 nv_agp - ok
10:36:26.0366 5428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:36:26.0413 5428 ohci1394 - ok
10:36:26.0538 5428 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:36:26.0569 5428 ose64 - ok
10:36:26.0974 5428 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:36:27.0099 5428 osppsvc - ok
10:36:27.0240 5428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:36:27.0333 5428 p2pimsvc - ok
10:36:27.0396 5428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:36:27.0474 5428 p2psvc - ok
10:36:27.0536 5428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:36:27.0583 5428 Parport - ok
10:36:27.0630 5428 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:36:27.0661 5428 partmgr - ok
10:36:27.0708 5428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:36:27.0786 5428 PcaSvc - ok
10:36:27.0817 5428 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:36:27.0864 5428 pci - ok
10:36:27.0895 5428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:36:27.0910 5428 pciide - ok
10:36:27.0942 5428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:36:27.0957 5428 pcmcia - ok
10:36:28.0004 5428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:36:28.0020 5428 pcw - ok
10:36:28.0051 5428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:36:28.0129 5428 PEAUTH - ok
10:36:28.0238 5428 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys
10:36:28.0269 5428 PEGAGFN - ok
10:36:28.0410 5428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:36:28.0441 5428 PerfHost - ok
10:36:28.0659 5428 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:36:28.0815 5428 pla - ok
10:36:28.0878 5428 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:36:28.0971 5428 PlugPlay - ok
10:36:29.0049 5428 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
10:36:29.0080 5428 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:36:29.0080 5428 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:36:29.0112 5428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:36:29.0174 5428 PNRPAutoReg - ok
10:36:29.0221 5428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:36:29.0252 5428 PNRPsvc - ok
10:36:29.0299 5428 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:36:29.0408 5428 PolicyAgent - ok
10:36:29.0455 5428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:36:29.0564 5428 Power - ok
10:36:29.0642 5428 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:36:29.0720 5428 PptpMiniport - ok
10:36:29.0782 5428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:36:29.0845 5428 Processor - ok
10:36:29.0876 5428 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:36:30.0001 5428 ProfSvc - ok
10:36:30.0032 5428 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:36:30.0048 5428 ProtectedStorage - ok
10:36:30.0110 5428 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:36:30.0204 5428 Psched - ok
10:36:30.0328 5428 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:36:30.0360 5428 PSI_SVC_2 - ok
10:36:30.0469 5428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:36:30.0578 5428 ql2300 - ok
10:36:30.0734 5428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:36:30.0781 5428 ql40xx - ok
10:36:30.0812 5428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:36:30.0859 5428 QWAVE - ok
10:36:30.0890 5428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:36:30.0952 5428 QWAVEdrv - ok
10:36:30.0968 5428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:36:31.0062 5428 RasAcd - ok
10:36:31.0108 5428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:36:31.0171 5428 RasAgileVpn - ok
10:36:31.0202 5428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:36:31.0249 5428 RasAuto - ok
10:36:31.0296 5428 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:36:31.0389 5428 Rasl2tp - ok
10:36:31.0452 5428 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:36:31.0561 5428 RasMan - ok
10:36:31.0608 5428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:36:31.0670 5428 RasPppoe - ok
10:36:31.0701 5428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:36:31.0764 5428 RasSstp - ok
10:36:31.0795 5428 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:36:31.0857 5428 rdbss - ok
10:36:31.0888 5428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:36:31.0920 5428 rdpbus - ok
10:36:31.0935 5428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:36:31.0982 5428 RDPCDD - ok
10:36:32.0013 5428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:36:32.0076 5428 RDPENCDD - ok
10:36:32.0091 5428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:36:32.0122 5428 RDPREFMP - ok
10:36:32.0169 5428 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:36:32.0263 5428 RDPWD - ok
10:36:32.0310 5428 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:36:32.0341 5428 rdyboost - ok
10:36:32.0544 5428 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:36:32.0606 5428 RegSrvc - ok
10:36:32.0637 5428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:36:32.0715 5428 RemoteAccess - ok
10:36:32.0762 5428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:36:32.0840 5428 RemoteRegistry - ok
10:36:33.0136 5428 Response Hardware (0a3f4b7c7fe0d9681b23623371f5cffb) C:\Program Files (x86)\SMART Technologies\Classroom Teacher\ResponseHardwareService.exe
10:36:33.0168 5428 Response Hardware - ok
10:36:33.0277 5428 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:36:33.0308 5428 RichVideo ( UnsignedFile.Multi.Generic ) - warning
10:36:33.0308 5428 RichVideo - detected UnsignedFile.Multi.Generic (1)
10:36:33.0355 5428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:36:33.0464 5428 RpcEptMapper - ok
10:36:33.0495 5428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:36:33.0526 5428 RpcLocator - ok
10:36:33.0573 5428 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:36:33.0651 5428 RpcSs - ok
10:36:33.0714 5428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:36:33.0792 5428 rspndr - ok
10:36:33.0838 5428 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:36:33.0870 5428 SamSs - ok
10:36:33.0885 5428 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:36:33.0916 5428 sbp2port - ok
10:36:33.0948 5428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:36:34.0057 5428 SCardSvr - ok
10:36:34.0072 5428 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:36:34.0135 5428 scfilter - ok
10:36:34.0197 5428 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:36:34.0322 5428 Schedule - ok
10:36:34.0369 5428 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:36:34.0400 5428 SCPolicySvc - ok
10:36:34.0447 5428 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:36:34.0525 5428 SDRSVC - ok
10:36:34.0587 5428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:36:34.0665 5428 secdrv - ok
10:36:34.0696 5428 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:36:34.0743 5428 seclogon - ok
10:36:34.0790 5428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:36:34.0852 5428 SENS - ok
10:36:34.0868 5428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:36:34.0930 5428 SensrSvc - ok
10:36:34.0962 5428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:36:34.0993 5428 Serenum - ok
10:36:35.0024 5428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:36:35.0055 5428 Serial - ok
10:36:35.0102 5428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:36:35.0118 5428 sermouse - ok
10:36:35.0164 5428 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:36:35.0274 5428 SessionEnv - ok
10:36:35.0305 5428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:36:35.0352 5428 sffdisk - ok
10:36:35.0398 5428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:36:35.0445 5428 sffp_mmc - ok
10:36:35.0492 5428 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:36:35.0554 5428 sffp_sd - ok
10:36:35.0586 5428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:36:35.0632 5428 sfloppy - ok
10:36:35.0695 5428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:36:35.0820 5428 SharedAccess - ok
10:36:35.0866 5428 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:36:35.0976 5428 ShellHWDetection - ok
10:36:36.0022 5428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:36:36.0054 5428 SiSRaid2 - ok
10:36:36.0069 5428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:36:36.0085 5428 SiSRaid4 - ok
10:36:36.0225 5428 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:36:36.0272 5428 SkypeUpdate - ok
10:36:36.0381 5428 SMARTMouseFilterx64 (3e1cab0ff8311b196069e34fe6b28f8f) C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
10:36:36.0397 5428 SMARTMouseFilterx64 - ok
10:36:36.0459 5428 SMARTVHidMiniVistaAmd64 (3a57e488bfff94fd4548ec62aecbc697) C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
10:36:36.0475 5428 SMARTVHidMiniVistaAmd64 - ok
10:36:36.0506 5428 SMARTVTabletPCx64 (19750003eb04cbf1490919bb67c2ae9c) C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys
10:36:36.0537 5428 SMARTVTabletPCx64 - ok
10:36:36.0584 5428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:36:36.0646 5428 Smb - ok
10:36:36.0693 5428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:36:36.0756 5428 SNMPTRAP - ok
10:36:36.0771 5428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:36:36.0802 5428 spldr - ok
10:36:36.0865 5428 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:36:36.0958 5428 Spooler - ok
10:36:37.0130 5428 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:36:37.0286 5428 sppsvc - ok
10:36:37.0426 5428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:36:37.0504 5428 sppuinotify - ok
10:36:37.0582 5428 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:36:37.0660 5428 srv - ok
10:36:37.0707 5428 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:36:37.0785 5428 srv2 - ok
10:36:37.0832 5428 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:36:37.0910 5428 srvnet - ok
10:36:37.0957 5428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:36:38.0066 5428 SSDPSRV - ok
10:36:38.0082 5428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:36:38.0175 5428 SstpSvc - ok
10:36:38.0206 5428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:36:38.0222 5428 stexstor - ok
10:36:38.0284 5428 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:36:38.0362 5428 stisvc - ok
10:36:38.0409 5428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:36:38.0440 5428 swenum - ok
10:36:38.0503 5428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:36:38.0659 5428 swprv - ok
10:36:38.0737 5428 SynTP (be2b928de9af2848289db7a54c7e2398) C:\Windows\system32\drivers\SynTP.sys
10:36:38.0784 5428 SynTP - ok
10:36:38.0908 5428 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:36:39.0033 5428 SysMain - ok
10:36:39.0142 5428 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:36:39.0205 5428 TabletInputService - ok
10:36:39.0252 5428 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:36:39.0330 5428 TapiSrv - ok
10:36:39.0361 5428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:36:39.0392 5428 TBS - ok
10:36:39.0642 5428 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:36:39.0766 5428 Tcpip - ok
10:36:40.0078 5428 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:36:40.0141 5428 TCPIP6 - ok
10:36:40.0250 5428 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:36:40.0344 5428 tcpipreg - ok
10:36:40.0375 5428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:36:40.0390 5428 TDPIPE - ok
10:36:40.0422 5428 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:36:40.0437 5428 TDTCP - ok
10:36:40.0468 5428 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:36:40.0531 5428 tdx - ok
10:36:40.0999 5428 TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
10:36:41.0217 5428 TeamViewer7 - ok
10:36:41.0358 5428 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:36:41.0404 5428 TermDD - ok
10:36:41.0467 5428 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:36:41.0592 5428 TermService - ok
10:36:41.0623 5428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:36:41.0654 5428 Themes - ok
10:36:41.0701 5428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:36:41.0779 5428 THREADORDER - ok
10:36:41.0794 5428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:36:41.0872 5428 TrkWks - ok
10:36:41.0919 5428 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:36:42.0013 5428 TrustedInstaller - ok
10:36:42.0044 5428 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:36:42.0138 5428 tssecsrv - ok
10:36:42.0169 5428 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:36:42.0216 5428 TsUsbFlt - ok
10:36:42.0262 5428 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
10:36:42.0278 5428 TsUsbGD - ok
10:36:42.0325 5428 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:36:42.0403 5428 tunnel - ok
10:36:42.0418 5428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:36:42.0434 5428 uagp35 - ok
10:36:42.0481 5428 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:36:42.0559 5428 udfs - ok
10:36:42.0606 5428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:36:42.0637 5428 UI0Detect - ok
10:36:42.0684 5428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:36:42.0715 5428 uliagpkx - ok
10:36:42.0777 5428 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:36:42.0824 5428 umbus - ok
10:36:42.0855 5428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:36:42.0902 5428 UmPass - ok
10:36:43.0167 5428 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:36:43.0261 5428 UNS - ok
10:36:43.0432 5428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:36:43.0542 5428 upnphost - ok
10:36:43.0604 5428 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:36:43.0666 5428 usbccgp - ok
10:36:43.0713 5428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:36:43.0776 5428 usbcir - ok
10:36:43.0807 5428 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:36:43.0869 5428 usbehci - ok
10:36:43.0916 5428 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
10:36:43.0963 5428 usbhub - ok
10:36:43.0994 5428 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:36:44.0025 5428 usbohci - ok
10:36:44.0088 5428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:36:44.0150 5428 usbprint - ok
10:36:44.0197 5428 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:36:44.0259 5428 usbscan - ok
10:36:44.0306 5428 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:36:44.0368 5428 USBSTOR - ok
10:36:44.0415 5428 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:36:44.0462 5428 usbuhci - ok
10:36:44.0524 5428 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
10:36:44.0587 5428 usbvideo - ok
10:36:44.0618 5428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:36:44.0696 5428 UxSms - ok
10:36:44.0727 5428 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:36:44.0758 5428 VaultSvc - ok
10:36:44.0821 5428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:36:44.0852 5428 vdrvroot - ok
10:36:44.0946 5428 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:36:45.0070 5428 vds - ok
10:36:45.0102 5428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:36:45.0133 5428 vga - ok
10:36:45.0164 5428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:36:45.0258 5428 VgaSave - ok
10:36:45.0289 5428 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:36:45.0320 5428 vhdmp - ok
10:36:45.0382 5428 vhidmini (c2c95d62c90ca809240112b41c1765f2) C:\Windows\system32\DRIVERS\walvhid.sys
10:36:45.0429 5428 vhidmini - ok
10:36:45.0460 5428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:36:45.0492 5428 viaide - ok
10:36:45.0523 5428 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:36:45.0554 5428 volmgr - ok
10:36:45.0616 5428 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:36:45.0663 5428 volmgrx - ok
10:36:45.0726 5428 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:36:45.0788 5428 volsnap - ok
10:36:45.0835 5428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:36:45.0866 5428 vsmraid - ok
10:36:46.0006 5428 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:36:46.0162 5428 VSS - ok
10:36:46.0381 5428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:36:46.0443 5428 vwifibus - ok
10:36:46.0474 5428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:36:46.0537 5428 vwififlt - ok
10:36:46.0537 5428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:36:46.0568 5428 vwifimp - ok
10:36:46.0646 5428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:36:46.0755 5428 W32Time - ok
10:36:46.0802 5428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:36:46.0849 5428 WacomPen - ok
10:36:46.0896 5428 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:36:46.0989 5428 WANARP - ok
10:36:47.0005 5428 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:36:47.0036 5428 Wanarpv6 - ok
10:36:47.0176 5428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:36:47.0254 5428 WatAdminSvc - ok
10:36:47.0395 5428 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
10:36:47.0426 5428 watchmi ( UnsignedFile.Multi.Generic ) - warning
10:36:47.0426 5428 watchmi - detected UnsignedFile.Multi.Generic (1)
10:36:47.0566 5428 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:36:47.0722 5428 wbengine - ok
10:36:47.0847 5428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:36:47.0910 5428 WbioSrvc - ok
10:36:47.0972 5428 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:36:48.0066 5428 wcncsvc - ok
10:36:48.0066 5428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:36:48.0112 5428 WcsPlugInService - ok
10:36:48.0175 5428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:36:48.0206 5428 Wd - ok
10:36:48.0253 5428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:36:48.0315 5428 Wdf01000 - ok
10:36:48.0331 5428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:36:48.0456 5428 WdiServiceHost - ok
10:36:48.0471 5428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:36:48.0502 5428 WdiSystemHost - ok
10:36:48.0565 5428 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:36:48.0658 5428 WebClient - ok
10:36:48.0705 5428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:36:48.0799 5428 Wecsvc - ok
10:36:48.0814 5428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:36:48.0877 5428 wercplsupport - ok
10:36:48.0908 5428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:36:48.0955 5428 WerSvc - ok
10:36:49.0002 5428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:36:49.0095 5428 WfpLwf - ok
10:36:49.0111 5428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:36:49.0126 5428 WIMMount - ok
10:36:49.0204 5428 WinDefend - ok
10:36:49.0220 5428 WinHttpAutoProxySvc - ok
10:36:49.0282 5428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:36:49.0392 5428 Winmgmt - ok
10:36:49.0548 5428 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:36:49.0719 5428 WinRM - ok
10:36:49.0922 5428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:36:50.0047 5428 Wlansvc - ok
10:36:50.0172 5428 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:36:50.0187 5428 wlcrasvc - ok
10:36:50.0374 5428 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:36:50.0484 5428 wlidsvc - ok
10:36:50.0640 5428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:36:50.0686 5428 WmiAcpi - ok
10:36:50.0749 5428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:36:50.0811 5428 wmiApSrv - ok
10:36:50.0905 5428 WMPNetworkSvc - ok
10:36:50.0936 5428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:36:50.0983 5428 WPCSvc - ok
10:36:51.0030 5428 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:36:51.0076 5428 WPDBusEnum - ok
10:36:51.0108 5428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:36:51.0201 5428 ws2ifsl - ok
10:36:51.0217 5428 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:36:51.0264 5428 wscsvc - ok
10:36:51.0264 5428 WSearch - ok
10:36:51.0310 5428 WTService - ok
10:36:51.0451 5428 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:36:51.0622 5428 wuauserv - ok
10:36:51.0763 5428 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:36:51.0856 5428 WudfPf - ok
10:36:51.0888 5428 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:36:51.0950 5428 WUDFRd - ok
10:36:51.0981 5428 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:36:52.0044 5428 wudfsvc - ok
10:36:52.0075 5428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:36:52.0153 5428 WwanSvc - ok
10:36:52.0215 5428 MBR (0x1B8) (34f69c8dde583a7ea224e5ea68df00f5) \Device\Harddisk0\DR0
10:36:54.0961 5428 \Device\Harddisk0\DR0 - ok
10:36:54.0992 5428 Boot (0x1200) (e0dd80e82f082b64deb6bf06854dee7c) \Device\Harddisk0\DR0\Partition0
10:36:55.0008 5428 \Device\Harddisk0\DR0\Partition0 - ok
10:36:55.0023 5428 Boot (0x1200) (a30316692566a15b0303b2be7fca3054) \Device\Harddisk0\DR0\Partition1
10:36:55.0023 5428 \Device\Harddisk0\DR0\Partition1 - ok
10:36:55.0054 5428 Boot (0x1200) (c82934e15d84e3fb811a596678fbc9da) \Device\Harddisk0\DR0\Partition2
10:36:55.0054 5428 \Device\Harddisk0\DR0\Partition2 - ok
10:36:55.0054 5428 ============================================================
10:36:55.0054 5428 Scan finished
10:36:55.0054 5428 ============================================================
10:36:55.0086 7000 Detected object count: 8
10:36:55.0086 7000 Actual detected object count: 8
10:37:28.0985 7000 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:28.0985 7000 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:28.0985 7000 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:28.0985 7000 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:28.0985 7000 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:28.0985 7000 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:28.0985 7000 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:28.0985 7000 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:29.0000 7000 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:29.0000 7000 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:29.0000 7000 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:29.0000 7000 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:29.0000 7000 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:29.0000 7000 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:29.0000 7000 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:29.0000 7000 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:34.0507 4924 Deinitialize success
|
|
13.06.2012, 09:51
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2012, 11:25
| #20 |
| | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" und hier der cf-log: Code:
ATTFilter ComboFix 12-06-12.03 - Steffen 13.06.2012 11:08:53.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4007.2424 [GMT 2:00]
ausgeführt von:: c:\users\Steffen\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\programdata\Roaming
c:\windows\system32\ICON.ico
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-13 bis 2012-06-13 ))))))))))))))))))))))))))))))
.
.
2012-06-13 09:22 . 2012-06-13 09:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-12 22:15 . 2012-06-12 22:15 -------- d-----w- C:\_OTL
2012-06-12 13:13 . 2012-06-12 13:18 -------- d-----w- c:\users\Steffen\AppData\Roaming\HpUpdate
2012-06-12 13:13 . 2012-06-12 13:13 -------- d-----w- c:\windows\Hewlett-Packard
2012-06-11 12:34 . 2012-06-11 12:34 -------- d-----w- c:\windows\Sun
2012-06-11 12:02 . 2012-06-11 12:02 -------- d-----w- c:\program files (x86)\ESET
2012-06-08 15:29 . 2012-06-08 15:29 -------- d-----w- c:\users\Steffen\AppData\Roaming\Malwarebytes
2012-06-08 15:29 . 2012-06-08 15:29 -------- d-----w- c:\programdata\Malwarebytes
2012-06-08 15:29 . 2012-06-08 15:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-08 15:29 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-07 20:20 . 2012-06-07 20:20 -------- d-----w- c:\users\Steffen\AppData\Roaming\YourFileDownloader
2012-06-05 23:01 . 2012-06-05 23:01 -------- d-----w- c:\users\Steffen\AppData\Roaming\Rovio
2012-06-05 23:01 . 2012-06-05 23:01 -------- d-----w- c:\program files (x86)\Rovio
2012-06-05 07:25 . 2012-06-05 07:25 -------- d-----w- c:\users\Steffen\AppData\Roaming\DAPE
2012-06-05 07:24 . 2012-06-08 07:49 -------- d-----w- c:\program files (x86)\Deepnet Explorer
2012-06-05 07:24 . 2012-06-05 07:27 -------- d-----w- c:\users\Steffen\AppData\Roaming\Deepnet Explorer
2012-06-04 13:04 . 2012-06-04 13:04 -------- d-----w- c:\users\Steffen\AppData\Local\HP
2012-06-04 13:01 . 2012-06-04 13:07 -------- d-----w- c:\users\Steffen\AppData\Roaming\HP
2012-06-04 13:01 . 2012-06-04 13:01 -------- d-----w- c:\programdata\WEBREG
2012-06-04 12:57 . 2012-06-04 12:57 -------- d-----w- c:\users\Steffen\AppData\Roaming\Yahoo!
2012-06-04 12:57 . 2012-06-04 12:57 -------- d-----w- c:\programdata\Yahoo! Companion
2012-06-04 12:57 . 2012-06-04 12:57 -------- d-----w- c:\program files (x86)\Yahoo!
2012-06-04 12:56 . 2012-06-04 12:56 -------- d-----w- c:\programdata\HP Product Assistant
2012-06-04 12:55 . 2012-06-04 12:55 -------- d-----w- c:\windows\SysWow64\spool
2012-06-04 12:54 . 2012-06-04 12:54 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2012-06-04 12:54 . 2012-06-04 12:54 -------- d-----w- c:\program files (x86)\Common Files\HP
2012-06-04 12:52 . 2012-06-12 13:14 -------- d-----w- c:\program files (x86)\HP
2012-06-04 12:50 . 2012-06-04 13:02 -------- d-----w- c:\programdata\HP
2012-06-04 12:50 . 2009-07-08 10:51 861184 ----a-w- c:\windows\system32\hpowiav1.dll
2012-06-04 12:50 . 2009-07-08 10:51 730624 ----a-w- c:\windows\system32\hpotscl1.dll
2012-06-04 12:50 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll
2012-06-04 12:50 . 2009-07-08 10:51 498176 ----a-w- c:\windows\system32\hpovst01.dll
2012-05-19 18:02 . 2012-05-19 18:02 -------- d-----w- c:\users\Steffen\.gimp-2.6
2012-05-18 01:03 . 2012-05-18 01:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-05-16 14:03 . 2012-05-16 14:03 -------- d-----w- c:\program files (x86)\Free Notes & Office Ink
2012-05-16 14:02 . 2004-10-22 00:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-05-16 14:02 . 2004-10-22 00:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-05-16 14:02 . 2004-10-22 00:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-05-16 14:02 . 2004-10-22 00:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-05-16 14:02 . 2004-10-22 00:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-05-16 14:02 . 2012-05-16 14:02 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-05-16 14:02 . 2012-05-16 14:02 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-05-16 14:01 . 2012-05-16 14:01 -------- d-----w- c:\program files (x86)\Power Presenter RE II
2012-05-16 13:57 . 2012-05-16 13:57 -------- d-----w- c:\programdata\InstallShield
2012-05-16 13:57 . 2005-06-10 02:44 81920 ----a-r- c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2012-05-16 13:57 . 2005-06-10 02:44 368640 ----a-r- c:\program files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2012-05-16 13:57 . 2005-06-10 02:44 278528 ----a-r- c:\program files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2012-05-16 13:55 . 1999-10-15 10:50 1056768 ------w- c:\windows\SysWow64\ROBOEX32.DLL
2012-05-16 13:55 . 2006-07-22 17:37 49152 ------w- c:\windows\SysWow64\INETWH32.dll
2012-05-16 13:55 . 2012-05-16 13:55 -------- d-----w- c:\program files (x86)\Ulead Systems
2012-05-16 13:55 . 2012-05-16 13:55 -------- d-----w- c:\program files (x86)\Common Files\Ulead Systems
2012-05-16 13:55 . 2005-06-10 02:44 618496 ----a-r- c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2012-05-16 13:53 . 2012-05-16 13:55 -------- d-----w- c:\programdata\Ulead Systems
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-11 09:04 . 2012-05-11 08:34 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-11 09:04 . 2011-08-29 19:22 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-11 09:04 . 2012-05-11 09:04 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-08 08:08 . 2012-03-24 23:49 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 08:08 . 2012-03-24 23:49 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-31 06:05 . 2012-05-10 20:50 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-10 20:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-10 20:50 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-10 20:50 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-10 20:44 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-17 07:58 . 2012-05-10 20:44 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Classroom Teacher\SMARTBoardService.exe" [2010-08-23 5347728]
"SMART SNMP Agent"="c:\program files (x86)\SMART Technologies\Classroom Teacher\SMARTSNMPAgent.exe" [2010-08-23 1662352]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
c:\users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Arbeitsplatz.lnk - c:\program files (x86)\SMART Technologies\Classroom Teacher\DesktopMenu.exe [2010-8-23 1947024]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
SMART-Board-Werkzeuge.lnk - c:\program files (x86)\SMART Technologies\Classroom Teacher\SMARTBoardTools.exe [2010-8-23 12375952]
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2011-12-24 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 257696]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe [2010-10-07 159752]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344]
S2 Response Hardware;Response-Hardware;c:\program files (x86)\SMART Technologies\Classroom Teacher\ResponseHardwareService.exe [2010-08-23 30608]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S2 WTService;WTService;c:\windows\system32\atwtusb.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 09:04]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 18:52]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 18:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"MacrokeyManager"="WTMKM.exe" [2010-12-24 7319784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Steffen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\qan3l8td.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=060612_7_
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - f2d3d60c00000000000078929c4e2633
FF - user.js: extensions.BabylonToolbar_i.hardId - f2d3d60c00000000000078929c4e2633
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15498
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:21
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-ExpressFiles - c:\program files (x86)\ExpressFiles\ExpressFiles.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-DarkWave Studio - c:\program files (x86)\ExperimentalScene\DarkWave Studio\Uninstall.exe
AddRemove-ExpressFiles - c:\program files (x86)\ExpressFiles\uninstall.exe
AddRemove-Uncompressor - c:\program files (x86)\Uncompressor\Uninstall\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\PHotkey\ASLDRSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\PHotkey\PHotkey.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\PHotkey\MsgTranAgt.exe
c:\program files (x86)\PHotkey\POSD.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-13 11:41:39 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-13 09:41
.
Vor Suchlauf: 11 Verzeichnis(se), 339.883.147.264 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 339.492.274.176 Bytes frei
.
- - End Of File - - 96953E3A1708A0969043C4783FA41C84
|
|
13.06.2012, 15:51
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established"Zitat:
__________________ --> Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" |
|
13.06.2012, 23:38
| #22 |
| | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" Ne, Kaspersky war eine vorinstallierte Testversion, die ist mittlerweile abgelaufen, hab ich noch nich deinstalliert. Daraufhin hab ich dann zum Hauptschutz Avira installiert. |
|
14.06.2012, 12:02
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" Man muss sowas doch trotzdem VORHER deinstallieren
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Zugriff auf Rechner blockiert-White Screen+"Please wait while the connection is being established" |
| abgesicherte, abgesicherten, befall, connection, dateisystem, durchgeführt, gestartet, heuristiks/extra, heuristiks/shuriken, manager, modus, please, please wait, plötzlich, problem, pup.mywebsearch, pup.toolbardownloader, reboot, rechner, screen, task manager, versuch, versucht, virenbefall, warnungen, weiterhelfen, white, whitescreen, zugriff, zugriff blockiert |
Linear-Darstellung
