| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Suisa TrajanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.07.2012, 14:35
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Suisa Trajaner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.07.2012, 14:49
| #17 |
 | Suisa Trajaner Hier die Logdaten von TDSS-Killer
__________________Code:
ATTFilter 15:42:20.0089 7044 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
15:42:22.0102 7044 ============================================================
15:42:22.0102 7044 Current date / time: 2012/07/02 15:42:22.0102
15:42:22.0102 7044 SystemInfo:
15:42:22.0102 7044
15:42:22.0102 7044 OS Version: 6.1.7601 ServicePack: 1.0
15:42:22.0102 7044 Product type: Workstation
15:42:22.0102 7044 ComputerName: THOMAS-PC
15:42:22.0102 7044 UserName: Thomas
15:42:22.0102 7044 Windows directory: C:\Windows
15:42:22.0102 7044 System windows directory: C:\Windows
15:42:22.0102 7044 Running under WOW64
15:42:22.0102 7044 Processor architecture: Intel x64
15:42:22.0102 7044 Number of processors: 4
15:42:22.0102 7044 Page size: 0x1000
15:42:22.0102 7044 Boot type: Normal boot
15:42:22.0102 7044 ============================================================
15:42:24.0473 7044 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:42:24.0489 7044 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0489 7044 Drive \Device\Harddisk2\DR2 - Size: 0x7449FF6000 (465.16 Gb), SectorSize: 0x200, Cylinders: 0xED32, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 Drive \Device\Harddisk7\DR7 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 Drive \Device\Harddisk8\DR8 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 ============================================================
15:42:24.0925 7044 \Device\Harddisk0\DR0:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x16E3000
15:42:24.0957 7044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x171E000, BlocksNum 0x72FE8000
15:42:24.0957 7044 \Device\Harddisk1\DR1:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x74705981
15:42:24.0957 7044 \Device\Harddisk2\DR2:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A24EE73
15:42:24.0957 7044 \Device\Harddisk7\DR7:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk7\DR7\Partition0: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0xEE6BE0
15:42:24.0957 7044 \Device\Harddisk8\DR8:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk8\DR8\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
15:42:24.0957 7044 ============================================================
15:42:25.0003 7044 C: <-> \Device\Harddisk0\DR0\Partition1
15:42:25.0003 7044 F: <-> \Device\Harddisk1\DR1\Partition0
15:42:25.0035 7044 M: <-> \Device\Harddisk2\DR2\Partition0
15:42:25.0315 7044 N: <-> \Device\Harddisk8\DR8\Partition0
15:42:25.0315 7044 ============================================================
15:42:25.0315 7044 Initialize success
15:42:25.0315 7044 ============================================================
15:44:38.0477 6344 ============================================================
15:44:38.0477 6344 Scan started
15:44:38.0477 6344 Mode: Manual; SigCheck; TDLFS;
15:44:38.0477 6344 ============================================================
15:44:39.0335 6344 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:44:39.0460 6344 1394ohci - ok
15:44:39.0491 6344 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:44:39.0523 6344 ACPI - ok
15:44:39.0523 6344 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:44:39.0585 6344 AcpiPmi - ok
15:44:39.0616 6344 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:44:39.0647 6344 adfs - ok
15:44:39.0725 6344 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:44:39.0741 6344 AdobeARMservice - ok
15:44:39.0881 6344 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:44:39.0897 6344 AdobeFlashPlayerUpdateSvc - ok
15:44:39.0959 6344 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:44:39.0975 6344 adp94xx - ok
15:44:39.0991 6344 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:44:40.0006 6344 adpahci - ok
15:44:40.0022 6344 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:44:40.0022 6344 adpu320 - ok
15:44:40.0053 6344 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:44:40.0147 6344 AeLookupSvc - ok
15:44:40.0209 6344 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:44:40.0271 6344 AFD - ok
15:44:40.0287 6344 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:44:40.0318 6344 agp440 - ok
15:44:40.0334 6344 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:44:40.0381 6344 ALG - ok
15:44:40.0396 6344 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:44:40.0412 6344 aliide - ok
15:44:40.0443 6344 AMD External Events Utility (11276158eeeeadf3eb154061bfc80a19) C:\Windows\system32\atiesrxx.exe
15:44:40.0505 6344 AMD External Events Utility - ok
15:44:40.0521 6344 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:44:40.0521 6344 amdide - ok
15:44:40.0552 6344 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:44:40.0615 6344 AmdK8 - ok
15:44:40.0802 6344 amdkmdag (df943a113060d3abfda4730ae4163d6f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:44:40.0973 6344 amdkmdag - ok
15:44:41.0067 6344 amdkmdap (4003b34b4a83de29cd1c88eb6c869e58) C:\Windows\system32\DRIVERS\atikmpag.sys
15:44:41.0114 6344 amdkmdap - ok
15:44:41.0145 6344 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:44:41.0161 6344 AmdPPM - ok
15:44:41.0192 6344 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:44:41.0207 6344 amdsata - ok
15:44:41.0223 6344 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:44:41.0239 6344 amdsbs - ok
15:44:41.0270 6344 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:44:41.0270 6344 amdxata - ok
15:44:41.0317 6344 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:44:41.0441 6344 AppID - ok
15:44:41.0473 6344 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:44:41.0504 6344 AppIDSvc - ok
15:44:41.0551 6344 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:44:41.0597 6344 Appinfo - ok
15:44:41.0722 6344 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:41.0738 6344 Apple Mobile Device - ok
15:44:41.0769 6344 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:44:41.0769 6344 arc - ok
15:44:41.0785 6344 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:44:41.0800 6344 arcsas - ok
15:44:41.0816 6344 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:41.0878 6344 AsyncMac - ok
15:44:41.0909 6344 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:44:41.0925 6344 atapi - ok
15:44:41.0972 6344 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
15:44:41.0987 6344 AtiHDAudioService - ok
15:44:42.0003 6344 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
15:44:42.0019 6344 AtiHdmiService - ok
15:44:42.0065 6344 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:44:42.0112 6344 AudioEndpointBuilder - ok
15:44:42.0112 6344 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:44:42.0143 6344 AudioSrv - ok
15:44:42.0190 6344 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:44:42.0268 6344 AxInstSV - ok
15:44:42.0299 6344 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:44:42.0331 6344 b06bdrv - ok
15:44:42.0362 6344 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:44:42.0409 6344 b57nd60a - ok
15:44:42.0440 6344 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:44:42.0487 6344 BDESVC - ok
15:44:42.0502 6344 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:44:42.0565 6344 Beep - ok
15:44:42.0596 6344 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:44:42.0627 6344 BFE - ok
15:44:42.0674 6344 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:44:42.0736 6344 BITS - ok
15:44:42.0830 6344 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:44:42.0861 6344 blbdrive - ok
15:44:43.0001 6344 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:44:43.0033 6344 Bonjour Service - ok
15:44:43.0064 6344 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:44:43.0095 6344 bowser - ok
15:44:43.0111 6344 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:44:43.0173 6344 BrFiltLo - ok
15:44:43.0189 6344 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:44:43.0204 6344 BrFiltUp - ok
15:44:43.0235 6344 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:44:43.0282 6344 Browser - ok
15:44:43.0298 6344 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:44:43.0345 6344 Brserid - ok
15:44:43.0345 6344 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:44:43.0376 6344 BrSerWdm - ok
15:44:43.0391 6344 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:44:43.0438 6344 BrUsbMdm - ok
15:44:43.0454 6344 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:44:43.0485 6344 BrUsbSer - ok
15:44:43.0516 6344 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:44:43.0532 6344 BTHMODEM - ok
15:44:43.0579 6344 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:44:43.0625 6344 bthserv - ok
15:44:43.0657 6344 btusb64h (96fc3b1123502d457f4c54a41c0b5c06) C:\Windows\system32\drivers\btusb64h.sys
15:44:43.0672 6344 btusb64h - ok
15:44:43.0735 6344 Bufssvr (76ba10cc44496f3796b0548ae2b15ad6) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe
15:44:43.0750 6344 Bufssvr - ok
15:44:43.0781 6344 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:44:43.0797 6344 cdfs - ok
15:44:43.0844 6344 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:44:43.0875 6344 cdrom - ok
15:44:43.0906 6344 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:44:43.0969 6344 CertPropSvc - ok
15:44:44.0015 6344 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
15:44:44.0015 6344 cfwids - ok
15:44:44.0031 6344 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:44:44.0047 6344 circlass - ok
15:44:44.0078 6344 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:44:44.0078 6344 CLFS - ok
15:44:44.0140 6344 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:44.0156 6344 clr_optimization_v2.0.50727_32 - ok
15:44:44.0203 6344 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:44.0218 6344 clr_optimization_v2.0.50727_64 - ok
15:44:44.0281 6344 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:44.0312 6344 clr_optimization_v4.0.30319_32 - ok
15:44:44.0327 6344 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:44:44.0327 6344 clr_optimization_v4.0.30319_64 - ok
15:44:44.0359 6344 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:44.0374 6344 CmBatt - ok
15:44:44.0390 6344 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:44:44.0405 6344 cmdide - ok
15:44:44.0452 6344 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:44:44.0483 6344 CNG - ok
15:44:44.0499 6344 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:44:44.0499 6344 Compbatt - ok
15:44:44.0546 6344 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:44:44.0593 6344 CompositeBus - ok
15:44:44.0593 6344 COMSysApp - ok
15:44:44.0608 6344 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:44:44.0639 6344 crcdisk - ok
15:44:44.0671 6344 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:44:44.0717 6344 CryptSvc - ok
15:44:44.0842 6344 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:44:44.0873 6344 cvhsvc - ok
15:44:44.0920 6344 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:44:44.0983 6344 DcomLaunch - ok
15:44:44.0998 6344 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:44:45.0045 6344 defragsvc - ok
15:44:45.0107 6344 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:44:45.0170 6344 DfsC - ok
15:44:45.0185 6344 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:44:45.0217 6344 Dhcp - ok
15:44:45.0232 6344 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:44:45.0248 6344 discache - ok
15:44:45.0263 6344 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:44:45.0279 6344 Disk - ok
15:44:45.0310 6344 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:44:45.0373 6344 Dnscache - ok
15:44:45.0451 6344 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:44:45.0466 6344 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
15:44:45.0466 6344 DockLoginService - detected UnsignedFile.Multi.Generic (1)
15:44:45.0497 6344 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:44:45.0544 6344 dot3svc - ok
15:44:45.0560 6344 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:44:45.0607 6344 DPS - ok
15:44:45.0638 6344 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:44:45.0669 6344 drmkaud - ok
15:44:45.0716 6344 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:44:45.0747 6344 DXGKrnl - ok
15:44:45.0763 6344 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:44:45.0794 6344 EapHost - ok
15:44:45.0887 6344 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:44:45.0981 6344 ebdrv - ok
15:44:46.0059 6344 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:44:46.0106 6344 EFS - ok
15:44:46.0168 6344 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:44:46.0199 6344 ehRecvr - ok
15:44:46.0215 6344 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:44:46.0231 6344 ehSched - ok
15:44:46.0277 6344 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:44:46.0309 6344 elxstor - ok
15:44:46.0324 6344 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:44:46.0355 6344 ErrDev - ok
15:44:46.0402 6344 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:44:46.0449 6344 EventSystem - ok
15:44:46.0480 6344 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:44:46.0511 6344 exfat - ok
15:44:46.0543 6344 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:44:46.0574 6344 fastfat - ok
15:44:46.0621 6344 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:44:46.0667 6344 Fax - ok
15:44:46.0683 6344 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:44:46.0714 6344 fdc - ok
15:44:46.0730 6344 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:44:46.0792 6344 fdPHost - ok
15:44:46.0808 6344 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:44:46.0839 6344 FDResPub - ok
15:44:46.0855 6344 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:44:46.0855 6344 FileInfo - ok
15:44:46.0886 6344 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:44:46.0933 6344 Filetrace - ok
15:44:46.0995 6344 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:44:47.0026 6344 FLEXnet Licensing Service - ok
15:44:47.0104 6344 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:44:47.0135 6344 FLEXnet Licensing Service 64 - ok
15:44:47.0213 6344 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:47.0245 6344 flpydisk - ok
15:44:47.0276 6344 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:44:47.0307 6344 FltMgr - ok
15:44:47.0369 6344 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:44:47.0416 6344 FontCache - ok
15:44:47.0479 6344 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:47.0510 6344 FontCache3.0.0.0 - ok
15:44:47.0525 6344 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:44:47.0557 6344 FsDepends - ok
15:44:47.0572 6344 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:44:47.0588 6344 Fs_Rec - ok
15:44:47.0635 6344 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:44:47.0650 6344 fvevol - ok
15:44:47.0681 6344 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:44:47.0681 6344 gagp30kx - ok
15:44:47.0728 6344 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:44:47.0728 6344 GEARAspiWDM - ok
15:44:47.0775 6344 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:44:47.0822 6344 gpsvc - ok
15:44:47.0884 6344 grmnusb (6650be8ed524eae5a75b0b0ce41fd9ee) C:\Windows\system32\drivers\grmnusb.sys
15:44:47.0884 6344 Suspicious file (Forged): C:\Windows\system32\drivers\grmnusb.sys. Real md5: 6650be8ed524eae5a75b0b0ce41fd9ee, Fake md5: a483584111734dfed3af11e57250e4e0
15:44:47.0884 6344 grmnusb ( ForgedFile.Multi.Generic ) - warning
15:44:47.0884 6344 grmnusb - detected ForgedFile.Multi.Generic (1)
15:44:47.0978 6344 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:47.0993 6344 gupdate - ok
15:44:48.0009 6344 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:48.0025 6344 gupdatem - ok
15:44:48.0025 6344 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:44:48.0071 6344 hcw85cir - ok
15:44:48.0103 6344 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:44:48.0134 6344 HdAudAddService - ok
15:44:48.0181 6344 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:44:48.0227 6344 HDAudBus - ok
15:44:48.0243 6344 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:44:48.0274 6344 HECIx64 - ok
15:44:48.0274 6344 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:44:48.0305 6344 HidBatt - ok
15:44:48.0321 6344 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:44:48.0321 6344 HidBth - ok
15:44:48.0352 6344 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:44:48.0368 6344 HidIr - ok
15:44:48.0383 6344 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:44:48.0430 6344 hidserv - ok
15:44:48.0446 6344 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:44:48.0477 6344 HidUsb - ok
15:44:48.0493 6344 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:44:48.0555 6344 hkmsvc - ok
15:44:48.0586 6344 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:44:48.0633 6344 HomeGroupListener - ok
15:44:48.0664 6344 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:44:48.0695 6344 HomeGroupProvider - ok
15:44:48.0742 6344 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:44:48.0758 6344 HpSAMD - ok
15:44:48.0805 6344 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:44:48.0851 6344 HTTP - ok
15:44:48.0867 6344 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:44:48.0867 6344 hwpolicy - ok
15:44:48.0898 6344 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:44:48.0898 6344 i8042prt - ok
15:44:48.0945 6344 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:44:48.0976 6344 iaStorV - ok
15:44:49.0039 6344 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:44:49.0070 6344 idsvc - ok
15:44:49.0085 6344 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:44:49.0101 6344 iirsp - ok
15:44:49.0132 6344 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:44:49.0163 6344 IKEEXT - ok
15:44:49.0210 6344 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
15:44:49.0241 6344 Impcd - ok
15:44:49.0257 6344 IntcAzAudAddService - ok
15:44:49.0288 6344 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:44:49.0335 6344 IntcDAud - ok
15:44:49.0351 6344 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:44:49.0366 6344 intelide - ok
15:44:49.0382 6344 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:44:49.0413 6344 intelppm - ok
15:44:49.0429 6344 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:44:49.0491 6344 IPBusEnum - ok
15:44:49.0507 6344 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:44:49.0553 6344 IpFilterDriver - ok
15:44:49.0600 6344 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:44:49.0647 6344 iphlpsvc - ok
15:44:49.0678 6344 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:44:49.0694 6344 IPMIDRV - ok
15:44:49.0709 6344 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:44:49.0756 6344 IPNAT - ok
15:44:49.0834 6344 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:44:49.0850 6344 iPod Service - ok
15:44:49.0897 6344 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
15:44:49.0959 6344 irda - ok
15:44:49.0975 6344 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:44:49.0990 6344 IRENUM - ok
15:44:50.0021 6344 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll
15:44:50.0053 6344 Irmon - ok
15:44:50.0084 6344 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:44:50.0099 6344 isapnp - ok
15:44:50.0131 6344 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:44:50.0162 6344 iScsiPrt - ok
15:44:50.0193 6344 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
15:44:50.0224 6344 k57nd60a - ok
15:44:50.0240 6344 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:44:50.0240 6344 kbdclass - ok
15:44:50.0271 6344 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:44:50.0287 6344 kbdhid - ok
15:44:50.0318 6344 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:50.0318 6344 KeyIso - ok
15:44:50.0349 6344 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:44:50.0365 6344 KSecDD - ok
15:44:50.0380 6344 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:44:50.0396 6344 KSecPkg - ok
15:44:50.0411 6344 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:44:50.0443 6344 ksthunk - ok
15:44:50.0474 6344 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:44:50.0505 6344 KtmRm - ok
15:44:50.0567 6344 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:44:50.0614 6344 LanmanServer - ok
15:44:50.0630 6344 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:44:50.0692 6344 LanmanWorkstation - ok
15:44:50.0708 6344 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:44:50.0755 6344 lltdio - ok
15:44:50.0770 6344 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:44:50.0801 6344 lltdsvc - ok
15:44:50.0817 6344 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:44:50.0848 6344 lmhosts - ok
15:44:50.0864 6344 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:44:50.0864 6344 LSI_FC - ok
15:44:50.0879 6344 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:44:50.0895 6344 LSI_SAS - ok
15:44:50.0911 6344 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:44:50.0926 6344 LSI_SAS2 - ok
15:44:50.0926 6344 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:44:50.0942 6344 LSI_SCSI - ok
15:44:50.0957 6344 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:44:50.0989 6344 luafv - ok
15:44:51.0035 6344 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:44:51.0051 6344 MBAMProtector - ok
15:44:51.0129 6344 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:44:51.0160 6344 MBAMService - ok
15:44:51.0238 6344 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:51.0269 6344 McAfee SiteAdvisor Service - ok
15:44:51.0269 6344 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:51.0285 6344 McMPFSvc - ok
15:44:51.0301 6344 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0301 6344 mcmscsvc - ok
15:44:51.0316 6344 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0316 6344 McNaiAnn - ok
15:44:51.0347 6344 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0347 6344 McNASvc - ok
15:44:51.0410 6344 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\mcafee\VirusScan\mcods.exe
15:44:51.0441 6344 McODS - ok
15:44:51.0441 6344 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0457 6344 McProxy - ok
15:44:51.0503 6344 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:44:51.0519 6344 McShield - ok
15:44:51.0613 6344 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:44:51.0644 6344 Mcx2Svc - ok
15:44:51.0691 6344 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:44:51.0706 6344 megasas - ok
15:44:51.0737 6344 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:44:51.0769 6344 MegaSR - ok
15:44:51.0784 6344 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
15:44:51.0815 6344 mfeapfk - ok
15:44:51.0862 6344 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
15:44:51.0878 6344 mfeavfk - ok
15:44:51.0893 6344 mfeavfk01 - ok
15:44:51.0909 6344 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:44:51.0925 6344 mfefire - ok
15:44:51.0956 6344 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
15:44:51.0971 6344 mfefirek - ok
15:44:52.0003 6344 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
15:44:52.0018 6344 mfehidk - ok
15:44:52.0034 6344 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:44:52.0034 6344 mfenlfk - ok
15:44:52.0081 6344 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
15:44:52.0096 6344 mferkdet - ok
15:44:52.0112 6344 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
15:44:52.0127 6344 mfevtp - ok
15:44:52.0143 6344 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
15:44:52.0159 6344 mfewfpk - ok
15:44:52.0190 6344 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:44:52.0221 6344 MMCSS - ok
15:44:52.0237 6344 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:44:52.0283 6344 Modem - ok
15:44:52.0299 6344 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:44:52.0330 6344 monitor - ok
15:44:52.0361 6344 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:44:52.0393 6344 mouclass - ok
15:44:52.0408 6344 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:44:52.0439 6344 mouhid - ok
15:44:52.0471 6344 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:44:52.0486 6344 mountmgr - ok
15:44:52.0502 6344 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:44:52.0517 6344 mpio - ok
15:44:52.0533 6344 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:44:52.0549 6344 mpsdrv - ok
15:44:52.0595 6344 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:44:52.0642 6344 MpsSvc - ok
15:44:52.0673 6344 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:44:52.0705 6344 MRxDAV - ok
15:44:52.0736 6344 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:44:52.0767 6344 mrxsmb - ok
15:44:52.0814 6344 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:44:52.0845 6344 mrxsmb10 - ok
15:44:52.0861 6344 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:44:52.0861 6344 mrxsmb20 - ok
15:44:52.0876 6344 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:44:52.0892 6344 msahci - ok
15:44:52.0907 6344 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:44:52.0907 6344 msdsm - ok
15:44:52.0939 6344 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:44:52.0954 6344 MSDTC - ok
15:44:52.0970 6344 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:44:52.0985 6344 Msfs - ok
15:44:53.0017 6344 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:44:53.0048 6344 mshidkmdf - ok
15:44:53.0048 6344 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:44:53.0063 6344 msisadrv - ok
15:44:53.0079 6344 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:44:53.0141 6344 MSiSCSI - ok
15:44:53.0141 6344 msiserver - ok
15:44:53.0235 6344 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:53.0251 6344 MSK80Service - ok
15:44:53.0282 6344 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:44:53.0297 6344 MSKSSRV - ok
15:44:53.0313 6344 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:44:53.0344 6344 MSPCLOCK - ok
15:44:53.0360 6344 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:44:53.0391 6344 MSPQM - ok
15:44:53.0422 6344 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:44:53.0438 6344 MsRPC - ok
15:44:53.0469 6344 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:44:53.0485 6344 mssmbios - ok
15:44:53.0500 6344 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:44:53.0531 6344 MSTEE - ok
15:44:53.0531 6344 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:44:53.0547 6344 MTConfig - ok
15:44:53.0563 6344 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:44:53.0563 6344 Mup - ok
15:44:53.0609 6344 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:44:53.0656 6344 napagent - ok
15:44:53.0672 6344 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:44:53.0734 6344 NativeWifiP - ok
15:44:53.0781 6344 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:44:53.0812 6344 NDIS - ok
15:44:53.0828 6344 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:44:53.0875 6344 NdisCap - ok
15:44:53.0890 6344 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:44:53.0953 6344 NdisTapi - ok
15:44:53.0984 6344 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:44:54.0015 6344 Ndisuio - ok
15:44:54.0046 6344 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:44:54.0109 6344 NdisWan - ok
15:44:54.0140 6344 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:44:54.0171 6344 NDProxy - ok
15:44:54.0187 6344 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:44:54.0218 6344 NetBIOS - ok
15:44:54.0233 6344 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:44:54.0280 6344 NetBT - ok
15:44:54.0296 6344 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:54.0327 6344 Netlogon - ok
15:44:54.0358 6344 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:44:54.0405 6344 Netman - ok
15:44:54.0421 6344 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:44:54.0467 6344 netprofm - ok
15:44:54.0514 6344 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:54.0545 6344 NetTcpPortSharing - ok
15:44:54.0561 6344 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:44:54.0577 6344 nfrd960 - ok
15:44:54.0592 6344 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:44:54.0623 6344 NlaSvc - ok
15:44:54.0639 6344 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:44:54.0670 6344 Npfs - ok
15:44:54.0686 6344 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:44:54.0717 6344 nsi - ok
15:44:54.0733 6344 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:44:54.0764 6344 nsiproxy - ok
15:44:54.0842 6344 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:44:54.0889 6344 Ntfs - ok
15:44:54.0951 6344 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:44:55.0013 6344 Null - ok
15:44:55.0045 6344 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:44:55.0060 6344 nvraid - ok
15:44:55.0076 6344 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:44:55.0091 6344 nvstor - ok
15:44:55.0123 6344 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:44:55.0138 6344 nv_agp - ok
15:44:55.0154 6344 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:44:55.0201 6344 ohci1394 - ok
15:44:55.0279 6344 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:55.0310 6344 ose - ok
15:44:55.0481 6344 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:44:55.0591 6344 osppsvc - ok
15:44:55.0669 6344 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:44:55.0715 6344 p2pimsvc - ok
15:44:55.0731 6344 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:44:55.0747 6344 p2psvc - ok
15:44:55.0793 6344 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:44:55.0809 6344 Parport - ok
15:44:55.0840 6344 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:44:55.0871 6344 partmgr - ok
15:44:55.0903 6344 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:44:55.0934 6344 PcaSvc - ok
15:44:55.0996 6344 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:44:56.0043 6344 pccsmcfd - ok
15:44:56.0121 6344 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
15:44:56.0137 6344 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:44:56.0168 6344 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:44:56.0183 6344 pci - ok
15:44:56.0183 6344 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:44:56.0199 6344 pciide - ok
15:44:56.0215 6344 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:44:56.0230 6344 pcmcia - ok
15:44:56.0246 6344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:44:56.0261 6344 pcw - ok
15:44:56.0277 6344 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:44:56.0339 6344 PEAUTH - ok
15:44:56.0402 6344 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:44:56.0433 6344 PerfHost - ok
15:44:56.0495 6344 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:44:56.0558 6344 pla - ok
15:44:56.0605 6344 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:44:56.0636 6344 PlugPlay - ok
15:44:56.0667 6344 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys
15:44:56.0667 6344 pmxdrv - ok
15:44:56.0683 6344 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:44:56.0729 6344 PNRPAutoReg - ok
15:44:56.0761 6344 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:44:56.0761 6344 PNRPsvc - ok
15:44:56.0792 6344 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:44:56.0839 6344 PolicyAgent - ok
15:44:56.0854 6344 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:44:56.0901 6344 Power - ok
15:44:56.0932 6344 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:44:56.0963 6344 PptpMiniport - ok
15:44:56.0995 6344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:44:56.0995 6344 Processor - ok
15:44:57.0041 6344 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:44:57.0088 6344 ProfSvc - ok
15:44:57.0119 6344 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:57.0119 6344 ProtectedStorage - ok
15:44:57.0166 6344 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:44:57.0213 6344 Psched - ok
15:44:57.0229 6344 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:44:57.0244 6344 PxHlpa64 - ok
15:44:57.0307 6344 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:44:57.0353 6344 ql2300 - ok
15:44:57.0447 6344 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:44:57.0463 6344 ql40xx - ok
15:44:57.0478 6344 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:44:57.0525 6344 QWAVE - ok
15:44:57.0541 6344 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:44:57.0572 6344 QWAVEdrv - ok
15:44:57.0572 6344 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:44:57.0619 6344 RasAcd - ok
15:44:57.0665 6344 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:44:57.0712 6344 RasAgileVpn - ok
15:44:57.0728 6344 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:44:57.0759 6344 RasAuto - ok
15:44:57.0790 6344 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:44:57.0853 6344 Rasl2tp - ok
15:44:57.0899 6344 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:44:57.0931 6344 RasMan - ok
15:44:57.0946 6344 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:44:57.0993 6344 RasPppoe - ok
15:44:58.0009 6344 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:44:58.0040 6344 RasSstp - ok
15:44:58.0055 6344 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:44:58.0087 6344 rdbss - ok
15:44:58.0087 6344 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:44:58.0102 6344 rdpbus - ok
15:44:58.0133 6344 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:44:58.0165 6344 RDPCDD - ok
15:44:58.0180 6344 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:44:58.0211 6344 RDPENCDD - ok
15:44:58.0227 6344 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:44:58.0258 6344 RDPREFMP - ok
15:44:58.0289 6344 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:44:58.0336 6344 RDPWD - ok
15:44:58.0367 6344 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:44:58.0399 6344 rdyboost - ok
15:44:58.0414 6344 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:44:58.0445 6344 RemoteAccess - ok
15:44:58.0477 6344 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:44:58.0523 6344 RemoteRegistry - ok
15:44:58.0539 6344 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:44:58.0570 6344 RpcEptMapper - ok
15:44:58.0633 6344 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:44:58.0664 6344 RpcLocator - ok
15:44:58.0711 6344 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:44:58.0742 6344 RpcSs - ok
15:44:58.0757 6344 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:44:58.0789 6344 rspndr - ok
15:44:58.0820 6344 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:58.0835 6344 SamSs - ok
15:44:58.0867 6344 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:44:58.0882 6344 sbp2port - ok
15:44:58.0898 6344 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:44:58.0945 6344 SCardSvr - ok
15:44:58.0976 6344 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:44:59.0023 6344 scfilter - ok
15:44:59.0069 6344 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:44:59.0101 6344 Schedule - ok
15:44:59.0132 6344 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:44:59.0179 6344 SCPolicySvc - ok
15:44:59.0210 6344 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:44:59.0257 6344 SDRSVC - ok
15:44:59.0288 6344 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:44:59.0335 6344 secdrv - ok
15:44:59.0366 6344 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:44:59.0413 6344 seclogon - ok
15:44:59.0444 6344 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:44:59.0475 6344 SENS - ok
15:44:59.0491 6344 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:44:59.0537 6344 SensrSvc - ok
15:44:59.0553 6344 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:44:59.0569 6344 Serenum - ok
15:44:59.0584 6344 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:44:59.0600 6344 Serial - ok
15:44:59.0631 6344 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:44:59.0662 6344 sermouse - ok
15:44:59.0709 6344 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:44:59.0771 6344 SessionEnv - ok
15:44:59.0803 6344 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:44:59.0834 6344 sffdisk - ok
15:44:59.0849 6344 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:44:59.0881 6344 sffp_mmc - ok
15:44:59.0881 6344 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:44:59.0912 6344 sffp_sd - ok
15:44:59.0912 6344 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:44:59.0927 6344 sfloppy - ok
15:44:59.0974 6344 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:44:59.0990 6344 Sftfs - ok
15:45:00.0068 6344 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:45:00.0099 6344 sftlist - ok
15:45:00.0130 6344 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:45:00.0161 6344 Sftplay - ok
15:45:00.0177 6344 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:45:00.0177 6344 Sftredir - ok
15:45:00.0239 6344 SftService (cf53dcce55e500f51089774e851e7363) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:45:00.0255 6344 SftService - ok
15:45:00.0255 6344 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:45:00.0271 6344 Sftvol - ok
15:45:00.0286 6344 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:45:00.0286 6344 sftvsa - ok
15:45:00.0317 6344 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:45:00.0349 6344 SharedAccess - ok
15:45:00.0395 6344 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:45:00.0427 6344 ShellHWDetection - ok
15:45:00.0458 6344 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:45:00.0489 6344 SiSRaid2 - ok
15:45:00.0489 6344 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:45:00.0505 6344 SiSRaid4 - ok
15:45:00.0536 6344 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:45:00.0583 6344 Smb - ok
15:45:00.0629 6344 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:45:00.0676 6344 SNMPTRAP - ok
15:45:00.0676 6344 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:45:00.0692 6344 spldr - ok
15:45:00.0723 6344 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:45:00.0739 6344 Spooler - ok
15:45:00.0848 6344 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:45:00.0910 6344 sppsvc - ok
15:45:00.0973 6344 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:45:01.0019 6344 sppuinotify - ok
15:45:01.0082 6344 Spyder2 (b9413b99dbb704e0f5824775a1118cc7) C:\Windows\system32\DRIVERS\Spyder2.sys
15:45:01.0113 6344 Spyder2 - ok
15:45:01.0144 6344 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:45:01.0191 6344 srv - ok
15:45:01.0207 6344 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:45:01.0222 6344 srv2 - ok
15:45:01.0238 6344 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:45:01.0269 6344 srvnet - ok
15:45:01.0285 6344 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:45:01.0331 6344 SSDPSRV - ok
15:45:01.0347 6344 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:45:01.0378 6344 SstpSvc - ok
15:45:01.0394 6344 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:45:01.0409 6344 stexstor - ok
15:45:01.0456 6344 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:45:01.0503 6344 stisvc - ok
15:45:01.0550 6344 stus2x64 (2663dde5852b05768c526b78fa99e6b6) C:\Windows\system32\DRIVERS\stusb2ir.sys
15:45:01.0581 6344 stus2x64 - ok
15:45:01.0612 6344 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:45:01.0628 6344 swenum - ok
15:45:01.0690 6344 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:45:01.0721 6344 swprv - ok
15:45:01.0784 6344 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:45:01.0831 6344 SysMain - ok
15:45:01.0909 6344 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:45:01.0940 6344 TabletInputService - ok
15:45:01.0971 6344 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:45:02.0033 6344 TapiSrv - ok
15:45:02.0049 6344 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:45:02.0065 6344 TBS - ok
15:45:02.0174 6344 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:45:02.0221 6344 Tcpip - ok
15:45:02.0299 6344 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:45:02.0330 6344 TCPIP6 - ok
15:45:02.0377 6344 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:45:02.0423 6344 tcpipreg - ok
15:45:02.0455 6344 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:45:02.0486 6344 TDPIPE - ok
15:45:02.0501 6344 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:45:02.0517 6344 TDTCP - ok
15:45:02.0548 6344 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:45:02.0611 6344 tdx - ok
15:45:02.0642 6344 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:45:02.0642 6344 TermDD - ok
15:45:02.0673 6344 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:45:02.0720 6344 TermService - ok
15:45:02.0735 6344 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:45:02.0751 6344 Themes - ok
15:45:02.0798 6344 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:45:02.0829 6344 THREADORDER - ok
15:45:02.0829 6344 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:45:02.0860 6344 TrkWks - ok
15:45:02.0907 6344 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:45:02.0954 6344 TrustedInstaller - ok
15:45:02.0985 6344 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:03.0016 6344 tssecsrv - ok
15:45:03.0047 6344 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:45:03.0094 6344 TsUsbFlt - ok
15:45:03.0125 6344 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:45:03.0172 6344 tunnel - ok
15:45:03.0203 6344 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:45:03.0203 6344 uagp35 - ok
15:45:03.0219 6344 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:45:03.0250 6344 udfs - ok
15:45:03.0266 6344 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:45:03.0281 6344 UI0Detect - ok
15:45:03.0313 6344 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:45:03.0344 6344 uliagpkx - ok
15:45:03.0359 6344 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:45:03.0391 6344 umbus - ok
15:45:03.0406 6344 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:45:03.0422 6344 UmPass - ok
15:45:03.0453 6344 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:45:03.0469 6344 upnphost - ok
15:45:03.0500 6344 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:45:03.0547 6344 USBAAPL64 - ok
15:45:03.0578 6344 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:03.0609 6344 usbccgp - ok
15:45:03.0640 6344 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:45:03.0671 6344 usbcir - ok
15:45:03.0671 6344 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:45:03.0703 6344 usbehci - ok
15:45:03.0718 6344 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:45:03.0734 6344 usbhub - ok
15:45:03.0749 6344 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:45:03.0765 6344 usbohci - ok
15:45:03.0781 6344 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:45:03.0796 6344 usbprint - ok
15:45:03.0827 6344 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:45:03.0843 6344 usbscan - ok
15:45:03.0874 6344 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
15:45:03.0905 6344 usbser - ok
15:45:03.0937 6344 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:03.0983 6344 USBSTOR - ok
15:45:03.0999 6344 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:45:04.0030 6344 usbuhci - ok
15:45:04.0061 6344 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:45:04.0108 6344 UxSms - ok
15:45:04.0124 6344 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:45:04.0139 6344 VaultSvc - ok
15:45:04.0155 6344 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:45:04.0155 6344 vdrvroot - ok
15:45:04.0202 6344 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:45:04.0217 6344 vds - ok
15:45:04.0233 6344 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:04.0249 6344 vga - ok
15:45:04.0249 6344 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:45:04.0295 6344 VgaSave - ok
15:45:04.0311 6344 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:45:04.0311 6344 vhdmp - ok
15:45:04.0327 6344 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:45:04.0327 6344 viaide - ok
15:45:04.0373 6344 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:45:04.0405 6344 volmgr - ok
15:45:04.0436 6344 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:45:04.0467 6344 volmgrx - ok
15:45:04.0483 6344 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:45:04.0498 6344 volsnap - ok
15:45:04.0529 6344 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:45:04.0545 6344 vsmraid - ok
15:45:04.0592 6344 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:45:04.0639 6344 VSS - ok
15:45:04.0732 6344 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:45:04.0779 6344 vwifibus - ok
15:45:04.0810 6344 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:45:04.0857 6344 W32Time - ok
15:45:04.0873 6344 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:45:04.0888 6344 WacomPen - ok
15:45:04.0919 6344 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:04.0966 6344 WANARP - ok
15:45:04.0966 6344 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:04.0997 6344 Wanarpv6 - ok
15:45:05.0091 6344 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:45:05.0122 6344 WatAdminSvc - ok
15:45:05.0185 6344 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:45:05.0231 6344 wbengine - ok
15:45:05.0278 6344 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:45:05.0309 6344 WbioSrvc - ok
15:45:05.0356 6344 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:45:05.0387 6344 wcncsvc - ok
15:45:05.0403 6344 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:45:05.0419 6344 WcsPlugInService - ok
15:45:05.0465 6344 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:45:05.0481 6344 Wd - ok
15:45:05.0512 6344 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:45:05.0543 6344 Wdf01000 - ok
15:45:05.0559 6344 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:05.0637 6344 WdiServiceHost - ok
15:45:05.0653 6344 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:05.0668 6344 WdiSystemHost - ok
15:45:05.0699 6344 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:45:05.0746 6344 WebClient - ok
15:45:05.0762 6344 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:45:05.0809 6344 Wecsvc - ok
15:45:05.0809 6344 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:45:05.0840 6344 wercplsupport - ok
15:45:05.0855 6344 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:45:05.0887 6344 WerSvc - ok
15:45:05.0918 6344 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:45:05.0933 6344 WfpLwf - ok
15:45:05.0980 6344 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
15:45:06.0011 6344 WimFltr - ok
15:45:06.0011 6344 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:45:06.0027 6344 WIMMount - ok
15:45:06.0043 6344 WinDefend - ok
15:45:06.0043 6344 WinHttpAutoProxySvc - ok
15:45:06.0089 6344 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:45:06.0136 6344 Winmgmt - ok
15:45:06.0199 6344 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:45:06.0261 6344 WinRM - ok
15:45:06.0339 6344 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:45:06.0370 6344 WinUsb - ok
15:45:06.0417 6344 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:45:06.0448 6344 Wlansvc - ok
15:45:06.0604 6344 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:45:06.0635 6344 wlidsvc - ok
15:45:06.0682 6344 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:45:06.0713 6344 WmiAcpi - ok
15:45:06.0745 6344 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:45:06.0776 6344 wmiApSrv - ok
15:45:06.0838 6344 WMPNetworkSvc - ok
15:45:06.0854 6344 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:45:06.0885 6344 WPCSvc - ok
15:45:06.0932 6344 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:45:06.0963 6344 WPDBusEnum - ok
15:45:06.0979 6344 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:45:07.0010 6344 ws2ifsl - ok
15:45:07.0025 6344 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:45:07.0041 6344 wscsvc - ok
15:45:07.0057 6344 WSearch - ok
15:45:07.0150 6344 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:45:07.0181 6344 wuauserv - ok
15:45:07.0259 6344 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:45:07.0306 6344 WudfPf - ok
15:45:07.0337 6344 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:45:07.0369 6344 WUDFRd - ok
15:45:07.0400 6344 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:45:07.0431 6344 wudfsvc - ok
15:45:07.0447 6344 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:45:07.0478 6344 WwanSvc - ok
15:45:07.0509 6344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:45:07.0727 6344 \Device\Harddisk0\DR0 - ok
15:45:07.0759 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:45:07.0883 6344 \Device\Harddisk1\DR1 - ok
15:45:07.0883 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
15:45:08.0445 6344 \Device\Harddisk2\DR2 - ok
15:45:08.0461 6344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk7\DR7
15:45:09.0194 6344 \Device\Harddisk7\DR7 - ok
15:45:09.0209 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk8\DR8
15:45:09.0584 6344 \Device\Harddisk8\DR8 - ok
15:45:09.0584 6344 Boot (0x1200) (42a6c5965f6525084a641e2c3c3516ad) \Device\Harddisk0\DR0\Partition0
15:45:09.0584 6344 \Device\Harddisk0\DR0\Partition0 - ok
15:45:09.0615 6344 Boot (0x1200) (8bc2afb6c04b91a0e981f2a953c8e9a3) \Device\Harddisk0\DR0\Partition1
15:45:09.0615 6344 \Device\Harddisk0\DR0\Partition1 - ok
15:45:09.0615 6344 Boot (0x1200) (ab5302e2e6a6e44a277144217332ec75) \Device\Harddisk1\DR1\Partition0
15:45:09.0615 6344 \Device\Harddisk1\DR1\Partition0 - ok
15:45:09.0615 6344 Boot (0x1200) (d097a231e2a89e9d91e972f923d52b36) \Device\Harddisk2\DR2\Partition0
15:45:09.0631 6344 \Device\Harddisk2\DR2\Partition0 - ok
15:45:09.0631 6344 Boot (0x1200) (5e31166fc5ec78a21cb3ae809625bb50) \Device\Harddisk7\DR7\Partition0
15:45:09.0631 6344 \Device\Harddisk7\DR7\Partition0 - ok
15:45:09.0646 6344 Boot (0x1200) (15923595181b557b9dfa53447858105f) \Device\Harddisk8\DR8\Partition0
15:45:09.0646 6344 \Device\Harddisk8\DR8\Partition0 - ok
15:45:09.0646 6344 ============================================================
15:45:09.0646 6344 Scan finished
15:45:09.0646 6344 ============================================================
15:45:09.0646 6328 Detected object count: 2
15:45:09.0646 6328 Actual detected object count: 2
|
|
02.07.2012, 16:18
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner Log ist unvollständig, die untere Zusammenfassung fehlt
__________________
__________________ |
|
02.07.2012, 20:40
| #19 |
| | Suisa TrajanerCode:
ATTFilter 15:42:20.0089 7044 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
15:42:22.0102 7044 ============================================================
15:42:22.0102 7044 Current date / time: 2012/07/02 15:42:22.0102
15:42:22.0102 7044 SystemInfo:
15:42:22.0102 7044
15:42:22.0102 7044 OS Version: 6.1.7601 ServicePack: 1.0
15:42:22.0102 7044 Product type: Workstation
15:42:22.0102 7044 ComputerName: THOMAS-PC
15:42:22.0102 7044 UserName: Thomas
15:42:22.0102 7044 Windows directory: C:\Windows
15:42:22.0102 7044 System windows directory: C:\Windows
15:42:22.0102 7044 Running under WOW64
15:42:22.0102 7044 Processor architecture: Intel x64
15:42:22.0102 7044 Number of processors: 4
15:42:22.0102 7044 Page size: 0x1000
15:42:22.0102 7044 Boot type: Normal boot
15:42:22.0102 7044 ============================================================
15:42:24.0473 7044 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:42:24.0489 7044 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0489 7044 Drive \Device\Harddisk2\DR2 - Size: 0x7449FF6000 (465.16 Gb), SectorSize: 0x200, Cylinders: 0xED32, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 Drive \Device\Harddisk7\DR7 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 Drive \Device\Harddisk8\DR8 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:42:24.0925 7044 ============================================================
15:42:24.0925 7044 \Device\Harddisk0\DR0:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x16E3000
15:42:24.0957 7044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x171E000, BlocksNum 0x72FE8000
15:42:24.0957 7044 \Device\Harddisk1\DR1:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x74705981
15:42:24.0957 7044 \Device\Harddisk2\DR2:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A24EE73
15:42:24.0957 7044 \Device\Harddisk7\DR7:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk7\DR7\Partition0: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0xEE6BE0
15:42:24.0957 7044 \Device\Harddisk8\DR8:
15:42:24.0957 7044 MBR partitions:
15:42:24.0957 7044 \Device\Harddisk8\DR8\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
15:42:24.0957 7044 ============================================================
15:42:25.0003 7044 C: <-> \Device\Harddisk0\DR0\Partition1
15:42:25.0003 7044 F: <-> \Device\Harddisk1\DR1\Partition0
15:42:25.0035 7044 M: <-> \Device\Harddisk2\DR2\Partition0
15:42:25.0315 7044 N: <-> \Device\Harddisk8\DR8\Partition0
15:42:25.0315 7044 ============================================================
15:42:25.0315 7044 Initialize success
15:42:25.0315 7044 ============================================================
15:44:38.0477 6344 ============================================================
15:44:38.0477 6344 Scan started
15:44:38.0477 6344 Mode: Manual; SigCheck; TDLFS;
15:44:38.0477 6344 ============================================================
15:44:39.0335 6344 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:44:39.0460 6344 1394ohci - ok
15:44:39.0491 6344 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:44:39.0523 6344 ACPI - ok
15:44:39.0523 6344 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:44:39.0585 6344 AcpiPmi - ok
15:44:39.0616 6344 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:44:39.0647 6344 adfs - ok
15:44:39.0725 6344 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:44:39.0741 6344 AdobeARMservice - ok
15:44:39.0881 6344 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:44:39.0897 6344 AdobeFlashPlayerUpdateSvc - ok
15:44:39.0959 6344 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:44:39.0975 6344 adp94xx - ok
15:44:39.0991 6344 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:44:40.0006 6344 adpahci - ok
15:44:40.0022 6344 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:44:40.0022 6344 adpu320 - ok
15:44:40.0053 6344 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:44:40.0147 6344 AeLookupSvc - ok
15:44:40.0209 6344 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:44:40.0271 6344 AFD - ok
15:44:40.0287 6344 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:44:40.0318 6344 agp440 - ok
15:44:40.0334 6344 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:44:40.0381 6344 ALG - ok
15:44:40.0396 6344 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:44:40.0412 6344 aliide - ok
15:44:40.0443 6344 AMD External Events Utility (11276158eeeeadf3eb154061bfc80a19) C:\Windows\system32\atiesrxx.exe
15:44:40.0505 6344 AMD External Events Utility - ok
15:44:40.0521 6344 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:44:40.0521 6344 amdide - ok
15:44:40.0552 6344 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:44:40.0615 6344 AmdK8 - ok
15:44:40.0802 6344 amdkmdag (df943a113060d3abfda4730ae4163d6f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:44:40.0973 6344 amdkmdag - ok
15:44:41.0067 6344 amdkmdap (4003b34b4a83de29cd1c88eb6c869e58) C:\Windows\system32\DRIVERS\atikmpag.sys
15:44:41.0114 6344 amdkmdap - ok
15:44:41.0145 6344 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:44:41.0161 6344 AmdPPM - ok
15:44:41.0192 6344 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:44:41.0207 6344 amdsata - ok
15:44:41.0223 6344 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:44:41.0239 6344 amdsbs - ok
15:44:41.0270 6344 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:44:41.0270 6344 amdxata - ok
15:44:41.0317 6344 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:44:41.0441 6344 AppID - ok
15:44:41.0473 6344 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:44:41.0504 6344 AppIDSvc - ok
15:44:41.0551 6344 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:44:41.0597 6344 Appinfo - ok
15:44:41.0722 6344 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:41.0738 6344 Apple Mobile Device - ok
15:44:41.0769 6344 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:44:41.0769 6344 arc - ok
15:44:41.0785 6344 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:44:41.0800 6344 arcsas - ok
15:44:41.0816 6344 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:41.0878 6344 AsyncMac - ok
15:44:41.0909 6344 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:44:41.0925 6344 atapi - ok
15:44:41.0972 6344 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
15:44:41.0987 6344 AtiHDAudioService - ok
15:44:42.0003 6344 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
15:44:42.0019 6344 AtiHdmiService - ok
15:44:42.0065 6344 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:44:42.0112 6344 AudioEndpointBuilder - ok
15:44:42.0112 6344 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:44:42.0143 6344 AudioSrv - ok
15:44:42.0190 6344 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:44:42.0268 6344 AxInstSV - ok
15:44:42.0299 6344 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:44:42.0331 6344 b06bdrv - ok
15:44:42.0362 6344 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:44:42.0409 6344 b57nd60a - ok
15:44:42.0440 6344 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:44:42.0487 6344 BDESVC - ok
15:44:42.0502 6344 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:44:42.0565 6344 Beep - ok
15:44:42.0596 6344 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:44:42.0627 6344 BFE - ok
15:44:42.0674 6344 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:44:42.0736 6344 BITS - ok
15:44:42.0830 6344 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:44:42.0861 6344 blbdrive - ok
15:44:43.0001 6344 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:44:43.0033 6344 Bonjour Service - ok
15:44:43.0064 6344 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:44:43.0095 6344 bowser - ok
15:44:43.0111 6344 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:44:43.0173 6344 BrFiltLo - ok
15:44:43.0189 6344 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:44:43.0204 6344 BrFiltUp - ok
15:44:43.0235 6344 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:44:43.0282 6344 Browser - ok
15:44:43.0298 6344 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:44:43.0345 6344 Brserid - ok
15:44:43.0345 6344 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:44:43.0376 6344 BrSerWdm - ok
15:44:43.0391 6344 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:44:43.0438 6344 BrUsbMdm - ok
15:44:43.0454 6344 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:44:43.0485 6344 BrUsbSer - ok
15:44:43.0516 6344 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:44:43.0532 6344 BTHMODEM - ok
15:44:43.0579 6344 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:44:43.0625 6344 bthserv - ok
15:44:43.0657 6344 btusb64h (96fc3b1123502d457f4c54a41c0b5c06) C:\Windows\system32\drivers\btusb64h.sys
15:44:43.0672 6344 btusb64h - ok
15:44:43.0735 6344 Bufssvr (76ba10cc44496f3796b0548ae2b15ad6) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe
15:44:43.0750 6344 Bufssvr - ok
15:44:43.0781 6344 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:44:43.0797 6344 cdfs - ok
15:44:43.0844 6344 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:44:43.0875 6344 cdrom - ok
15:44:43.0906 6344 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:44:43.0969 6344 CertPropSvc - ok
15:44:44.0015 6344 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
15:44:44.0015 6344 cfwids - ok
15:44:44.0031 6344 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:44:44.0047 6344 circlass - ok
15:44:44.0078 6344 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:44:44.0078 6344 CLFS - ok
15:44:44.0140 6344 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:44.0156 6344 clr_optimization_v2.0.50727_32 - ok
15:44:44.0203 6344 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:44.0218 6344 clr_optimization_v2.0.50727_64 - ok
15:44:44.0281 6344 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:44.0312 6344 clr_optimization_v4.0.30319_32 - ok
15:44:44.0327 6344 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:44:44.0327 6344 clr_optimization_v4.0.30319_64 - ok
15:44:44.0359 6344 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:44.0374 6344 CmBatt - ok
15:44:44.0390 6344 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:44:44.0405 6344 cmdide - ok
15:44:44.0452 6344 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:44:44.0483 6344 CNG - ok
15:44:44.0499 6344 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:44:44.0499 6344 Compbatt - ok
15:44:44.0546 6344 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:44:44.0593 6344 CompositeBus - ok
15:44:44.0593 6344 COMSysApp - ok
15:44:44.0608 6344 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:44:44.0639 6344 crcdisk - ok
15:44:44.0671 6344 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:44:44.0717 6344 CryptSvc - ok
15:44:44.0842 6344 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:44:44.0873 6344 cvhsvc - ok
15:44:44.0920 6344 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:44:44.0983 6344 DcomLaunch - ok
15:44:44.0998 6344 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:44:45.0045 6344 defragsvc - ok
15:44:45.0107 6344 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:44:45.0170 6344 DfsC - ok
15:44:45.0185 6344 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:44:45.0217 6344 Dhcp - ok
15:44:45.0232 6344 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:44:45.0248 6344 discache - ok
15:44:45.0263 6344 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:44:45.0279 6344 Disk - ok
15:44:45.0310 6344 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:44:45.0373 6344 Dnscache - ok
15:44:45.0451 6344 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:44:45.0466 6344 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
15:44:45.0466 6344 DockLoginService - detected UnsignedFile.Multi.Generic (1)
15:44:45.0497 6344 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:44:45.0544 6344 dot3svc - ok
15:44:45.0560 6344 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:44:45.0607 6344 DPS - ok
15:44:45.0638 6344 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:44:45.0669 6344 drmkaud - ok
15:44:45.0716 6344 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:44:45.0747 6344 DXGKrnl - ok
15:44:45.0763 6344 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:44:45.0794 6344 EapHost - ok
15:44:45.0887 6344 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:44:45.0981 6344 ebdrv - ok
15:44:46.0059 6344 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:44:46.0106 6344 EFS - ok
15:44:46.0168 6344 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:44:46.0199 6344 ehRecvr - ok
15:44:46.0215 6344 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:44:46.0231 6344 ehSched - ok
15:44:46.0277 6344 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:44:46.0309 6344 elxstor - ok
15:44:46.0324 6344 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:44:46.0355 6344 ErrDev - ok
15:44:46.0402 6344 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:44:46.0449 6344 EventSystem - ok
15:44:46.0480 6344 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:44:46.0511 6344 exfat - ok
15:44:46.0543 6344 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:44:46.0574 6344 fastfat - ok
15:44:46.0621 6344 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:44:46.0667 6344 Fax - ok
15:44:46.0683 6344 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:44:46.0714 6344 fdc - ok
15:44:46.0730 6344 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:44:46.0792 6344 fdPHost - ok
15:44:46.0808 6344 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:44:46.0839 6344 FDResPub - ok
15:44:46.0855 6344 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:44:46.0855 6344 FileInfo - ok
15:44:46.0886 6344 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:44:46.0933 6344 Filetrace - ok
15:44:46.0995 6344 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:44:47.0026 6344 FLEXnet Licensing Service - ok
15:44:47.0104 6344 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:44:47.0135 6344 FLEXnet Licensing Service 64 - ok
15:44:47.0213 6344 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:47.0245 6344 flpydisk - ok
15:44:47.0276 6344 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:44:47.0307 6344 FltMgr - ok
15:44:47.0369 6344 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:44:47.0416 6344 FontCache - ok
15:44:47.0479 6344 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:47.0510 6344 FontCache3.0.0.0 - ok
15:44:47.0525 6344 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:44:47.0557 6344 FsDepends - ok
15:44:47.0572 6344 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:44:47.0588 6344 Fs_Rec - ok
15:44:47.0635 6344 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:44:47.0650 6344 fvevol - ok
15:44:47.0681 6344 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:44:47.0681 6344 gagp30kx - ok
15:44:47.0728 6344 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:44:47.0728 6344 GEARAspiWDM - ok
15:44:47.0775 6344 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:44:47.0822 6344 gpsvc - ok
15:44:47.0884 6344 grmnusb (6650be8ed524eae5a75b0b0ce41fd9ee) C:\Windows\system32\drivers\grmnusb.sys
15:44:47.0884 6344 Suspicious file (Forged): C:\Windows\system32\drivers\grmnusb.sys. Real md5: 6650be8ed524eae5a75b0b0ce41fd9ee, Fake md5: a483584111734dfed3af11e57250e4e0
15:44:47.0884 6344 grmnusb ( ForgedFile.Multi.Generic ) - warning
15:44:47.0884 6344 grmnusb - detected ForgedFile.Multi.Generic (1)
15:44:47.0978 6344 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:47.0993 6344 gupdate - ok
15:44:48.0009 6344 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:48.0025 6344 gupdatem - ok
15:44:48.0025 6344 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:44:48.0071 6344 hcw85cir - ok
15:44:48.0103 6344 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:44:48.0134 6344 HdAudAddService - ok
15:44:48.0181 6344 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:44:48.0227 6344 HDAudBus - ok
15:44:48.0243 6344 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:44:48.0274 6344 HECIx64 - ok
15:44:48.0274 6344 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:44:48.0305 6344 HidBatt - ok
15:44:48.0321 6344 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:44:48.0321 6344 HidBth - ok
15:44:48.0352 6344 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:44:48.0368 6344 HidIr - ok
15:44:48.0383 6344 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:44:48.0430 6344 hidserv - ok
15:44:48.0446 6344 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:44:48.0477 6344 HidUsb - ok
15:44:48.0493 6344 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:44:48.0555 6344 hkmsvc - ok
15:44:48.0586 6344 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:44:48.0633 6344 HomeGroupListener - ok
15:44:48.0664 6344 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:44:48.0695 6344 HomeGroupProvider - ok
15:44:48.0742 6344 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:44:48.0758 6344 HpSAMD - ok
15:44:48.0805 6344 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:44:48.0851 6344 HTTP - ok
15:44:48.0867 6344 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:44:48.0867 6344 hwpolicy - ok
15:44:48.0898 6344 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:44:48.0898 6344 i8042prt - ok
15:44:48.0945 6344 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:44:48.0976 6344 iaStorV - ok
15:44:49.0039 6344 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:44:49.0070 6344 idsvc - ok
15:44:49.0085 6344 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:44:49.0101 6344 iirsp - ok
15:44:49.0132 6344 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:44:49.0163 6344 IKEEXT - ok
15:44:49.0210 6344 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
15:44:49.0241 6344 Impcd - ok
15:44:49.0257 6344 IntcAzAudAddService - ok
15:44:49.0288 6344 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:44:49.0335 6344 IntcDAud - ok
15:44:49.0351 6344 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:44:49.0366 6344 intelide - ok
15:44:49.0382 6344 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:44:49.0413 6344 intelppm - ok
15:44:49.0429 6344 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:44:49.0491 6344 IPBusEnum - ok
15:44:49.0507 6344 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:44:49.0553 6344 IpFilterDriver - ok
15:44:49.0600 6344 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:44:49.0647 6344 iphlpsvc - ok
15:44:49.0678 6344 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:44:49.0694 6344 IPMIDRV - ok
15:44:49.0709 6344 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:44:49.0756 6344 IPNAT - ok
15:44:49.0834 6344 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:44:49.0850 6344 iPod Service - ok
15:44:49.0897 6344 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
15:44:49.0959 6344 irda - ok
15:44:49.0975 6344 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:44:49.0990 6344 IRENUM - ok
15:44:50.0021 6344 Irmon (3848384ab383f0a8f506c4370635c1f9) C:\Windows\System32\irmon.dll
15:44:50.0053 6344 Irmon - ok
15:44:50.0084 6344 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:44:50.0099 6344 isapnp - ok
15:44:50.0131 6344 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:44:50.0162 6344 iScsiPrt - ok
15:44:50.0193 6344 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
15:44:50.0224 6344 k57nd60a - ok
15:44:50.0240 6344 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:44:50.0240 6344 kbdclass - ok
15:44:50.0271 6344 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:44:50.0287 6344 kbdhid - ok
15:44:50.0318 6344 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:50.0318 6344 KeyIso - ok
15:44:50.0349 6344 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:44:50.0365 6344 KSecDD - ok
15:44:50.0380 6344 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:44:50.0396 6344 KSecPkg - ok
15:44:50.0411 6344 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:44:50.0443 6344 ksthunk - ok
15:44:50.0474 6344 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:44:50.0505 6344 KtmRm - ok
15:44:50.0567 6344 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:44:50.0614 6344 LanmanServer - ok
15:44:50.0630 6344 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:44:50.0692 6344 LanmanWorkstation - ok
15:44:50.0708 6344 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:44:50.0755 6344 lltdio - ok
15:44:50.0770 6344 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:44:50.0801 6344 lltdsvc - ok
15:44:50.0817 6344 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:44:50.0848 6344 lmhosts - ok
15:44:50.0864 6344 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:44:50.0864 6344 LSI_FC - ok
15:44:50.0879 6344 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:44:50.0895 6344 LSI_SAS - ok
15:44:50.0911 6344 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:44:50.0926 6344 LSI_SAS2 - ok
15:44:50.0926 6344 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:44:50.0942 6344 LSI_SCSI - ok
15:44:50.0957 6344 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:44:50.0989 6344 luafv - ok
15:44:51.0035 6344 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:44:51.0051 6344 MBAMProtector - ok
15:44:51.0129 6344 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:44:51.0160 6344 MBAMService - ok
15:44:51.0238 6344 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:51.0269 6344 McAfee SiteAdvisor Service - ok
15:44:51.0269 6344 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:51.0285 6344 McMPFSvc - ok
15:44:51.0301 6344 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0301 6344 mcmscsvc - ok
15:44:51.0316 6344 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0316 6344 McNaiAnn - ok
15:44:51.0347 6344 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0347 6344 McNASvc - ok
15:44:51.0410 6344 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\mcafee\VirusScan\mcods.exe
15:44:51.0441 6344 McODS - ok
15:44:51.0441 6344 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:44:51.0457 6344 McProxy - ok
15:44:51.0503 6344 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:44:51.0519 6344 McShield - ok
15:44:51.0613 6344 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:44:51.0644 6344 Mcx2Svc - ok
15:44:51.0691 6344 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:44:51.0706 6344 megasas - ok
15:44:51.0737 6344 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:44:51.0769 6344 MegaSR - ok
15:44:51.0784 6344 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
15:44:51.0815 6344 mfeapfk - ok
15:44:51.0862 6344 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
15:44:51.0878 6344 mfeavfk - ok
15:44:51.0893 6344 mfeavfk01 - ok
15:44:51.0909 6344 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:44:51.0925 6344 mfefire - ok
15:44:51.0956 6344 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
15:44:51.0971 6344 mfefirek - ok
15:44:52.0003 6344 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
15:44:52.0018 6344 mfehidk - ok
15:44:52.0034 6344 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:44:52.0034 6344 mfenlfk - ok
15:44:52.0081 6344 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
15:44:52.0096 6344 mferkdet - ok
15:44:52.0112 6344 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
15:44:52.0127 6344 mfevtp - ok
15:44:52.0143 6344 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
15:44:52.0159 6344 mfewfpk - ok
15:44:52.0190 6344 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:44:52.0221 6344 MMCSS - ok
15:44:52.0237 6344 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:44:52.0283 6344 Modem - ok
15:44:52.0299 6344 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:44:52.0330 6344 monitor - ok
15:44:52.0361 6344 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:44:52.0393 6344 mouclass - ok
15:44:52.0408 6344 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:44:52.0439 6344 mouhid - ok
15:44:52.0471 6344 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:44:52.0486 6344 mountmgr - ok
15:44:52.0502 6344 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:44:52.0517 6344 mpio - ok
15:44:52.0533 6344 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:44:52.0549 6344 mpsdrv - ok
15:44:52.0595 6344 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:44:52.0642 6344 MpsSvc - ok
15:44:52.0673 6344 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:44:52.0705 6344 MRxDAV - ok
15:44:52.0736 6344 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:44:52.0767 6344 mrxsmb - ok
15:44:52.0814 6344 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:44:52.0845 6344 mrxsmb10 - ok
15:44:52.0861 6344 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:44:52.0861 6344 mrxsmb20 - ok
15:44:52.0876 6344 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:44:52.0892 6344 msahci - ok
15:44:52.0907 6344 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:44:52.0907 6344 msdsm - ok
15:44:52.0939 6344 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:44:52.0954 6344 MSDTC - ok
15:44:52.0970 6344 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:44:52.0985 6344 Msfs - ok
15:44:53.0017 6344 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:44:53.0048 6344 mshidkmdf - ok
15:44:53.0048 6344 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:44:53.0063 6344 msisadrv - ok
15:44:53.0079 6344 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:44:53.0141 6344 MSiSCSI - ok
15:44:53.0141 6344 msiserver - ok
15:44:53.0235 6344 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:44:53.0251 6344 MSK80Service - ok
15:44:53.0282 6344 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:44:53.0297 6344 MSKSSRV - ok
15:44:53.0313 6344 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:44:53.0344 6344 MSPCLOCK - ok
15:44:53.0360 6344 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:44:53.0391 6344 MSPQM - ok
15:44:53.0422 6344 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:44:53.0438 6344 MsRPC - ok
15:44:53.0469 6344 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:44:53.0485 6344 mssmbios - ok
15:44:53.0500 6344 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:44:53.0531 6344 MSTEE - ok
15:44:53.0531 6344 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:44:53.0547 6344 MTConfig - ok
15:44:53.0563 6344 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:44:53.0563 6344 Mup - ok
15:44:53.0609 6344 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:44:53.0656 6344 napagent - ok
15:44:53.0672 6344 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:44:53.0734 6344 NativeWifiP - ok
15:44:53.0781 6344 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:44:53.0812 6344 NDIS - ok
15:44:53.0828 6344 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:44:53.0875 6344 NdisCap - ok
15:44:53.0890 6344 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:44:53.0953 6344 NdisTapi - ok
15:44:53.0984 6344 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:44:54.0015 6344 Ndisuio - ok
15:44:54.0046 6344 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:44:54.0109 6344 NdisWan - ok
15:44:54.0140 6344 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:44:54.0171 6344 NDProxy - ok
15:44:54.0187 6344 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:44:54.0218 6344 NetBIOS - ok
15:44:54.0233 6344 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:44:54.0280 6344 NetBT - ok
15:44:54.0296 6344 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:54.0327 6344 Netlogon - ok
15:44:54.0358 6344 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:44:54.0405 6344 Netman - ok
15:44:54.0421 6344 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:44:54.0467 6344 netprofm - ok
15:44:54.0514 6344 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:54.0545 6344 NetTcpPortSharing - ok
15:44:54.0561 6344 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:44:54.0577 6344 nfrd960 - ok
15:44:54.0592 6344 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:44:54.0623 6344 NlaSvc - ok
15:44:54.0639 6344 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:44:54.0670 6344 Npfs - ok
15:44:54.0686 6344 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:44:54.0717 6344 nsi - ok
15:44:54.0733 6344 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:44:54.0764 6344 nsiproxy - ok
15:44:54.0842 6344 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:44:54.0889 6344 Ntfs - ok
15:44:54.0951 6344 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:44:55.0013 6344 Null - ok
15:44:55.0045 6344 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:44:55.0060 6344 nvraid - ok
15:44:55.0076 6344 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:44:55.0091 6344 nvstor - ok
15:44:55.0123 6344 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:44:55.0138 6344 nv_agp - ok
15:44:55.0154 6344 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:44:55.0201 6344 ohci1394 - ok
15:44:55.0279 6344 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:55.0310 6344 ose - ok
15:44:55.0481 6344 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:44:55.0591 6344 osppsvc - ok
15:44:55.0669 6344 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:44:55.0715 6344 p2pimsvc - ok
15:44:55.0731 6344 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:44:55.0747 6344 p2psvc - ok
15:44:55.0793 6344 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:44:55.0809 6344 Parport - ok
15:44:55.0840 6344 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:44:55.0871 6344 partmgr - ok
15:44:55.0903 6344 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:44:55.0934 6344 PcaSvc - ok
15:44:55.0996 6344 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:44:56.0043 6344 pccsmcfd - ok
15:44:56.0121 6344 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
15:44:56.0137 6344 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:44:56.0168 6344 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:44:56.0183 6344 pci - ok
15:44:56.0183 6344 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:44:56.0199 6344 pciide - ok
15:44:56.0215 6344 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:44:56.0230 6344 pcmcia - ok
15:44:56.0246 6344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:44:56.0261 6344 pcw - ok
15:44:56.0277 6344 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:44:56.0339 6344 PEAUTH - ok
15:44:56.0402 6344 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:44:56.0433 6344 PerfHost - ok
15:44:56.0495 6344 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:44:56.0558 6344 pla - ok
15:44:56.0605 6344 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:44:56.0636 6344 PlugPlay - ok
15:44:56.0667 6344 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys
15:44:56.0667 6344 pmxdrv - ok
15:44:56.0683 6344 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:44:56.0729 6344 PNRPAutoReg - ok
15:44:56.0761 6344 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:44:56.0761 6344 PNRPsvc - ok
15:44:56.0792 6344 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:44:56.0839 6344 PolicyAgent - ok
15:44:56.0854 6344 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:44:56.0901 6344 Power - ok
15:44:56.0932 6344 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:44:56.0963 6344 PptpMiniport - ok
15:44:56.0995 6344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:44:56.0995 6344 Processor - ok
15:44:57.0041 6344 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:44:57.0088 6344 ProfSvc - ok
15:44:57.0119 6344 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:57.0119 6344 ProtectedStorage - ok
15:44:57.0166 6344 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:44:57.0213 6344 Psched - ok
15:44:57.0229 6344 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:44:57.0244 6344 PxHlpa64 - ok
15:44:57.0307 6344 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:44:57.0353 6344 ql2300 - ok
15:44:57.0447 6344 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:44:57.0463 6344 ql40xx - ok
15:44:57.0478 6344 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:44:57.0525 6344 QWAVE - ok
15:44:57.0541 6344 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:44:57.0572 6344 QWAVEdrv - ok
15:44:57.0572 6344 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:44:57.0619 6344 RasAcd - ok
15:44:57.0665 6344 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:44:57.0712 6344 RasAgileVpn - ok
15:44:57.0728 6344 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:44:57.0759 6344 RasAuto - ok
15:44:57.0790 6344 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:44:57.0853 6344 Rasl2tp - ok
15:44:57.0899 6344 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:44:57.0931 6344 RasMan - ok
15:44:57.0946 6344 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:44:57.0993 6344 RasPppoe - ok
15:44:58.0009 6344 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:44:58.0040 6344 RasSstp - ok
15:44:58.0055 6344 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:44:58.0087 6344 rdbss - ok
15:44:58.0087 6344 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:44:58.0102 6344 rdpbus - ok
15:44:58.0133 6344 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:44:58.0165 6344 RDPCDD - ok
15:44:58.0180 6344 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:44:58.0211 6344 RDPENCDD - ok
15:44:58.0227 6344 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:44:58.0258 6344 RDPREFMP - ok
15:44:58.0289 6344 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:44:58.0336 6344 RDPWD - ok
15:44:58.0367 6344 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:44:58.0399 6344 rdyboost - ok
15:44:58.0414 6344 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:44:58.0445 6344 RemoteAccess - ok
15:44:58.0477 6344 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:44:58.0523 6344 RemoteRegistry - ok
15:44:58.0539 6344 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:44:58.0570 6344 RpcEptMapper - ok
15:44:58.0633 6344 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:44:58.0664 6344 RpcLocator - ok
15:44:58.0711 6344 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:44:58.0742 6344 RpcSs - ok
15:44:58.0757 6344 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:44:58.0789 6344 rspndr - ok
15:44:58.0820 6344 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:44:58.0835 6344 SamSs - ok
15:44:58.0867 6344 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:44:58.0882 6344 sbp2port - ok
15:44:58.0898 6344 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:44:58.0945 6344 SCardSvr - ok
15:44:58.0976 6344 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:44:59.0023 6344 scfilter - ok
15:44:59.0069 6344 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:44:59.0101 6344 Schedule - ok
15:44:59.0132 6344 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:44:59.0179 6344 SCPolicySvc - ok
15:44:59.0210 6344 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:44:59.0257 6344 SDRSVC - ok
15:44:59.0288 6344 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:44:59.0335 6344 secdrv - ok
15:44:59.0366 6344 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:44:59.0413 6344 seclogon - ok
15:44:59.0444 6344 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:44:59.0475 6344 SENS - ok
15:44:59.0491 6344 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:44:59.0537 6344 SensrSvc - ok
15:44:59.0553 6344 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:44:59.0569 6344 Serenum - ok
15:44:59.0584 6344 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:44:59.0600 6344 Serial - ok
15:44:59.0631 6344 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:44:59.0662 6344 sermouse - ok
15:44:59.0709 6344 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:44:59.0771 6344 SessionEnv - ok
15:44:59.0803 6344 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:44:59.0834 6344 sffdisk - ok
15:44:59.0849 6344 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:44:59.0881 6344 sffp_mmc - ok
15:44:59.0881 6344 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:44:59.0912 6344 sffp_sd - ok
15:44:59.0912 6344 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:44:59.0927 6344 sfloppy - ok
15:44:59.0974 6344 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:44:59.0990 6344 Sftfs - ok
15:45:00.0068 6344 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:45:00.0099 6344 sftlist - ok
15:45:00.0130 6344 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:45:00.0161 6344 Sftplay - ok
15:45:00.0177 6344 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:45:00.0177 6344 Sftredir - ok
15:45:00.0239 6344 SftService (cf53dcce55e500f51089774e851e7363) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:45:00.0255 6344 SftService - ok
15:45:00.0255 6344 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:45:00.0271 6344 Sftvol - ok
15:45:00.0286 6344 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:45:00.0286 6344 sftvsa - ok
15:45:00.0317 6344 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:45:00.0349 6344 SharedAccess - ok
15:45:00.0395 6344 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:45:00.0427 6344 ShellHWDetection - ok
15:45:00.0458 6344 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:45:00.0489 6344 SiSRaid2 - ok
15:45:00.0489 6344 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:45:00.0505 6344 SiSRaid4 - ok
15:45:00.0536 6344 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:45:00.0583 6344 Smb - ok
15:45:00.0629 6344 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:45:00.0676 6344 SNMPTRAP - ok
15:45:00.0676 6344 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:45:00.0692 6344 spldr - ok
15:45:00.0723 6344 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:45:00.0739 6344 Spooler - ok
15:45:00.0848 6344 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:45:00.0910 6344 sppsvc - ok
15:45:00.0973 6344 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:45:01.0019 6344 sppuinotify - ok
15:45:01.0082 6344 Spyder2 (b9413b99dbb704e0f5824775a1118cc7) C:\Windows\system32\DRIVERS\Spyder2.sys
15:45:01.0113 6344 Spyder2 - ok
15:45:01.0144 6344 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:45:01.0191 6344 srv - ok
15:45:01.0207 6344 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:45:01.0222 6344 srv2 - ok
15:45:01.0238 6344 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:45:01.0269 6344 srvnet - ok
15:45:01.0285 6344 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:45:01.0331 6344 SSDPSRV - ok
15:45:01.0347 6344 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:45:01.0378 6344 SstpSvc - ok
15:45:01.0394 6344 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:45:01.0409 6344 stexstor - ok
15:45:01.0456 6344 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:45:01.0503 6344 stisvc - ok
15:45:01.0550 6344 stus2x64 (2663dde5852b05768c526b78fa99e6b6) C:\Windows\system32\DRIVERS\stusb2ir.sys
15:45:01.0581 6344 stus2x64 - ok
15:45:01.0612 6344 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:45:01.0628 6344 swenum - ok
15:45:01.0690 6344 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:45:01.0721 6344 swprv - ok
15:45:01.0784 6344 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:45:01.0831 6344 SysMain - ok
15:45:01.0909 6344 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:45:01.0940 6344 TabletInputService - ok
15:45:01.0971 6344 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:45:02.0033 6344 TapiSrv - ok
15:45:02.0049 6344 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:45:02.0065 6344 TBS - ok
15:45:02.0174 6344 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:45:02.0221 6344 Tcpip - ok
15:45:02.0299 6344 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:45:02.0330 6344 TCPIP6 - ok
15:45:02.0377 6344 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:45:02.0423 6344 tcpipreg - ok
15:45:02.0455 6344 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:45:02.0486 6344 TDPIPE - ok
15:45:02.0501 6344 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:45:02.0517 6344 TDTCP - ok
15:45:02.0548 6344 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:45:02.0611 6344 tdx - ok
15:45:02.0642 6344 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:45:02.0642 6344 TermDD - ok
15:45:02.0673 6344 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:45:02.0720 6344 TermService - ok
15:45:02.0735 6344 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:45:02.0751 6344 Themes - ok
15:45:02.0798 6344 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:45:02.0829 6344 THREADORDER - ok
15:45:02.0829 6344 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:45:02.0860 6344 TrkWks - ok
15:45:02.0907 6344 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:45:02.0954 6344 TrustedInstaller - ok
15:45:02.0985 6344 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:03.0016 6344 tssecsrv - ok
15:45:03.0047 6344 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:45:03.0094 6344 TsUsbFlt - ok
15:45:03.0125 6344 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:45:03.0172 6344 tunnel - ok
15:45:03.0203 6344 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:45:03.0203 6344 uagp35 - ok
15:45:03.0219 6344 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:45:03.0250 6344 udfs - ok
15:45:03.0266 6344 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:45:03.0281 6344 UI0Detect - ok
15:45:03.0313 6344 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:45:03.0344 6344 uliagpkx - ok
15:45:03.0359 6344 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:45:03.0391 6344 umbus - ok
15:45:03.0406 6344 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:45:03.0422 6344 UmPass - ok
15:45:03.0453 6344 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:45:03.0469 6344 upnphost - ok
15:45:03.0500 6344 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:45:03.0547 6344 USBAAPL64 - ok
15:45:03.0578 6344 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:03.0609 6344 usbccgp - ok
15:45:03.0640 6344 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:45:03.0671 6344 usbcir - ok
15:45:03.0671 6344 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:45:03.0703 6344 usbehci - ok
15:45:03.0718 6344 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:45:03.0734 6344 usbhub - ok
15:45:03.0749 6344 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:45:03.0765 6344 usbohci - ok
15:45:03.0781 6344 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:45:03.0796 6344 usbprint - ok
15:45:03.0827 6344 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:45:03.0843 6344 usbscan - ok
15:45:03.0874 6344 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
15:45:03.0905 6344 usbser - ok
15:45:03.0937 6344 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:03.0983 6344 USBSTOR - ok
15:45:03.0999 6344 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:45:04.0030 6344 usbuhci - ok
15:45:04.0061 6344 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:45:04.0108 6344 UxSms - ok
15:45:04.0124 6344 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:45:04.0139 6344 VaultSvc - ok
15:45:04.0155 6344 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:45:04.0155 6344 vdrvroot - ok
15:45:04.0202 6344 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:45:04.0217 6344 vds - ok
15:45:04.0233 6344 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:04.0249 6344 vga - ok
15:45:04.0249 6344 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:45:04.0295 6344 VgaSave - ok
15:45:04.0311 6344 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:45:04.0311 6344 vhdmp - ok
15:45:04.0327 6344 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:45:04.0327 6344 viaide - ok
15:45:04.0373 6344 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:45:04.0405 6344 volmgr - ok
15:45:04.0436 6344 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:45:04.0467 6344 volmgrx - ok
15:45:04.0483 6344 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:45:04.0498 6344 volsnap - ok
15:45:04.0529 6344 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:45:04.0545 6344 vsmraid - ok
15:45:04.0592 6344 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:45:04.0639 6344 VSS - ok
15:45:04.0732 6344 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:45:04.0779 6344 vwifibus - ok
15:45:04.0810 6344 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:45:04.0857 6344 W32Time - ok
15:45:04.0873 6344 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:45:04.0888 6344 WacomPen - ok
15:45:04.0919 6344 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:04.0966 6344 WANARP - ok
15:45:04.0966 6344 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:45:04.0997 6344 Wanarpv6 - ok
15:45:05.0091 6344 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:45:05.0122 6344 WatAdminSvc - ok
15:45:05.0185 6344 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:45:05.0231 6344 wbengine - ok
15:45:05.0278 6344 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:45:05.0309 6344 WbioSrvc - ok
15:45:05.0356 6344 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:45:05.0387 6344 wcncsvc - ok
15:45:05.0403 6344 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:45:05.0419 6344 WcsPlugInService - ok
15:45:05.0465 6344 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:45:05.0481 6344 Wd - ok
15:45:05.0512 6344 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:45:05.0543 6344 Wdf01000 - ok
15:45:05.0559 6344 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:05.0637 6344 WdiServiceHost - ok
15:45:05.0653 6344 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:45:05.0668 6344 WdiSystemHost - ok
15:45:05.0699 6344 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:45:05.0746 6344 WebClient - ok
15:45:05.0762 6344 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:45:05.0809 6344 Wecsvc - ok
15:45:05.0809 6344 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:45:05.0840 6344 wercplsupport - ok
15:45:05.0855 6344 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:45:05.0887 6344 WerSvc - ok
15:45:05.0918 6344 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:45:05.0933 6344 WfpLwf - ok
15:45:05.0980 6344 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
15:45:06.0011 6344 WimFltr - ok
15:45:06.0011 6344 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:45:06.0027 6344 WIMMount - ok
15:45:06.0043 6344 WinDefend - ok
15:45:06.0043 6344 WinHttpAutoProxySvc - ok
15:45:06.0089 6344 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:45:06.0136 6344 Winmgmt - ok
15:45:06.0199 6344 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:45:06.0261 6344 WinRM - ok
15:45:06.0339 6344 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:45:06.0370 6344 WinUsb - ok
15:45:06.0417 6344 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:45:06.0448 6344 Wlansvc - ok
15:45:06.0604 6344 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:45:06.0635 6344 wlidsvc - ok
15:45:06.0682 6344 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:45:06.0713 6344 WmiAcpi - ok
15:45:06.0745 6344 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:45:06.0776 6344 wmiApSrv - ok
15:45:06.0838 6344 WMPNetworkSvc - ok
15:45:06.0854 6344 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:45:06.0885 6344 WPCSvc - ok
15:45:06.0932 6344 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:45:06.0963 6344 WPDBusEnum - ok
15:45:06.0979 6344 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:45:07.0010 6344 ws2ifsl - ok
15:45:07.0025 6344 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:45:07.0041 6344 wscsvc - ok
15:45:07.0057 6344 WSearch - ok
15:45:07.0150 6344 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:45:07.0181 6344 wuauserv - ok
15:45:07.0259 6344 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:45:07.0306 6344 WudfPf - ok
15:45:07.0337 6344 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:45:07.0369 6344 WUDFRd - ok
15:45:07.0400 6344 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:45:07.0431 6344 wudfsvc - ok
15:45:07.0447 6344 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:45:07.0478 6344 WwanSvc - ok
15:45:07.0509 6344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:45:07.0727 6344 \Device\Harddisk0\DR0 - ok
15:45:07.0759 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:45:07.0883 6344 \Device\Harddisk1\DR1 - ok
15:45:07.0883 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
15:45:08.0445 6344 \Device\Harddisk2\DR2 - ok
15:45:08.0461 6344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk7\DR7
15:45:09.0194 6344 \Device\Harddisk7\DR7 - ok
15:45:09.0209 6344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk8\DR8
15:45:09.0584 6344 \Device\Harddisk8\DR8 - ok
15:45:09.0584 6344 Boot (0x1200) (42a6c5965f6525084a641e2c3c3516ad) \Device\Harddisk0\DR0\Partition0
15:45:09.0584 6344 \Device\Harddisk0\DR0\Partition0 - ok
15:45:09.0615 6344 Boot (0x1200) (8bc2afb6c04b91a0e981f2a953c8e9a3) \Device\Harddisk0\DR0\Partition1
15:45:09.0615 6344 \Device\Harddisk0\DR0\Partition1 - ok
15:45:09.0615 6344 Boot (0x1200) (ab5302e2e6a6e44a277144217332ec75) \Device\Harddisk1\DR1\Partition0
15:45:09.0615 6344 \Device\Harddisk1\DR1\Partition0 - ok
15:45:09.0615 6344 Boot (0x1200) (d097a231e2a89e9d91e972f923d52b36) \Device\Harddisk2\DR2\Partition0
15:45:09.0631 6344 \Device\Harddisk2\DR2\Partition0 - ok
15:45:09.0631 6344 Boot (0x1200) (5e31166fc5ec78a21cb3ae809625bb50) \Device\Harddisk7\DR7\Partition0
15:45:09.0631 6344 \Device\Harddisk7\DR7\Partition0 - ok
15:45:09.0646 6344 Boot (0x1200) (15923595181b557b9dfa53447858105f) \Device\Harddisk8\DR8\Partition0
15:45:09.0646 6344 \Device\Harddisk8\DR8\Partition0 - ok
15:45:09.0646 6344 ============================================================
15:45:09.0646 6344 Scan finished
15:45:09.0646 6344 ============================================================
15:45:09.0646 6328 Detected object count: 2
15:45:09.0646 6328 Actual detected object count: 2
16:04:51.0894 6328 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:04:51.0894 6328 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:04:51.0894 6328 grmnusb ( ForgedFile.Multi.Generic ) - skipped by user
16:04:51.0894 6328 grmnusb ( ForgedFile.Multi.Generic ) - User select action: Skip
16:04:54.0655 0856 Deinitialize success
|
|
03.07.2012, 13:06
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2012, 15:53
| #21 |
| | Suisa TrajanerCode:
ATTFilter ComboFix 12-07-02.01 - Thomas 03.07.2012 16:42:40.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1031.18.6103.4799 [GMT 2:00]
ausgeführt von:: c:\users\Thomas\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5907\Downloads\9a727e3b-3b75-44f1-aa0c-b5b6cd760030.dll
c:\programdata\PCDr\5907\Downloads\a31dcb19-c462-4b91-b5af-0c0196d8d501.dll
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-03 bis 2012-07-03 ))))))))))))))))))))))))))))))
.
.
2012-07-03 14:48 . 2012-07-03 14:48 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-03 14:48 . 2012-07-03 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-02 13:01 . 2012-07-02 13:01 -------- d-----w- C:\_OTL
2012-06-29 14:49 . 2012-07-02 13:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-29 14:49 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 08:15 . 2012-06-29 08:15 -------- d-----w- c:\program files (x86)\ESET
2012-06-24 18:47 . 2012-06-24 20:57 -------- d-----w- c:\windows\Microsoft Antimalware
2012-06-24 18:47 . 2012-06-24 18:47 -------- d-----w- c:\windows\Microsoft-Support für
2012-06-22 15:33 . 2012-07-02 20:46 -------- d-----w- c:\program files\CCleaner
2012-06-22 07:37 . 2012-06-22 07:37 -------- d-----w- c:\users\Thomas\AppData\Roaming\Malwarebytes
2012-06-22 07:37 . 2012-06-22 07:37 -------- d-----w- c:\programdata\Malwarebytes
2012-06-21 17:24 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-21 17:24 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-21 17:24 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-21 17:24 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-21 17:24 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-21 17:24 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-21 17:24 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-21 17:24 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-21 17:24 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-21 17:24 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-21 17:24 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-21 17:23 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-21 17:23 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-21 17:23 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-21 17:23 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-21 17:23 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-21 17:23 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-21 17:05 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 17:05 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 17:05 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 17:05 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 17:05 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 17:05 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 17:05 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 17:04 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 17:04 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-12 15:27 . 2012-06-12 15:27 -------- d-----w- c:\program files\iPod
2012-06-12 15:27 . 2012-06-12 15:28 -------- d-----w- c:\program files\iTunes
2012-06-12 15:27 . 2012-06-12 15:28 -------- d-----w- c:\program files (x86)\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-02 13:35 . 2012-04-04 20:06 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-02 13:35 . 2011-05-16 19:21 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-04 21:20 . 2010-10-23 15:11 2155344 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-10 98304]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"OpwareSE2"="c:\program files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-01-06 1446760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-05-21 165184]
"DSUpdateLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" [2010-05-21 18240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 250056]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-22 1038088]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-12-29 38536]
R3 Spyder2;ColorVision Spyder2;c:\windows\system32\DRIVERS\Spyder2.sys [2007-01-17 15360]
R3 stus2x64;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-03 47872]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-23 1255736]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-05 203776]
S2 Bufssvr;Bufssvr;c:\program files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe [2009-06-17 95536]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-05-21 673088]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 btusb64h;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\btusb64h.sys [2009-06-24 28728]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-04 271872]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 13:35]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 15:33]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 15:33]
.
2012-06-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-07-03 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ch/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
Wow6432Node-HKCU-Run-Polar Sync - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-03 16:49:54
ComboFix-quarantined-files.txt 2012-07-03 14:49
.
Vor Suchlauf: 13 Verzeichnis(se), 793'706'590'208 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 793'548'750'848 Bytes frei
.
- - End Of File - - 79024244F044A598AD3CD0CEC8138C82
|
|
03.07.2012, 16:09
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2012, 18:24
| #23 |
| | Suisa Trajaner Hier der OSAM Log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:45:15 on 03.07.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 8.00.7600.16385 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "PCDoctorBackgroundMonitorTask.job" - "PC-Doctor, Inc." - C:\Program Files\Dell Support Center\uaclauncher.exe "SystemToolsDailyTest.job" - "PC-Doctor, Inc." - C:\Program Files\Dell Support Center\uaclauncher.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "adfs" (adfs) - "Adobe Systems, Inc." - C:\Windows\system32\drivers\adfs.sys "BUFFALO TurboUSB for HD Filter" (btusb64h) - "BUFFALO INC." - C:\Windows\System32\drivers\btusb64h.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Garmin USB Driver" (grmnusb) - ? - C:\Windows\System32\drivers\grmnusb.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "McAfee Inc." (mfeavfk01) - ? - C:\Windows\system32\drivers\mfeavfk01.sys (File not found) "PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver" (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) - "PC-Doctor, Inc." - c:\program files\dell support center\pcdsrvc_x64.pkms "pmxdrv" (pmxdrv) - ? - C:\Windows\system32\drivers\pmxdrv.sys (File found, but it contains no detailed information) "Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - ? - C:\Windows\System32\drivers\RTKVHD64.sys (File not found) "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {3EF5086B-5478-4598-A054-786C45D75692} "McInternetProtocolRoot Class" - "McAfee, Inc." - c:\progra~2\mcafee\msc\mcsniepl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {5513F07E-936B-4E52-9B00-067394E91CC5} "McAfee SACore Protocol Handler" - ? - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (File not found) {5513F07E-936B-4E52-9B00-067394E91CC5} "McAfee SACore Protocol Handler" - ? - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (File not found) {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~2\FREEM4~1\m4a_menu.dll (File found, but it contains no detailed information) {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} "{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} "DellSystemLite.Scanner" - ? - C:\Windows\Downloaded Program Files\DellSystemLite.ocx / hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB Garmin Communicator Plug-In "Garmin Communicator Plug-In" - ? - (File not found | COM-object registry key not found) / https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - ? - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll (File not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - ? - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll (File not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - ? - C:\Program Files (x86)\Java\jre6\bin\npjpi160_24.dll (File not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {D27CDB6E-AE6D-11CF-96B8-444553542500} "{D27CDB6E-AE6D-11CF-96B8-444553542500}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll {27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll (File not found) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} "scriptproxy" - "McAfee, Inc." - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120702151651.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "iCloudServices" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe "MobileDocuments" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AdobeCS4ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Garmin Lifetime Updater" - "Garmin" - C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "mcui_exe" - "McAfee, Inc." - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey "OpwareSE2" - "ScanSoft, Inc." - "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun -----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce )----- "DSUpdateLauncher" - "Dell" - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" "Launcher" - "Softthinks" - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Adobe Drive CS4 Network" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "Bufssvr" (Bufssvr) - "BUFFALO INC." - C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Dock Login Service" (DockLoginService) - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DockLogin.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "FLEXnet Licensing Service 64" (FLEXnet Licensing Service 64) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Anti-Spam Service" (MSK80Service) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe "McAfee Firewall Core Service" (mfefire) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe "McAfee McShield" (McShield) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe "McAfee Network Agent" (McNASvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee Personal Firewall Service" (McMPFSvc) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe "McAfee Proxy Service" (McProxy) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee Scanner" (McODS) - "McAfee, Inc." - C:\Program Files\mcafee\VirusScan\mcods.exe "McAfee Services" (mcmscsvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee SiteAdvisor Service" (McAfee SiteAdvisor Service) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe "McAfee Validation Trust Protection Service" (mfevtp) - "McAfee, Inc." - C:\Windows\system32\mfevtps.exe "McAfee VirusScan Announcer" (McNaiAnn) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "SoftThinks Agent Service" (SftService) - "SoftThinks" - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - none (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-03 18:47:15
-----------------------------
18:47:15.177 OS Version: Windows x64 6.1.7601 Service Pack 1
18:47:15.177 Number of processors: 4 586 0x1E05
18:47:15.177 ComputerName: THOMAS-PC UserName: Thomas
18:47:16.613 Initialize success
18:49:01.304 AVAST engine defs: 12070300
18:50:12.269 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:50:12.269 Disk 0 Vendor: ST31000528AS CC46 Size: 953869MB BusType: 3
18:50:12.285 Disk 0 MBR read successfully
18:50:12.300 Disk 0 MBR scan
18:50:12.300 Disk 0 Windows 7 default MBR code
18:50:12.300 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 117 MB offset 63
18:50:12.316 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11718 MB offset 241664
18:50:12.331 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942032 MB offset 24240128
18:50:12.347 Disk 0 scanning C:\Windows\system32\drivers
18:50:23.220 Service scanning
18:50:39.959 Modules scanning
18:50:39.959 Disk 0 trace - called modules:
18:50:40.006 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:50:40.521 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065bb060]
18:50:40.521 3 CLASSPNP.SYS[fffff880018a643f] -> nt!IofCallDriver -> [0xfffffa80062ac580]
18:50:40.536 5 ACPI.sys[fffff88000eeb7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80062a9060]
18:50:56.277 AVAST engine scan C:\Windows
18:51:02.205 AVAST engine scan C:\Windows\system32
18:54:29.763 AVAST engine scan C:\Windows\system32\drivers
18:54:45.332 AVAST engine scan C:\Users\Thomas
19:07:14.539 AVAST engine scan C:\ProgramData
19:14:16.675 Scan finished successfully
19:19:58.051 Disk 0 MBR has been saved successfully to "C:\Users\Thomas\Desktop\MBR.dat"
19:19:58.066 The log file has been saved successfully to "C:\Users\Thomas\Desktop\aswMBR.txt"
|
|
04.07.2012, 15:57
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner GMER ging nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2012, 18:04
| #25 |
| | Suisa Trajaner Ich habe das Programm zwei mal ausgeführt und es kam am schluss die Meldung das es nichts gefunden hat. Ich konnte auch keine Logs sehen |
|
05.07.2012, 09:56
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.07.2012, 15:38
| #27 |
| | Suisa TrajanerCode:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/05/2012 at 01:50 PM
Application Version : 5.5.1006
Core Rules Database Version : 8846
Trace Rules Database Version: 6658
Scan type : Complete Scan
Total Scan Time : 02:32:42
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
Memory items scanned : 828
Memory threats detected : 0
Registry items scanned : 66302
Registry threats detected : 0
File items scanned : 196597
File threats detected : 71
Adware.Tracking Cookie
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\A403FYCS.txt [ /revsci.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\S20C1ZCL.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\GCK5F353.txt [ /doubleclick.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\W6SKYPGX.txt [ /yadro.ru ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\LF26M05Z.txt [ /ads.konze.de ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\3HAHJPBB.txt [ /ru4.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\8351G6FY.txt [ /liveperson.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\U822TU6K.txt [ /ad.adc-serv.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\EYGPQT63.txt [ /mediaplex.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\UWH8RJNH.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\QMTIP62N.txt [ /ch-stailamedia.videoplaza.tv ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\86CW1V0E.txt [ /smartadserver.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\66HVA459.txt [ /tradedoubler.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\R2O5ZZ37.txt [ /adtech.de ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\8JGOG74W.txt [ /kontera.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\3UAAK1OF.txt [ /bs.serving-sys.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\W16YK07J.txt [ /tribalfusion.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\QZUOITOQ.txt [ /gostats.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\1PX0GKGQ.txt [ /serving-sys.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\2Q2SYUWC.txt [ /apmebf.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\Z4ZEJESQ.txt [ /zanox.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\78JQEKY3.txt [ /liveperson.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\OMUMNCYN.txt [ /quartermedia.de ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\CLTAAIDV.txt [ /adfarm1.adition.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\N2VYR5HX.txt [ /ad.zanox.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\NV1AQX89.txt [ /clickandbuy.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\H6KGKRZ6.txt [ /adform.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\3XOQ1USM.txt [ /track.adform.net ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\KCEXICYX.txt [ /ad.yieldmanager.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\FTQF9NMF.txt [ /zedo.com ]
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Cookies\LAQ6EX50.txt [ /invitemedia.com ]
C:\USERS\THOMAS\AppData\Roaming\Microsoft\Windows\Cookies\HCMBKWC9.txt [ Cookie:thomas@sc.swisscom.ch/vtrack/ ]
C:\USERS\THOMAS\AppData\Roaming\Microsoft\Windows\Cookies\thomas@www.google[2].txt [ Cookie:thomas@www.google.com/accounts ]
C:\USERS\THOMAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\6KPX9UW6.txt [ Cookie:thomas@doubleclick.net/ ]
C:\USERS\THOMAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\8N8BGSJI.txt [ Cookie:thomas@apmebf.com/ ]
C:\USERS\THOMAS\Cookies\A403FYCS.txt [ Cookie:thomas@revsci.net/ ]
C:\USERS\THOMAS\Cookies\GCK5F353.txt [ Cookie:thomas@doubleclick.net/ ]
C:\USERS\THOMAS\Cookies\W6SKYPGX.txt [ Cookie:thomas@yadro.ru/ ]
C:\USERS\THOMAS\Cookies\3HAHJPBB.txt [ Cookie:thomas@ru4.com/ ]
C:\USERS\THOMAS\Cookies\8351G6FY.txt [ Cookie:thomas@liveperson.net/ ]
C:\USERS\THOMAS\Cookies\HCMBKWC9.txt [ Cookie:thomas@sc.swisscom.ch/vtrack/ ]
C:\USERS\THOMAS\Cookies\EYGPQT63.txt [ Cookie:thomas@mediaplex.com/ ]
C:\USERS\THOMAS\Cookies\UWH8RJNH.txt [ Cookie:thomas@ad1.adfarm1.adition.com/ ]
C:\USERS\THOMAS\Cookies\QMTIP62N.txt [ Cookie:thomas@ch-stailamedia.videoplaza.tv/proxy/ ]
C:\USERS\THOMAS\Cookies\86CW1V0E.txt [ Cookie:thomas@smartadserver.com/ ]
C:\USERS\THOMAS\Cookies\66HVA459.txt [ Cookie:thomas@tradedoubler.com/ ]
C:\USERS\THOMAS\Cookies\R2O5ZZ37.txt [ Cookie:thomas@adtech.de/ ]
C:\USERS\THOMAS\Cookies\3UAAK1OF.txt [ Cookie:thomas@bs.serving-sys.com/ ]
C:\USERS\THOMAS\Cookies\QZUOITOQ.txt [ Cookie:thomas@gostats.com/ ]
C:\USERS\THOMAS\Cookies\2Q2SYUWC.txt [ Cookie:thomas@apmebf.com/ ]
C:\USERS\THOMAS\Cookies\OMUMNCYN.txt [ Cookie:thomas@quartermedia.de/ ]
C:\USERS\THOMAS\Cookies\N2VYR5HX.txt [ Cookie:thomas@ad.zanox.com/ ]
C:\USERS\THOMAS\Cookies\NV1AQX89.txt [ Cookie:thomas@clickandbuy.com/ ]
C:\USERS\THOMAS\Cookies\H6KGKRZ6.txt [ Cookie:thomas@adform.net/ ]
C:\USERS\THOMAS\Cookies\KCEXICYX.txt [ Cookie:thomas@ad.yieldmanager.com/ ]
C:\USERS\THOMAS\Cookies\FTQF9NMF.txt [ Cookie:thomas@zedo.com/ ]
C:\USERS\THOMAS\Cookies\LAQ6EX50.txt [ Cookie:thomas@invitemedia.com/ ]
C:\USERS\THOMAS\Cookies\thomas@www.google[2].txt [ Cookie:thomas@www.google.com/accounts ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@MICROSOFTSTO.112.2O7[1].TXT [ /MICROSOFTSTO.112.2O7 ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@ATDMT[1].TXT [ /ATDMT ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\THOMAS@ATDMT[2].TXT [ /ATDMT ]
Trace.Known Threat Sources
C:\USERS\THOMAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23PZ3XL6\twista[1].jpg [ cache:wista ]
C:\USERS\THOMAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTCTYAQ1\tera-patrick-twista[1].png [ cache:wista ]
Geändert von Shorley (05.07.2012 um 15:46 Uhr) |
|
05.07.2012, 16:11
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Suisa Trajaner Was ist mit Malwarebytes?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.07.2012, 16:26
| #29 |
| | Suisa Trajaner ist noch am scannen Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Thomas :: THOMAS-PC [Administrator] Schutz: Aktiviert 05.07.2012 16:46:56 mbam-log-2012-07-05 (16-46-56).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 416578 Laufzeit: 1 Stunde(n), 12 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Geändert von Shorley (05.07.2012 um 17:01 Uhr) |
|
09.07.2012, 18:47
| #30 |
| | Suisa Trajaner Hallo Arne Wollte mal nachfragen ob jetzt alles ok ist. |
|
| Themen zu Suisa Trajaner |
| compu, computer, eingefangen, entfernung, formiert, forum, frage, gefangen, gen, gescannt, homepage, malwarebytes, suisa, trajaner, troja, trojaner eingefangen, trojaner-board, trojaners |
Linear-Darstellung
