| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.07.2012, 20:01
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Das erste Log ist unvollständig, die untere Zusammenfassung fehlt Tipp: schonmal was von STRG+A gehört (alles markieren) 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.07.2012, 21:16
| #17 |
 | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hallo,
__________________du meintest das erste oder das oberste Log? Kann bei beiden nicht erkennen, dass etwas fehlt?! Zur Sicherheit unten nochmal alles. Code:
ATTFilter
19:21:40.0334 5252 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
19:21:40.0415 5252 ============================================================
19:21:40.0415 5252 Current date / time: 2012/07/15 19:21:40.0415
19:21:40.0415 5252 SystemInfo:
19:21:40.0415 5252
19:21:40.0415 5252 OS Version: 6.0.6001 ServicePack: 1.0
19:21:40.0415 5252 Product type: Workstation
19:21:40.0415 5252 ComputerName: MaxMustermann-PC
19:21nn:40.0415 5252 UserName: Max Mustermann
19:21:40.0415 5252 Windows directory: C:\Windows
19:21:40.0415 5252 System windows directory: C:\Windows
19:21:40.0415 5252 Processor architecture: Intel x86
19:21:40.0415 5252 Number of processors: 2
19:21:40.0415 5252 Page size: 0x1000
19:21:40.0415 5252 Boot type: Normal boot
19:21:40.0415 5252 ============================================================
19:21:42.0790 5252 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:42.0800 5252 ============================================================
19:21:42.0800 5252 \Device\Harddisk0\DR0:
19:21:42.0800 5252 MBR partitions:
19:21:42.0800 5252 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22D1E000
19:21:42.0800 5252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x22D1E800, BlocksNum 0x270F800
19:21:42.0800 5252 ============================================================
19:21:43.0020 5252 C: <-> \Device\Harddisk0\DR0\Partition0
19:21:43.0040 5252 D: <-> \Device\Harddisk0\DR0\Partition1
19:21:43.0040 5252 ============================================================
19:21:43.0040 5252 Initialize success
19:21:43.0040 5252 ============================================================
19:23:06.0010 4588 ============================================================
19:23:06.0010 4588 Scan started
19:23:06.0010 4588 Mode: Manual; SigCheck; TDLFS;
19:23:06.0010 4588 ============================================================
19:23:07.0227 4588 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
19:23:07.0320 4588 ACPI - ok
19:23:07.0773 4588 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:23:07.0788 4588 AdobeFlashPlayerUpdateSvc - ok
19:23:07.0866 4588 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:23:07.0975 4588 adp94xx - ok
19:23:08.0038 4588 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:23:08.0053 4588 adpahci - ok
19:23:08.0209 4588 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:23:08.0209 4588 adpu160m - ok
19:23:08.0334 4588 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:23:08.0350 4588 adpu320 - ok
19:23:08.0412 4588 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:23:08.0537 4588 AeLookupSvc - ok
19:23:08.0662 4588 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
19:23:08.0755 4588 AFD - ok
19:23:08.0802 4588 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:23:08.0818 4588 agp440 - ok
19:23:08.0849 4588 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:23:08.0865 4588 aic78xx - ok
19:23:08.0974 4588 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:23:09.0145 4588 ALG - ok
19:23:09.0177 4588 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:23:09.0192 4588 aliide - ok
19:23:09.0270 4588 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:23:09.0286 4588 amdagp - ok
19:23:09.0301 4588 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:23:09.0317 4588 amdide - ok
19:23:09.0364 4588 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:23:09.0411 4588 AmdK7 - ok
19:23:09.0457 4588 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:23:09.0489 4588 AmdK8 - ok
19:23:09.0754 4588 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:23:09.0769 4588 AntiVirSchedulerService - ok
19:23:09.0832 4588 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:23:09.0847 4588 AntiVirService - ok
19:23:09.0894 4588 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:23:09.0972 4588 Appinfo - ok
19:23:10.0175 4588 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:23:10.0175 4588 Apple Mobile Device - ok
19:23:10.0206 4588 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:23:10.0222 4588 arc - ok
19:23:10.0269 4588 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:23:10.0269 4588 arcsas - ok
19:23:10.0331 4588 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:23:10.0378 4588 AsyncMac - ok
19:23:10.0409 4588 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
19:23:10.0425 4588 atapi - ok
19:23:10.0487 4588 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
19:23:10.0549 4588 AudioEndpointBuilder - ok
19:23:10.0549 4588 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
19:23:10.0581 4588 Audiosrv - ok
19:23:10.0674 4588 auusb (87046fd16fe6c0f072f4fdee3fe454b1) C:\Windows\system32\DRIVERS\auusb.sys
19:23:10.0752 4588 auusb - ok
19:23:10.0815 4588 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
19:23:10.0815 4588 avgntflt - ok
19:23:10.0877 4588 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
19:23:10.0893 4588 avipbb - ok
19:23:10.0908 4588 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:23:10.0924 4588 avkmgr - ok
19:23:10.0955 4588 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:23:11.0017 4588 Beep - ok
19:23:11.0189 4588 BFE (d3e6d78285529962349a7f1617035938) C:\Windows\System32\bfe.dll
19:23:11.0236 4588 BFE - ok
19:23:11.0423 4588 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
19:23:11.0501 4588 BITS - ok
19:23:11.0610 4588 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:23:11.0657 4588 blbdrive - ok
19:23:11.0766 4588 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:23:11.0782 4588 Bonjour Service - ok
19:23:11.0907 4588 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
19:23:11.0938 4588 bowser - ok
19:23:11.0985 4588 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:23:12.0031 4588 BrFiltLo - ok
19:23:12.0078 4588 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:23:12.0141 4588 BrFiltUp - ok
19:23:12.0203 4588 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:23:12.0250 4588 Browser - ok
19:23:12.0343 4588 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:23:12.0531 4588 Brserid - ok
19:23:12.0655 4588 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:23:12.0718 4588 BrSerWdm - ok
19:23:12.0780 4588 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:23:12.0843 4588 BrUsbMdm - ok
19:23:12.0874 4588 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:23:12.0921 4588 BrUsbSer - ok
19:23:12.0952 4588 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:23:13.0014 4588 BTHMODEM - ok
19:23:13.0030 4588 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:23:13.0077 4588 cdfs - ok
19:23:13.0092 4588 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
19:23:13.0139 4588 cdrom - ok
19:23:13.0201 4588 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
19:23:13.0264 4588 CertPropSvc - ok
19:23:13.0342 4588 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:23:13.0389 4588 circlass - ok
19:23:13.0498 4588 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
19:23:13.0513 4588 CLFS - ok
19:23:13.0732 4588 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:23:13.0747 4588 clr_optimization_v2.0.50727_32 - ok
19:23:13.0810 4588 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:23:13.0857 4588 CmBatt - ok
19:23:13.0935 4588 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:23:13.0935 4588 cmdide - ok
19:23:14.0106 4588 cmnsusbser (675d67423980fc1784b93aa47d350a31) C:\Windows\system32\DRIVERS\cmnsusbser.sys
19:23:14.0153 4588 cmnsusbser - ok
19:23:14.0169 4588 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:23:14.0169 4588 Compbatt - ok
19:23:14.0184 4588 COMSysApp - ok
19:23:14.0184 4588 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:23:14.0200 4588 crcdisk - ok
19:23:14.0215 4588 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:23:14.0262 4588 Crusoe - ok
19:23:14.0309 4588 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
19:23:14.0356 4588 CryptSvc - ok
19:23:14.0449 4588 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
19:23:14.0512 4588 DcomLaunch - ok
19:23:14.0652 4588 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
19:23:14.0699 4588 DfsC - ok
19:23:14.0871 4588 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
19:23:15.0011 4588 DFSR - ok
19:23:15.0339 4588 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\Windows\system32\Drivers\DgiVecp.sys
19:23:15.0339 4588 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
19:23:15.0339 4588 DgiVecp - detected UnsignedFile.Multi.Generic (1)
19:23:15.0401 4588 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
19:23:15.0479 4588 Dhcp - ok
19:23:15.0510 4588 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
19:23:15.0526 4588 disk - ok
19:23:15.0573 4588 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
19:23:15.0619 4588 Dnscache - ok
19:23:15.0651 4588 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
19:23:15.0697 4588 dot3svc - ok
19:23:15.0729 4588 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:23:15.0775 4588 DPS - ok
19:23:15.0822 4588 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:23:15.0853 4588 drmkaud - ok
19:23:15.0947 4588 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
19:23:16.0041 4588 DXGKrnl - ok
19:23:16.0087 4588 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:23:16.0134 4588 E1G60 - ok
19:23:16.0181 4588 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:23:16.0212 4588 EapHost - ok
19:23:16.0259 4588 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
19:23:16.0275 4588 Ecache - ok
19:23:16.0384 4588 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:23:16.0415 4588 ehRecvr - ok
19:23:16.0446 4588 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:23:16.0493 4588 ehSched - ok
19:23:16.0509 4588 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:23:16.0524 4588 ehstart - ok
19:23:16.0587 4588 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:23:16.0665 4588 elxstor - ok
19:23:16.0883 4588 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
19:23:16.0945 4588 EMDMgmt - ok
19:23:16.0992 4588 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:23:17.0023 4588 ErrDev - ok
19:23:17.0086 4588 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
19:23:17.0133 4588 EventSystem - ok
19:23:17.0195 4588 ewusbnet (90a6949c19152c8706a558823eff55ef) C:\Windows\system32\DRIVERS\ewusbnet.sys
19:23:17.0273 4588 ewusbnet - ok
19:23:17.0460 4588 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:23:17.0507 4588 ew_hwusbdev - ok
19:23:17.0538 4588 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
19:23:17.0585 4588 exfat - ok
19:23:17.0679 4588 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
19:23:17.0741 4588 fastfat - ok
19:23:17.0881 4588 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:23:17.0959 4588 fdc - ok
19:23:18.0100 4588 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:23:18.0209 4588 fdPHost - ok
19:23:18.0521 4588 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:23:18.0583 4588 FDResPub - ok
19:23:19.0083 4588 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:23:19.0098 4588 FileInfo - ok
19:23:19.0441 4588 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:23:19.0473 4588 Filetrace - ok
19:23:19.0863 4588 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:23:19.0909 4588 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:23:19.0909 4588 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:23:20.0034 4588 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:23:20.0128 4588 flpydisk - ok
19:23:20.0362 4588 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
19:23:20.0377 4588 FltMgr - ok
19:23:20.0752 4588 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:23:20.0752 4588 FontCache3.0.0.0 - ok
19:23:20.0783 4588 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:23:20.0814 4588 Fs_Rec - ok
19:23:20.0970 4588 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:23:20.0986 4588 gagp30kx - ok
19:23:21.0033 4588 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:23:21.0048 4588 GEARAspiWDM - ok
19:23:21.0142 4588 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
19:23:21.0142 4588 ggflt - ok
19:23:21.0204 4588 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
19:23:21.0220 4588 ggsemc - ok
19:23:21.0953 4588 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
19:23:22.0000 4588 gpsvc - ok
19:23:22.0265 4588 gupdate1ca5bea4aa87492 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:23:22.0281 4588 gupdate1ca5bea4aa87492 - ok
19:23:22.0281 4588 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:23:22.0296 4588 gupdatem - ok
19:23:22.0374 4588 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:23:22.0452 4588 HdAudAddService - ok
19:23:22.0795 4588 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:23:22.0827 4588 HDAudBus - ok
19:23:22.0998 4588 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:23:23.0107 4588 HidBth - ok
19:23:23.0248 4588 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:23:23.0279 4588 HidIr - ok
19:23:23.0404 4588 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
19:23:23.0482 4588 hidserv - ok
19:23:23.0591 4588 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
19:23:23.0685 4588 HidUsb - ok
19:23:23.0716 4588 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:23:23.0747 4588 hkmsvc - ok
19:23:23.0903 4588 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:23:23.0919 4588 HpCISSs - ok
19:23:24.0121 4588 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
19:23:24.0168 4588 HTTP - ok
19:23:24.0231 4588 huawei_cdcacm (6723835670a746eb97cb932f61151169) C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
19:23:24.0277 4588 huawei_cdcacm - ok
19:23:24.0324 4588 huawei_cdcecm (132af7d47704801f7af5bafcc623825c) C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
19:23:24.0355 4588 huawei_cdcecm - ok
19:23:24.0745 4588 huawei_enumerator (2f23aba465b24a57e8664a124a53cc15) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:23:24.0823 4588 huawei_enumerator - ok
19:23:24.0901 4588 huawei_ext_ctrl (50a16e0f4586338f1114a54c906463b5) C:\Windows\system32\DRIVERS\ew_juextctrl.sys
19:23:24.0964 4588 huawei_ext_ctrl - ok
19:23:25.0042 4588 hwdatacard (1c09309a3d793c57ef87ac60c6bbd739) C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:23:25.0104 4588 hwdatacard - ok
19:23:25.0167 4588 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:23:25.0182 4588 i2omp - ok
19:23:25.0229 4588 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:23:25.0245 4588 i8042prt - ok
19:23:25.0494 4588 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:23:25.0525 4588 iaStorV - ok
19:23:26.0196 4588 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:23:26.0243 4588 idsvc - ok
19:23:26.0711 4588 igfx (38eb97b9898c56e6bdf6824a6a717312) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:23:26.0914 4588 igfx - ok
19:23:28.0084 4588 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:23:28.0084 4588 iirsp - ok
19:23:28.0209 4588 IKEEXT (68e8c415e102e5d79fd7e4a765b8cba4) C:\Windows\System32\ikeext.dll
19:23:28.0255 4588 IKEEXT - ok
19:23:29.0160 4588 IntcAzAudAddService (fe912e4a9719a9792669debb403cb9b1) C:\Windows\system32\drivers\RTKVHDA.sys
19:23:29.0301 4588 IntcAzAudAddService - ok
19:23:29.0675 4588 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:23:29.0691 4588 intelide - ok
19:23:29.0706 4588 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:23:29.0737 4588 intelppm - ok
19:23:30.0034 4588 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:23:30.0096 4588 IPBusEnum - ok
19:23:30.0283 4588 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:23:30.0330 4588 IpFilterDriver - ok
19:23:30.0517 4588 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
19:23:30.0549 4588 iphlpsvc - ok
19:23:30.0564 4588 IpInIp - ok
19:23:30.0720 4588 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:23:30.0751 4588 IPMIDRV - ok
19:23:30.0954 4588 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:23:30.0985 4588 IPNAT - ok
19:23:31.0329 4588 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
19:23:31.0407 4588 iPod Service - ok
19:23:31.0438 4588 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:23:31.0469 4588 IRENUM - ok
19:23:32.0124 4588 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:23:32.0140 4588 isapnp - ok
19:23:32.0218 4588 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
19:23:32.0218 4588 iScsiPrt - ok
19:23:32.0421 4588 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:23:32.0436 4588 iteatapi - ok
19:23:32.0701 4588 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:23:32.0717 4588 iteraid - ok
19:23:32.0748 4588 JMCR (8da4444217d286fdd3a4ed6b4ac5c635) C:\Windows\system32\DRIVERS\jmcr.sys
19:23:32.0811 4588 JMCR - ok
19:23:32.0842 4588 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:23:32.0857 4588 kbdclass - ok
19:23:32.0935 4588 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
19:23:33.0013 4588 kbdhid - ok
19:23:33.0076 4588 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
19:23:33.0123 4588 KeyIso - ok
19:23:33.0169 4588 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
19:23:33.0185 4588 KSecDD - ok
19:23:33.0232 4588 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:23:33.0263 4588 KtmRm - ok
19:23:33.0294 4588 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
19:23:33.0341 4588 LanmanServer - ok
19:23:33.0559 4588 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
19:23:33.0637 4588 LanmanWorkstation - ok
19:23:33.0762 4588 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:23:33.0809 4588 lltdio - ok
19:23:33.0965 4588 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:23:34.0043 4588 lltdsvc - ok
19:23:34.0137 4588 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:23:34.0183 4588 lmhosts - ok
19:23:34.0995 4588 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:23:35.0010 4588 LSI_FC - ok
19:23:35.0151 4588 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:23:35.0166 4588 LSI_SAS - ok
19:23:35.0431 4588 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:23:35.0447 4588 LSI_SCSI - ok
19:23:35.0743 4588 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:23:35.0775 4588 luafv - ok
19:23:36.0087 4588 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:23:36.0133 4588 Mcx2Svc - ok
19:23:36.0227 4588 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:23:36.0243 4588 megasas - ok
19:23:36.0352 4588 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:23:36.0383 4588 MegaSR - ok
19:23:36.0445 4588 MF2ACT (49ec57c888a591a0256da2fbcb95eab0) C:\Windows\system32\Drivers\MF2ACT.sys
19:23:36.0492 4588 MF2ACT - ok
19:23:36.0555 4588 mf2nt (1215cd6d0991640a6873939d9f015355) C:\Windows\system32\drivers\mf2nt.sys
19:23:36.0570 4588 mf2nt ( UnsignedFile.Multi.Generic ) - warning
19:23:36.0570 4588 mf2nt - detected UnsignedFile.Multi.Generic (1)
19:23:36.0586 4588 MGHwCtrl - ok
19:23:36.0664 4588 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:23:36.0742 4588 MMCSS - ok
19:23:37.0007 4588 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:23:37.0038 4588 Modem - ok
19:23:37.0101 4588 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:23:37.0132 4588 monitor - ok
19:23:37.0553 4588 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:23:37.0569 4588 mouclass - ok
19:23:37.0818 4588 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:23:37.0912 4588 mouhid - ok
19:23:37.0943 4588 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:23:37.0943 4588 MountMgr - ok
19:23:38.0239 4588 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:23:38.0239 4588 MozillaMaintenance - ok
19:23:38.0473 4588 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:23:38.0489 4588 mpio - ok
19:23:38.0629 4588 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:23:38.0661 4588 mpsdrv - ok
19:23:38.0692 4588 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
19:23:38.0739 4588 MpsSvc - ok
19:23:38.0754 4588 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:23:38.0770 4588 Mraid35x - ok
19:23:38.0785 4588 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
19:23:38.0863 4588 MRxDAV - ok
19:23:39.0019 4588 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:23:39.0066 4588 mrxsmb - ok
19:23:39.0175 4588 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:23:39.0207 4588 mrxsmb10 - ok
19:23:39.0253 4588 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:23:39.0285 4588 mrxsmb20 - ok
19:23:39.0347 4588 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
19:23:39.0363 4588 msahci - ok
19:23:39.0378 4588 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:23:39.0394 4588 msdsm - ok
19:23:39.0597 4588 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:23:39.0628 4588 MSDTC - ok
19:23:39.0784 4588 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:23:39.0815 4588 Msfs - ok
19:23:39.0877 4588 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:23:39.0877 4588 msisadrv - ok
19:23:39.0987 4588 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:23:40.0002 4588 MSiSCSI - ok
19:23:40.0018 4588 msiserver - ok
19:23:40.0065 4588 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:23:40.0111 4588 MSKSSRV - ok
19:23:40.0111 4588 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:23:40.0174 4588 MSPCLOCK - ok
19:23:40.0205 4588 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:23:40.0221 4588 MSPQM - ok
19:23:40.0236 4588 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
19:23:40.0252 4588 MsRPC - ok
19:23:40.0377 4588 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:23:40.0392 4588 mssmbios - ok
19:23:40.0439 4588 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:23:40.0455 4588 MSTEE - ok
19:23:40.0907 4588 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
19:23:40.0907 4588 Mup - ok
19:23:40.0969 4588 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
19:23:41.0016 4588 napagent - ok
19:23:41.0079 4588 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
19:23:41.0094 4588 NativeWifiP - ok
19:23:41.0172 4588 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
19:23:41.0188 4588 NDIS - ok
19:23:41.0297 4588 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:23:41.0391 4588 NdisTapi - ok
19:23:41.0531 4588 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:23:41.0562 4588 Ndisuio - ok
19:23:41.0749 4588 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
19:23:41.0781 4588 NdisWan - ok
19:23:41.0905 4588 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:23:41.0921 4588 NDProxy - ok
19:23:42.0483 4588 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:23:42.0529 4588 Nero BackItUp Scheduler 3 - ok
19:23:42.0561 4588 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:23:42.0623 4588 NetBIOS - ok
19:23:42.0826 4588 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
19:23:42.0873 4588 netbt - ok
19:23:42.0997 4588 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
19:23:43.0013 4588 Netlogon - ok
19:23:43.0216 4588 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:23:43.0263 4588 Netman - ok
19:23:43.0575 4588 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:23:43.0621 4588 netprofm - ok
19:23:43.0777 4588 netr28 (3f540b257442cc1a2220dd8f73ac1c77) C:\Windows\system32\DRIVERS\netr28.sys
19:23:43.0887 4588 netr28 - ok
19:23:44.0121 4588 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:23:44.0136 4588 NetTcpPortSharing - ok
19:23:44.0245 4588 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:23:44.0261 4588 nfrd960 - ok
19:23:44.0292 4588 NishService - ok
19:23:44.0433 4588 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:23:44.0464 4588 NlaSvc - ok
19:23:45.0010 4588 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:23:45.0025 4588 NMIndexingService - ok
19:23:45.0072 4588 nosGetPlusHelper (f44addbf29905cb19f52fc9fe6a0efa1) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
19:23:45.0072 4588 nosGetPlusHelper - ok
19:23:45.0322 4588 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
19:23:45.0384 4588 Npfs - ok
19:23:45.0525 4588 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:23:45.0556 4588 nsi - ok
19:23:45.0603 4588 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:23:45.0649 4588 nsiproxy - ok
19:23:45.0930 4588 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
19:23:45.0993 4588 Ntfs - ok
19:23:46.0164 4588 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:23:46.0227 4588 ntrigdigi - ok
19:23:46.0320 4588 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:23:46.0414 4588 Null - ok
19:23:46.0461 4588 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:23:46.0461 4588 nvraid - ok
19:23:46.0710 4588 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:23:46.0726 4588 nvstor - ok
19:23:47.0069 4588 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:23:47.0085 4588 nv_agp - ok
19:23:47.0085 4588 NwlnkFlt - ok
19:23:47.0100 4588 NwlnkFwd - ok
19:23:47.0303 4588 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:23:47.0319 4588 odserv - ok
19:23:47.0521 4588 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
19:23:47.0553 4588 ohci1394 - ok
19:23:47.0818 4588 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
19:23:47.0818 4588 OMSI download service ( UnsignedFile.Multi.Generic ) - warning
19:23:47.0818 4588 OMSI download service - detected UnsignedFile.Multi.Generic (1)
19:23:47.0880 4588 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:23:47.0880 4588 ose - ok
19:23:48.0021 4588 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
19:23:48.0083 4588 p2pimsvc - ok
19:23:48.0099 4588 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
19:23:48.0114 4588 p2psvc - ok
19:23:48.0286 4588 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:23:48.0348 4588 Parport - ok
19:23:48.0395 4588 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
19:23:48.0411 4588 partmgr - ok
19:23:48.0504 4588 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:23:48.0567 4588 Parvdm - ok
19:23:48.0801 4588 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:23:48.0847 4588 PcaSvc - ok
19:23:49.0284 4588 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
19:23:49.0300 4588 pci - ok
19:23:49.0456 4588 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:23:49.0471 4588 pciide - ok
19:23:49.0534 4588 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:23:49.0534 4588 pcmcia - ok
19:23:49.0643 4588 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:23:49.0752 4588 PEAUTH - ok
19:23:50.0205 4588 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:23:50.0314 4588 pla - ok
19:23:50.0454 4588 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
19:23:50.0470 4588 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
19:23:50.0470 4588 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
19:23:50.0501 4588 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
19:23:50.0532 4588 PlugPlay - ok
19:23:50.0657 4588 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
19:23:50.0766 4588 PNRPAutoReg - ok
19:23:50.0782 4588 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
19:23:50.0797 4588 PNRPsvc - ok
19:23:50.0891 4588 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
19:23:50.0953 4588 PolicyAgent - ok
19:23:51.0312 4588 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:23:51.0343 4588 PptpMiniport - ok
19:23:51.0375 4588 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:23:51.0406 4588 Processor - ok
19:23:51.0562 4588 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
19:23:51.0609 4588 ProfSvc - ok
19:23:51.0718 4588 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
19:23:51.0733 4588 ProtectedStorage - ok
19:23:51.0796 4588 ProtexisLicensing (f115af58abe5605d7d709cbfbd83f418) C:\Windows\system32\PSIService.exe
19:23:51.0811 4588 ProtexisLicensing - ok
19:23:51.0843 4588 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
19:23:51.0874 4588 PSched - ok
19:23:52.0155 4588 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:23:52.0264 4588 ql2300 - ok
19:23:52.0295 4588 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:23:52.0311 4588 ql40xx - ok
19:23:52.0467 4588 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:23:52.0482 4588 QWAVE - ok
19:23:52.0498 4588 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:23:52.0545 4588 QWAVEdrv - ok
19:23:52.0576 4588 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:23:52.0607 4588 RasAcd - ok
19:23:52.0623 4588 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:23:52.0701 4588 RasAuto - ok
19:23:52.0872 4588 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:23:52.0903 4588 Rasl2tp - ok
19:23:52.0981 4588 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
19:23:53.0013 4588 RasMan - ok
19:23:53.0059 4588 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
19:23:53.0091 4588 RasPppoe - ok
19:23:53.0169 4588 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
19:23:53.0184 4588 RasSstp - ok
19:23:53.0293 4588 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
19:23:53.0340 4588 rdbss - ok
19:23:53.0371 4588 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:23:53.0403 4588 RDPCDD - ok
19:23:53.0481 4588 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:23:53.0512 4588 rdpdr - ok
19:23:53.0512 4588 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:23:53.0543 4588 RDPENCDD - ok
19:23:53.0637 4588 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
19:23:53.0683 4588 RDPWD - ok
19:23:53.0761 4588 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:23:53.0793 4588 RemoteAccess - ok
19:23:53.0886 4588 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
19:23:53.0902 4588 RemoteRegistry - ok
19:23:54.0151 4588 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:23:54.0198 4588 RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:23:54.0198 4588 RichVideo - detected UnsignedFile.Multi.Generic (1)
19:23:54.0229 4588 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:23:54.0261 4588 RpcLocator - ok
19:23:54.0401 4588 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
19:23:54.0417 4588 RpcSs - ok
19:23:54.0463 4588 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:23:54.0479 4588 rspndr - ok
19:23:54.0557 4588 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:23:54.0604 4588 RTL8169 - ok
19:23:54.0697 4588 s0017bus (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys
19:23:54.0713 4588 s0017bus - ok
19:23:54.0760 4588 s0017mdfl (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys
19:23:54.0760 4588 s0017mdfl - ok
19:23:54.0869 4588 s0017mdm (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys
19:23:54.0885 4588 s0017mdm - ok
19:23:54.0931 4588 s0017mgmt (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys
19:23:54.0947 4588 s0017mgmt - ok
19:23:54.0994 4588 s0017nd5 (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys
19:23:55.0009 4588 s0017nd5 - ok
19:23:55.0087 4588 s0017obex (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys
19:23:55.0087 4588 s0017obex - ok
19:23:55.0134 4588 s0017unic (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys
19:23:55.0134 4588 s0017unic - ok
19:23:55.0181 4588 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys
19:23:55.0197 4588 s1018bus - ok
19:23:55.0275 4588 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys
19:23:55.0290 4588 s1018mdfl - ok
19:23:55.0321 4588 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys
19:23:55.0337 4588 s1018mdm - ok
19:23:55.0415 4588 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys
19:23:55.0446 4588 s1018mgmt - ok
19:23:55.0477 4588 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys
19:23:55.0477 4588 s1018nd5 - ok
19:23:55.0555 4588 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys
19:23:55.0555 4588 s1018obex - ok
19:23:55.0649 4588 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys
19:23:55.0665 4588 s1018unic - ok
19:23:55.0727 4588 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
19:23:55.0743 4588 SamSs - ok
19:23:55.0789 4588 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:23:55.0789 4588 sbp2port - ok
19:23:55.0899 4588 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
19:23:55.0930 4588 SCardSvr - ok
19:23:56.0086 4588 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
19:23:56.0195 4588 Schedule - ok
19:23:56.0226 4588 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
19:23:56.0257 4588 SCPolicySvc - ok
19:23:56.0382 4588 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
19:23:56.0413 4588 sdbus - ok
19:23:56.0538 4588 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:23:56.0601 4588 SDRSVC - ok
19:23:56.0632 4588 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:23:56.0679 4588 secdrv - ok
19:23:56.0757 4588 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:23:56.0788 4588 seclogon - ok
19:23:56.0881 4588 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
19:23:56.0913 4588 seehcri - ok
19:23:56.0928 4588 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:23:56.0975 4588 SENS - ok
19:23:57.0053 4588 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:23:57.0115 4588 Serenum - ok
19:23:57.0256 4588 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:23:57.0318 4588 Serial - ok
19:23:57.0396 4588 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:23:57.0412 4588 sermouse - ok
19:23:57.0537 4588 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:23:57.0568 4588 SessionEnv - ok
19:23:57.0630 4588 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:23:57.0661 4588 sffdisk - ok
19:23:57.0693 4588 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:23:57.0771 4588 sffp_mmc - ok
19:23:57.0786 4588 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:23:57.0833 4588 sffp_sd - ok
19:23:57.0880 4588 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:23:57.0973 4588 sfloppy - ok
19:23:58.0036 4588 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:23:58.0114 4588 SharedAccess - ok
19:23:58.0254 4588 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
19:23:58.0348 4588 ShellHWDetection - ok
19:23:58.0363 4588 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:23:58.0363 4588 sisagp - ok
19:23:58.0410 4588 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:23:58.0426 4588 SiSRaid2 - ok
19:23:58.0535 4588 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:23:58.0551 4588 SiSRaid4 - ok
19:23:58.0894 4588 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
19:23:59.0065 4588 slsvc - ok
19:23:59.0237 4588 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
19:23:59.0284 4588 SLUINotify - ok
19:23:59.0377 4588 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
19:23:59.0424 4588 Smb - ok
19:23:59.0487 4588 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:23:59.0502 4588 SNMPTRAP - ok
19:23:59.0549 4588 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:23:59.0565 4588 spldr - ok
19:23:59.0674 4588 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
19:23:59.0721 4588 Spooler - ok
19:23:59.0814 4588 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
19:23:59.0861 4588 srv - ok
19:23:59.0955 4588 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
19:23:59.0986 4588 srv2 - ok
19:24:00.0048 4588 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
19:24:00.0111 4588 srvnet - ok
19:24:00.0563 4588 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:24:00.0657 4588 SSDPSRV - ok
19:24:00.0703 4588 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:24:00.0719 4588 ssmdrv - ok
19:24:00.0781 4588 SSPORT (5f77725ec309de1242d8efc8e9259a9f) C:\Windows\system32\Drivers\SSPORT.sys
19:24:00.0797 4588 SSPORT ( UnsignedFile.Multi.Generic ) - warning
19:24:00.0797 4588 SSPORT - detected UnsignedFile.Multi.Generic (1)
19:24:00.0844 4588 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:24:00.0875 4588 SstpSvc - ok
19:24:00.0953 4588 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
19:24:01.0015 4588 stisvc - ok
19:24:01.0125 4588 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:24:01.0125 4588 swenum - ok
19:24:01.0156 4588 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
19:24:01.0187 4588 swprv - ok
19:24:01.0359 4588 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:24:01.0359 4588 Symc8xx - ok
19:24:01.0390 4588 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:24:01.0390 4588 Sym_hi - ok
19:24:01.0515 4588 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:24:01.0515 4588 Sym_u3 - ok
19:24:01.0764 4588 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
19:24:01.0811 4588 SysMain - ok
19:24:01.0873 4588 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:24:01.0920 4588 TabletInputService - ok
19:24:01.0967 4588 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
19:24:02.0014 4588 TapiSrv - ok
19:24:02.0076 4588 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:24:02.0107 4588 TBS - ok
19:24:02.0217 4588 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
19:24:02.0279 4588 Tcpip - ok
19:24:02.0295 4588 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
19:24:02.0341 4588 Tcpip6 - ok
19:24:02.0373 4588 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
19:24:02.0419 4588 tcpipreg - ok
19:24:02.0435 4588 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:24:02.0482 4588 TDPIPE - ok
19:24:02.0497 4588 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:24:02.0529 4588 TDTCP - ok
19:24:02.0560 4588 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
19:24:02.0591 4588 tdx - ok
19:24:02.0607 4588 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
19:24:02.0622 4588 TermDD - ok
19:24:02.0685 4588 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
19:24:02.0716 4588 TermService - ok
19:24:02.0763 4588 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
19:24:02.0778 4588 Themes - ok
19:24:02.0825 4588 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:24:02.0856 4588 THREADORDER - ok
19:24:02.0872 4588 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:24:02.0903 4588 TrkWks - ok
19:24:02.0965 4588 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
19:24:03.0012 4588 TrustedInstaller - ok
19:24:03.0059 4588 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:24:03.0121 4588 tssecsrv - ok
19:24:03.0168 4588 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:24:03.0215 4588 tunmp - ok
19:24:03.0355 4588 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
19:24:03.0387 4588 tunnel - ok
19:24:03.0402 4588 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:24:03.0418 4588 uagp35 - ok
19:24:03.0543 4588 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
19:24:03.0589 4588 udfs - ok
19:24:03.0652 4588 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:24:03.0730 4588 UI0Detect - ok
19:24:03.0777 4588 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:24:03.0792 4588 uliagpkx - ok
19:24:03.0839 4588 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:24:03.0870 4588 uliahci - ok
19:24:03.0901 4588 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:24:03.0917 4588 UlSata - ok
19:24:03.0933 4588 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:24:03.0933 4588 ulsata2 - ok
19:24:03.0964 4588 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:24:04.0011 4588 umbus - ok
19:24:04.0042 4588 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:24:04.0073 4588 upnphost - ok
19:24:04.0120 4588 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
19:24:04.0135 4588 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
19:24:04.0135 4588 USBAAPL - detected UnsignedFile.Multi.Generic (1)
19:24:04.0182 4588 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:24:04.0213 4588 usbccgp - ok
19:24:04.0245 4588 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:24:04.0307 4588 usbcir - ok
19:24:04.0354 4588 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
19:24:04.0385 4588 usbehci - ok
19:24:04.0432 4588 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
19:24:04.0447 4588 usbhub - ok
19:24:04.0463 4588 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:24:04.0510 4588 usbohci - ok
19:24:04.0557 4588 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:24:04.0572 4588 usbprint - ok
19:24:04.0603 4588 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:24:04.0635 4588 USBSTOR - ok
19:24:04.0650 4588 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:24:04.0697 4588 usbuhci - ok
19:24:04.0806 4588 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
19:24:04.0822 4588 usnjsvc - ok
19:24:04.0869 4588 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
19:24:04.0931 4588 UxSms - ok
19:24:05.0009 4588 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
19:24:05.0103 4588 vds - ok
19:24:05.0196 4588 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:24:05.0243 4588 vga - ok
19:24:05.0305 4588 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:24:05.0352 4588 VgaSave - ok
19:24:05.0383 4588 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:24:05.0383 4588 viaagp - ok
19:24:05.0399 4588 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:24:05.0430 4588 ViaC7 - ok
19:24:05.0477 4588 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:24:05.0477 4588 viaide - ok
19:24:05.0602 4588 VmbService (7e4769483d416aa04b916aab7ef0dbaf) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
19:24:05.0602 4588 VmbService ( UnsignedFile.Multi.Generic ) - warning
19:24:05.0602 4588 VmbService - detected UnsignedFile.Multi.Generic (1)
19:24:05.0617 4588 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:24:05.0617 4588 volmgr - ok
19:24:05.0664 4588 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
19:24:05.0680 4588 volmgrx - ok
19:24:05.0711 4588 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
19:24:05.0727 4588 volsnap - ok
19:24:05.0773 4588 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:24:05.0773 4588 vsmraid - ok
19:24:05.0867 4588 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
19:24:05.0945 4588 VSS - ok
19:24:05.0976 4588 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
19:24:06.0007 4588 W32Time - ok
19:24:06.0054 4588 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:24:06.0117 4588 WacomPen - ok
19:24:06.0148 4588 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:24:06.0179 4588 Wanarp - ok
19:24:06.0195 4588 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:24:06.0210 4588 Wanarpv6 - ok
19:24:06.0241 4588 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
19:24:06.0273 4588 wcncsvc - ok
19:24:06.0304 4588 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:24:06.0335 4588 WcsPlugInService - ok
19:24:06.0351 4588 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:24:06.0366 4588 Wd - ok
19:24:06.0397 4588 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:24:06.0429 4588 Wdf01000 - ok
19:24:06.0460 4588 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:24:06.0491 4588 WdiServiceHost - ok
19:24:06.0491 4588 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:24:06.0522 4588 WdiSystemHost - ok
19:24:06.0553 4588 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
19:24:06.0616 4588 WebClient - ok
19:24:06.0663 4588 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
19:24:06.0694 4588 Wecsvc - ok
19:24:06.0772 4588 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:24:06.0834 4588 wercplsupport - ok
19:24:06.0850 4588 WerSvc (4081288554294f144e5a7d4ee20e3ce6) C:\Windows\System32\WerSvc.dll
19:24:06.0928 4588 WerSvc - ok
19:24:07.0053 4588 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:24:07.0053 4588 WinDefend - ok
19:24:07.0068 4588 WinHttpAutoProxySvc - ok
19:24:07.0146 4588 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
19:24:07.0209 4588 Winmgmt - ok
19:24:07.0271 4588 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
19:24:07.0427 4588 WinRM - ok
19:24:07.0521 4588 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
19:24:07.0567 4588 Wlansvc - ok
19:24:07.0645 4588 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
19:24:07.0677 4588 WLSetupSvc - ok
19:24:07.0723 4588 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:24:07.0755 4588 WmiAcpi - ok
19:24:07.0833 4588 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
19:24:07.0864 4588 wmiApSrv - ok
19:24:08.0020 4588 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:24:08.0113 4588 WMPNetworkSvc - ok
19:24:08.0145 4588 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
19:24:08.0176 4588 WPCSvc - ok
19:24:08.0191 4588 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
19:24:08.0238 4588 WPDBusEnum - ok
19:24:08.0301 4588 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
19:24:08.0332 4588 WpdUsb - ok
19:24:08.0347 4588 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:24:08.0379 4588 ws2ifsl - ok
19:24:08.0379 4588 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
19:24:08.0394 4588 wscsvc - ok
19:24:08.0410 4588 WSearch - ok
19:24:08.0503 4588 WTGService (67c1bcccb4b59552bd62827f812a3a8b) C:\Program Files\XSManager\WTGService.exe
19:24:08.0519 4588 WTGService - ok
19:24:08.0644 4588 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:24:08.0862 4588 wuauserv - ok
19:24:09.0237 4588 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:24:09.0299 4588 WUDFRd - ok
19:24:09.0315 4588 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:24:09.0361 4588 wudfsvc - ok
19:24:09.0393 4588 XMLDIUSB (eec2098940e9a0804b25dd6be3676224) C:\Windows\system32\Drivers\XMLDIUSB.sys
19:24:09.0439 4588 XMLDIUSB - ok
19:24:09.0486 4588 XS Stick Service (4a8de57515970066e1afc562cbe818c7) C:\Windows\service4g.exe
19:24:09.0486 4588 XS Stick Service - ok
19:24:09.0549 4588 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:24:09.0876 4588 \Device\Harddisk0\DR0 - ok
19:24:09.0876 4588 Boot (0x1200) (dd153639ed9a486481e164549cb6200d) \Device\Harddisk0\DR0\Partition0
19:24:09.0876 4588 \Device\Harddisk0\DR0\Partition0 - ok
19:24:09.0892 4588 Boot (0x1200) (c362d02326c1edd424d6f2cb926cd2c8) \Device\Harddisk0\DR0\Partition1
19:24:09.0892 4588 \Device\Harddisk0\DR0\Partition1 - ok
19:24:09.0892 4588 ============================================================
19:24:09.0892 4588 Scan finished
19:24:09.0892 4588 ============================================================
19:24:09.0907 1164 Detected object count: 9
19:24:09.0907 1164 Actual detected object count: 9
Code:
ATTFilter
19:21:05.0902 5776 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
19:21:06.0487 5776 ============================================================
19:21:06.0487 5776 Current date / time: 2012/07/15 19:21:06.0487
19:21:06.0487 5776 SystemInfo:
19:21:06.0488 5776
19:21:06.0488 5776 OS Version: 6.0.6001 ServicePack: 1.0
19:21:06.0488 5776 Product type: Workstation
19:21:06.0488 5776 ComputerName: MaxMustermann-PC
19:21:06.0488 5776 UserName: Max Mustermann
19:21:06.0488 5776 Windows directory: C:\Windows
19:21:06.0488 5776 System windows directory: C:\Windows
19:21:06.0488 5776 Processor architecture: Intel x86
19:21:06.0488 5776 Number of processors: 2
19:21:06.0488 5776 Page size: 0x1000
19:21:06.0488 5776 Boot type: Normal boot
19:21:06.0488 5776 ============================================================
19:21:07.0882 5776 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:07.0882 5776 ============================================================
19:21:07.0882 5776 \Device\Harddisk0\DR0:
19:21:07.0882 5776 MBR partitions:
19:21:07.0882 5776 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22D1E000
19:21:07.0882 5776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x22D1E800, BlocksNum 0x270F800
19:21:07.0882 5776 ============================================================
19:21:07.0922 5776 C: <-> \Device\Harddisk0\DR0\Partition0
19:21:07.0952 5776 D: <-> \Device\Harddisk0\DR0\Partition1
19:21:07.0952 5776 ============================================================
19:21:07.0952 5776 Initialize success
19:21:07.0952 5776 ============================================================
19:21:33.0583 3136 Deinitialize success
|
|
16.07.2012, 13:58
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Das erste Log!
__________________Was ist denn nun mit STRG+A?! Man kopiert ein ganzes Log, indem man es vollständig mit STRG+A markiert und dann kopiert!
__________________ |
|
16.07.2012, 20:12
| #19 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hi, ich hatte alles markiert. Hier nun das Log nach einem erneuten Scan. Hoffe, das passt. Danke für die Geduld und Gruß Code:
ATTFilter
21:01:57.0395 4184 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
21:01:57.0489 4184 ============================================================
21:01:57.0489 4184 Current date / time: 2012/07/16 21:01:57.0489
21:01:57.0489 4184 SystemInfo:
21:01:57.0489 4184
21:01:57.0489 4184 OS Version: 6.0.6001 ServicePack: 1.0
21:01:57.0489 4184 Product type: Workstation
21:01:57.0489 4184 ComputerName: MaxMustermann-PC
21:01:57.0489 4184 UserName: Max Mustermann
21:01:57.0489 4184 Windows directory: C:\Windows
21:01:57.0489 4184 System windows directory: C:\Windows
21:01:57.0489 4184 Processor architecture: Intel x86
21:01:57.0489 4184 Number of processors: 2
21:01:57.0489 4184 Page size: 0x1000
21:01:57.0489 4184 Boot type: Normal boot
21:01:57.0489 4184 ============================================================
21:01:59.0938 4184 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:01:59.0953 4184 ============================================================
21:01:59.0953 4184 \Device\Harddisk0\DR0:
21:01:59.0953 4184 MBR partitions:
21:01:59.0953 4184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22D1E000
21:01:59.0953 4184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x22D1E800, BlocksNum 0x270F800
21:01:59.0953 4184 ============================================================
21:02:00.0000 4184 C: <-> \Device\Harddisk0\DR0\Partition0
21:02:00.0047 4184 D: <-> \Device\Harddisk0\DR0\Partition1
21:02:00.0047 4184 ============================================================
21:02:00.0047 4184 Initialize success
21:02:00.0047 4184 ============================================================
21:04:27.0955 5568 ============================================================
21:04:27.0955 5568 Scan started
21:04:27.0955 5568 Mode: Manual; SigCheck; TDLFS;
21:04:27.0955 5568 ============================================================
21:04:29.0157 5568 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
21:04:29.0266 5568 ACPI - ok
21:04:29.0500 5568 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:04:29.0515 5568 AdobeFlashPlayerUpdateSvc - ok
21:04:29.0578 5568 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:04:29.0609 5568 adp94xx - ok
21:04:29.0656 5568 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:04:29.0671 5568 adpahci - ok
21:04:29.0734 5568 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:04:29.0749 5568 adpu160m - ok
21:04:29.0812 5568 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:04:29.0827 5568 adpu320 - ok
21:04:29.0921 5568 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
21:04:30.0046 5568 AeLookupSvc - ok
21:04:30.0124 5568 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
21:04:30.0264 5568 AFD - ok
21:04:30.0311 5568 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:04:30.0311 5568 agp440 - ok
21:04:30.0342 5568 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:04:30.0358 5568 aic78xx - ok
21:04:30.0389 5568 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
21:04:30.0561 5568 ALG - ok
21:04:30.0561 5568 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:04:30.0576 5568 aliide - ok
21:04:30.0592 5568 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:04:30.0607 5568 amdagp - ok
21:04:30.0607 5568 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:04:30.0623 5568 amdide - ok
21:04:30.0639 5568 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:04:30.0685 5568 AmdK7 - ok
21:04:30.0717 5568 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:04:30.0748 5568 AmdK8 - ok
21:04:30.0888 5568 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:04:30.0904 5568 AntiVirSchedulerService - ok
21:04:30.0997 5568 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:04:31.0013 5568 AntiVirService - ok
21:04:31.0122 5568 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
21:04:31.0185 5568 Appinfo - ok
21:04:31.0450 5568 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:04:31.0465 5568 Apple Mobile Device - ok
21:04:31.0512 5568 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:04:31.0528 5568 arc - ok
21:04:31.0543 5568 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:04:31.0559 5568 arcsas - ok
21:04:31.0575 5568 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:04:31.0637 5568 AsyncMac - ok
21:04:31.0684 5568 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
21:04:31.0684 5568 atapi - ok
21:04:31.0762 5568 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
21:04:31.0809 5568 AudioEndpointBuilder - ok
21:04:31.0809 5568 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
21:04:31.0840 5568 Audiosrv - ok
21:04:31.0949 5568 auusb (87046fd16fe6c0f072f4fdee3fe454b1) C:\Windows\system32\DRIVERS\auusb.sys
21:04:31.0980 5568 auusb - ok
21:04:32.0074 5568 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
21:04:32.0089 5568 avgntflt - ok
21:04:32.0152 5568 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
21:04:32.0167 5568 avipbb - ok
21:04:32.0214 5568 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
21:04:32.0214 5568 avkmgr - ok
21:04:32.0245 5568 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:04:32.0292 5568 Beep - ok
21:04:32.0417 5568 BFE (d3e6d78285529962349a7f1617035938) C:\Windows\System32\bfe.dll
21:04:32.0464 5568 BFE - ok
21:04:32.0542 5568 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
21:04:32.0620 5568 BITS - ok
21:04:32.0760 5568 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:04:32.0823 5568 blbdrive - ok
21:04:33.0010 5568 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:04:33.0025 5568 Bonjour Service - ok
21:04:33.0072 5568 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
21:04:33.0119 5568 bowser - ok
21:04:33.0150 5568 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:04:33.0197 5568 BrFiltLo - ok
21:04:33.0244 5568 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:04:33.0306 5568 BrFiltUp - ok
21:04:33.0369 5568 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
21:04:33.0431 5568 Browser - ok
21:04:33.0462 5568 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:04:34.0211 5568 Brserid - ok
21:04:34.0289 5568 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:04:34.0351 5568 BrSerWdm - ok
21:04:34.0398 5568 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:04:34.0570 5568 BrUsbMdm - ok
21:04:34.0585 5568 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:04:34.0632 5568 BrUsbSer - ok
21:04:34.0695 5568 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:04:34.0757 5568 BTHMODEM - ok
21:04:34.0788 5568 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:04:34.0835 5568 cdfs - ok
21:04:34.0866 5568 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
21:04:34.0913 5568 cdrom - ok
21:04:35.0038 5568 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
21:04:35.0085 5568 CertPropSvc - ok
21:04:35.0116 5568 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:04:35.0163 5568 circlass - ok
21:04:35.0334 5568 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
21:04:35.0350 5568 CLFS - ok
21:04:35.0428 5568 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:04:35.0443 5568 clr_optimization_v2.0.50727_32 - ok
21:04:35.0521 5568 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:04:35.0568 5568 CmBatt - ok
21:04:35.0631 5568 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:04:35.0631 5568 cmdide - ok
21:04:35.0724 5568 cmnsusbser (675d67423980fc1784b93aa47d350a31) C:\Windows\system32\DRIVERS\cmnsusbser.sys
21:04:35.0771 5568 cmnsusbser - ok
21:04:35.0787 5568 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:04:35.0802 5568 Compbatt - ok
21:04:35.0802 5568 COMSysApp - ok
21:04:35.0818 5568 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:04:35.0818 5568 crcdisk - ok
21:04:35.0849 5568 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:04:35.0896 5568 Crusoe - ok
21:04:36.0005 5568 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
21:04:36.0052 5568 CryptSvc - ok
21:04:36.0177 5568 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
21:04:36.0239 5568 DcomLaunch - ok
21:04:36.0286 5568 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
21:04:36.0348 5568 DfsC - ok
21:04:36.0769 5568 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
21:04:36.0925 5568 DFSR - ok
21:04:37.0440 5568 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\Windows\system32\Drivers\DgiVecp.sys
21:04:37.0487 5568 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
21:04:37.0487 5568 DgiVecp - detected UnsignedFile.Multi.Generic (1)
21:04:37.0549 5568 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
21:04:37.0596 5568 Dhcp - ok
21:04:37.0627 5568 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
21:04:37.0643 5568 disk - ok
21:04:37.0705 5568 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
21:04:37.0737 5568 Dnscache - ok
21:04:37.0768 5568 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
21:04:37.0815 5568 dot3svc - ok
21:04:37.0877 5568 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
21:04:37.0924 5568 DPS - ok
21:04:37.0971 5568 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:04:38.0002 5568 drmkaud - ok
21:04:38.0111 5568 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
21:04:38.0173 5568 DXGKrnl - ok
21:04:38.0220 5568 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:04:38.0267 5568 E1G60 - ok
21:04:38.0329 5568 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
21:04:38.0361 5568 EapHost - ok
21:04:38.0407 5568 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
21:04:38.0423 5568 Ecache - ok
21:04:39.0047 5568 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
21:04:39.0109 5568 ehRecvr - ok
21:04:39.0141 5568 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
21:04:39.0187 5568 ehSched - ok
21:04:39.0203 5568 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
21:04:39.0234 5568 ehstart - ok
21:04:39.0281 5568 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:04:39.0297 5568 elxstor - ok
21:04:39.0453 5568 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
21:04:39.0499 5568 EMDMgmt - ok
21:04:39.0531 5568 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:04:39.0577 5568 ErrDev - ok
21:04:39.0765 5568 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
21:04:39.0843 5568 EventSystem - ok
21:04:39.0905 5568 ewusbnet (90a6949c19152c8706a558823eff55ef) C:\Windows\system32\DRIVERS\ewusbnet.sys
21:04:39.0999 5568 ewusbnet - ok
21:04:40.0108 5568 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
21:04:40.0170 5568 ew_hwusbdev - ok
21:04:40.0201 5568 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
21:04:40.0248 5568 exfat - ok
21:04:40.0357 5568 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
21:04:40.0420 5568 fastfat - ok
21:04:40.0482 5568 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:04:40.0513 5568 fdc - ok
21:04:40.0545 5568 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
21:04:40.0607 5568 fdPHost - ok
21:04:40.0654 5568 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
21:04:40.0716 5568 FDResPub - ok
21:04:40.0747 5568 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:04:40.0763 5568 FileInfo - ok
21:04:40.0779 5568 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:04:40.0810 5568 Filetrace - ok
21:04:41.0262 5568 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:04:41.0325 5568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:04:41.0325 5568 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:04:41.0403 5568 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:04:41.0449 5568 flpydisk - ok
21:04:41.0527 5568 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
21:04:41.0543 5568 FltMgr - ok
21:04:41.0684 5568 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:04:41.0716 5568 FontCache3.0.0.0 - ok
21:04:41.0762 5568 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:04:41.0794 5568 Fs_Rec - ok
21:04:41.0918 5568 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:04:41.0934 5568 gagp30kx - ok
21:04:41.0981 5568 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:04:41.0981 5568 GEARAspiWDM - ok
21:04:42.0106 5568 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
21:04:42.0121 5568 ggflt - ok
21:04:42.0137 5568 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
21:04:42.0137 5568 ggsemc - ok
21:04:42.0230 5568 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
21:04:42.0308 5568 gpsvc - ok
21:04:42.0449 5568 gupdate1ca5bea4aa87492 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
21:04:42.0464 5568 gupdate1ca5bea4aa87492 - ok
21:04:42.0464 5568 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
21:04:42.0480 5568 gupdatem - ok
21:04:42.0542 5568 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:04:42.0636 5568 HdAudAddService - ok
21:04:42.0714 5568 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:04:42.0761 5568 HDAudBus - ok
21:04:42.0854 5568 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:04:42.0932 5568 HidBth - ok
21:04:43.0073 5568 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:04:43.0104 5568 HidIr - ok
21:04:43.0182 5568 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
21:04:43.0244 5568 hidserv - ok
21:04:43.0307 5568 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
21:04:43.0354 5568 HidUsb - ok
21:04:43.0369 5568 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
21:04:43.0416 5568 hkmsvc - ok
21:04:43.0447 5568 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:04:43.0463 5568 HpCISSs - ok
21:04:43.0556 5568 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
21:04:43.0603 5568 HTTP - ok
21:04:43.0697 5568 huawei_cdcacm (6723835670a746eb97cb932f61151169) C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
21:04:43.0728 5568 huawei_cdcacm - ok
21:04:43.0775 5568 huawei_cdcecm (132af7d47704801f7af5bafcc623825c) C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
21:04:43.0806 5568 huawei_cdcecm - ok
21:04:43.0900 5568 huawei_enumerator (2f23aba465b24a57e8664a124a53cc15) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
21:04:43.0946 5568 huawei_enumerator - ok
21:04:44.0212 5568 huawei_ext_ctrl (50a16e0f4586338f1114a54c906463b5) C:\Windows\system32\DRIVERS\ew_juextctrl.sys
21:04:44.0258 5568 huawei_ext_ctrl - ok
21:04:44.0430 5568 hwdatacard (1c09309a3d793c57ef87ac60c6bbd739) C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:04:44.0492 5568 hwdatacard - ok
21:04:44.0539 5568 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:04:44.0555 5568 i2omp - ok
21:04:44.0633 5568 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:04:44.0648 5568 i8042prt - ok
21:04:44.0742 5568 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:04:44.0773 5568 iaStorV - ok
21:04:45.0194 5568 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:04:45.0272 5568 idsvc - ok
21:04:45.0974 5568 igfx (38eb97b9898c56e6bdf6824a6a717312) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:04:46.0193 5568 igfx - ok
21:04:46.0692 5568 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:04:46.0708 5568 iirsp - ok
21:04:46.0786 5568 IKEEXT (68e8c415e102e5d79fd7e4a765b8cba4) C:\Windows\System32\ikeext.dll
21:04:46.0832 5568 IKEEXT - ok
21:04:47.0862 5568 IntcAzAudAddService (fe912e4a9719a9792669debb403cb9b1) C:\Windows\system32\drivers\RTKVHDA.sys
21:04:48.0034 5568 IntcAzAudAddService - ok
21:04:48.0252 5568 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:04:48.0283 5568 intelide - ok
21:04:48.0408 5568 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:04:48.0439 5568 intelppm - ok
21:04:48.0486 5568 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
21:04:48.0533 5568 IPBusEnum - ok
21:04:48.0580 5568 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:04:48.0611 5568 IpFilterDriver - ok
21:04:48.0782 5568 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
21:04:48.0829 5568 iphlpsvc - ok
21:04:48.0829 5568 IpInIp - ok
21:04:48.0907 5568 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:04:48.0938 5568 IPMIDRV - ok
21:04:49.0016 5568 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:04:49.0032 5568 IPNAT - ok
21:04:49.0313 5568 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
21:04:49.0344 5568 iPod Service - ok
21:04:49.0484 5568 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:04:49.0531 5568 IRENUM - ok
21:04:49.0578 5568 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:04:49.0594 5568 isapnp - ok
21:04:49.0656 5568 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
21:04:49.0672 5568 iScsiPrt - ok
21:04:49.0687 5568 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:04:49.0703 5568 iteatapi - ok
21:04:49.0718 5568 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:04:49.0734 5568 iteraid - ok
21:04:49.0781 5568 JMCR (8da4444217d286fdd3a4ed6b4ac5c635) C:\Windows\system32\DRIVERS\jmcr.sys
21:04:49.0828 5568 JMCR - ok
21:04:49.0843 5568 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:04:49.0859 5568 kbdclass - ok
21:04:49.0874 5568 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
21:04:49.0921 5568 kbdhid - ok
21:04:49.0937 5568 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
21:04:49.0984 5568 KeyIso - ok
21:04:50.0062 5568 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
21:04:50.0077 5568 KSecDD - ok
21:04:50.0155 5568 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
21:04:50.0264 5568 KtmRm - ok
21:04:50.0342 5568 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
21:04:50.0374 5568 LanmanServer - ok
21:04:50.0452 5568 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
21:04:50.0498 5568 LanmanWorkstation - ok
21:04:50.0576 5568 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:04:50.0608 5568 lltdio - ok
21:04:50.0701 5568 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
21:04:50.0779 5568 lltdsvc - ok
21:04:50.0810 5568 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
21:04:50.0857 5568 lmhosts - ok
21:04:50.0998 5568 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:04:51.0013 5568 LSI_FC - ok
21:04:51.0076 5568 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:04:51.0091 5568 LSI_SAS - ok
21:04:51.0138 5568 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:04:51.0138 5568 LSI_SCSI - ok
21:04:51.0216 5568 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:04:51.0247 5568 luafv - ok
21:04:51.0294 5568 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
21:04:51.0310 5568 Mcx2Svc - ok
21:04:51.0325 5568 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:04:51.0341 5568 megasas - ok
21:04:51.0388 5568 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:04:51.0434 5568 MegaSR - ok
21:04:51.0497 5568 MF2ACT (49ec57c888a591a0256da2fbcb95eab0) C:\Windows\system32\Drivers\MF2ACT.sys
21:04:51.0544 5568 MF2ACT - ok
21:04:51.0606 5568 mf2nt (1215cd6d0991640a6873939d9f015355) C:\Windows\system32\drivers\mf2nt.sys
21:04:51.0653 5568 mf2nt ( UnsignedFile.Multi.Generic ) - warning
21:04:51.0653 5568 mf2nt - detected UnsignedFile.Multi.Generic (1)
21:04:51.0653 5568 MGHwCtrl - ok
21:04:51.0700 5568 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:04:51.0731 5568 MMCSS - ok
21:04:51.0762 5568 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:04:51.0809 5568 Modem - ok
21:04:51.0871 5568 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:04:51.0902 5568 monitor - ok
21:04:51.0918 5568 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:04:51.0934 5568 mouclass - ok
21:04:51.0949 5568 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:04:51.0980 5568 mouhid - ok
21:04:52.0058 5568 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:04:52.0074 5568 MountMgr - ok
21:04:52.0230 5568 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:04:52.0246 5568 MozillaMaintenance - ok
21:04:52.0324 5568 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:04:52.0339 5568 mpio - ok
21:04:52.0370 5568 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:04:52.0417 5568 mpsdrv - ok
21:04:52.0480 5568 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
21:04:52.0542 5568 MpsSvc - ok
21:04:52.0589 5568 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:04:52.0589 5568 Mraid35x - ok
21:04:52.0745 5568 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
21:04:52.0792 5568 MRxDAV - ok
21:04:52.0823 5568 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:04:52.0870 5568 mrxsmb - ok
21:04:52.0979 5568 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:04:53.0041 5568 mrxsmb10 - ok
21:04:53.0119 5568 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:04:53.0150 5568 mrxsmb20 - ok
21:04:53.0244 5568 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
21:04:53.0260 5568 msahci - ok
21:04:53.0291 5568 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:04:53.0306 5568 msdsm - ok
21:04:53.0416 5568 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
21:04:53.0447 5568 MSDTC - ok
21:04:53.0478 5568 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:04:53.0556 5568 Msfs - ok
21:04:53.0587 5568 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:04:53.0587 5568 msisadrv - ok
21:04:53.0665 5568 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
21:04:53.0696 5568 MSiSCSI - ok
21:04:53.0696 5568 msiserver - ok
21:04:53.0759 5568 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:04:53.0790 5568 MSKSSRV - ok
21:04:53.0806 5568 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:04:53.0868 5568 MSPCLOCK - ok
21:04:53.0899 5568 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:04:53.0930 5568 MSPQM - ok
21:04:53.0977 5568 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
21:04:53.0977 5568 MsRPC - ok
21:04:54.0040 5568 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:04:54.0055 5568 mssmbios - ok
21:04:54.0086 5568 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:04:54.0102 5568 MSTEE - ok
21:04:54.0149 5568 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
21:04:54.0149 5568 Mup - ok
21:04:54.0258 5568 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
21:04:54.0289 5568 napagent - ok
21:04:54.0352 5568 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
21:04:54.0398 5568 NativeWifiP - ok
21:04:54.0445 5568 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
21:04:54.0461 5568 NDIS - ok
21:04:54.0476 5568 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:04:54.0492 5568 NdisTapi - ok
21:04:54.0554 5568 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:04:54.0586 5568 Ndisuio - ok
21:04:54.0617 5568 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
21:04:54.0648 5568 NdisWan - ok
21:04:54.0695 5568 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:04:54.0710 5568 NDProxy - ok
21:04:54.0944 5568 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
21:04:54.0991 5568 Nero BackItUp Scheduler 3 - ok
21:04:55.0038 5568 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:04:55.0085 5568 NetBIOS - ok
21:04:55.0178 5568 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
21:04:55.0256 5568 netbt - ok
21:04:55.0319 5568 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
21:04:55.0334 5568 Netlogon - ok
21:04:55.0366 5568 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
21:04:55.0428 5568 Netman - ok
21:04:55.0475 5568 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
21:04:55.0537 5568 netprofm - ok
21:04:55.0631 5568 netr28 (3f540b257442cc1a2220dd8f73ac1c77) C:\Windows\system32\DRIVERS\netr28.sys
21:04:55.0693 5568 netr28 - ok
21:04:55.0771 5568 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:04:55.0787 5568 NetTcpPortSharing - ok
21:04:55.0818 5568 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:04:55.0834 5568 nfrd960 - ok
21:04:55.0849 5568 NishService - ok
21:04:55.0912 5568 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
21:04:55.0958 5568 NlaSvc - ok
21:04:56.0083 5568 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
21:04:56.0114 5568 NMIndexingService - ok
21:04:56.0146 5568 nosGetPlusHelper (f44addbf29905cb19f52fc9fe6a0efa1) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
21:04:56.0161 5568 nosGetPlusHelper - ok
21:04:56.0239 5568 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
21:04:56.0270 5568 Npfs - ok
21:04:56.0333 5568 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
21:04:56.0348 5568 nsi - ok
21:04:56.0395 5568 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:04:56.0442 5568 nsiproxy - ok
21:04:56.0582 5568 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
21:04:56.0645 5568 Ntfs - ok
21:04:56.0692 5568 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:04:56.0754 5568 ntrigdigi - ok
21:04:56.0754 5568 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:04:56.0816 5568 Null - ok
21:04:56.0848 5568 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:04:56.0848 5568 nvraid - ok
21:04:56.0863 5568 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:04:56.0879 5568 nvstor - ok
21:04:56.0894 5568 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:04:56.0910 5568 nv_agp - ok
21:04:56.0910 5568 NwlnkFlt - ok
21:04:56.0910 5568 NwlnkFwd - ok
21:04:57.0113 5568 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:04:57.0144 5568 odserv - ok
21:04:57.0206 5568 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
21:04:57.0253 5568 ohci1394 - ok
21:04:57.0440 5568 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
21:04:57.0456 5568 OMSI download service ( UnsignedFile.Multi.Generic ) - warning
21:04:57.0456 5568 OMSI download service - detected UnsignedFile.Multi.Generic (1)
21:04:57.0503 5568 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:04:57.0518 5568 ose - ok
21:04:57.0643 5568 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
21:04:57.0737 5568 p2pimsvc - ok
21:04:57.0737 5568 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
21:04:57.0768 5568 p2psvc - ok
21:04:57.0799 5568 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:04:57.0862 5568 Parport - ok
21:04:57.0940 5568 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
21:04:57.0955 5568 partmgr - ok
21:04:58.0002 5568 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:04:58.0049 5568 Parvdm - ok
21:04:58.0096 5568 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
21:04:58.0127 5568 PcaSvc - ok
21:04:58.0174 5568 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
21:04:58.0189 5568 pci - ok
21:04:58.0236 5568 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
21:04:58.0345 5568 pciide - ok
21:04:58.0423 5568 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:04:58.0439 5568 pcmcia - ok
21:04:58.0532 5568 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:04:58.0735 5568 PEAUTH - ok
21:04:58.0876 5568 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
21:04:59.0032 5568 pla - ok
21:04:59.0468 5568 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
21:04:59.0484 5568 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
21:04:59.0484 5568 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
21:04:59.0858 5568 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
21:04:59.0905 5568 PlugPlay - ok
21:05:00.0077 5568 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
21:05:00.0092 5568 PNRPAutoReg - ok
21:05:00.0108 5568 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
21:05:00.0124 5568 PNRPsvc - ok
21:05:00.0202 5568 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
21:05:00.0264 5568 PolicyAgent - ok
21:05:00.0529 5568 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:05:00.0576 5568 PptpMiniport - ok
21:05:00.0685 5568 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:05:00.0716 5568 Processor - ok
21:05:00.0826 5568 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
21:05:00.0888 5568 ProfSvc - ok
21:05:00.0919 5568 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
21:05:00.0935 5568 ProtectedStorage - ok
21:05:01.0013 5568 ProtexisLicensing (f115af58abe5605d7d709cbfbd83f418) C:\Windows\system32\PSIService.exe
21:05:01.0028 5568 ProtexisLicensing - ok
21:05:01.0044 5568 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
21:05:01.0075 5568 PSched - ok
21:05:01.0184 5568 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:05:01.0278 5568 ql2300 - ok
21:05:01.0356 5568 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:05:01.0372 5568 ql40xx - ok
21:05:01.0434 5568 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
21:05:01.0481 5568 QWAVE - ok
21:05:01.0621 5568 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:05:01.0668 5568 QWAVEdrv - ok
21:05:01.0715 5568 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:05:01.0762 5568 RasAcd - ok
21:05:01.0777 5568 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
21:05:01.0824 5568 RasAuto - ok
21:05:02.0058 5568 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:05:02.0089 5568 Rasl2tp - ok
21:05:02.0136 5568 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
21:05:02.0167 5568 RasMan - ok
21:05:02.0198 5568 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
21:05:02.0230 5568 RasPppoe - ok
21:05:02.0261 5568 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
21:05:02.0276 5568 RasSstp - ok
21:05:02.0323 5568 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
21:05:02.0432 5568 rdbss - ok
21:05:02.0464 5568 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:05:02.0510 5568 RDPCDD - ok
21:05:02.0573 5568 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:05:02.0604 5568 rdpdr - ok
21:05:02.0604 5568 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:05:02.0651 5568 RDPENCDD - ok
21:05:02.0776 5568 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
21:05:02.0854 5568 RDPWD - ok
21:05:02.0900 5568 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
21:05:02.0932 5568 RemoteAccess - ok
21:05:03.0181 5568 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
21:05:03.0212 5568 RemoteRegistry - ok
21:05:03.0431 5568 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:05:03.0478 5568 RichVideo ( UnsignedFile.Multi.Generic ) - warning
21:05:03.0478 5568 RichVideo - detected UnsignedFile.Multi.Generic (1)
21:05:03.0509 5568 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
21:05:03.0540 5568 RpcLocator - ok
21:05:03.0634 5568 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
21:05:03.0649 5568 RpcSs - ok
21:05:03.0743 5568 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:05:03.0758 5568 rspndr - ok
21:05:03.0836 5568 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
21:05:03.0899 5568 RTL8169 - ok
21:05:03.0992 5568 s0017bus (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys
21:05:03.0992 5568 s0017bus - ok
21:05:04.0039 5568 s0017mdfl (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys
21:05:04.0055 5568 s0017mdfl - ok
21:05:04.0117 5568 s0017mdm (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys
21:05:04.0117 5568 s0017mdm - ok
21:05:04.0211 5568 s0017mgmt (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys
21:05:04.0226 5568 s0017mgmt - ok
21:05:04.0258 5568 s0017nd5 (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys
21:05:04.0273 5568 s0017nd5 - ok
21:05:04.0304 5568 s0017obex (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys
21:05:04.0320 5568 s0017obex - ok
21:05:04.0351 5568 s0017unic (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys
21:05:04.0367 5568 s0017unic - ok
21:05:04.0460 5568 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys
21:05:04.0476 5568 s1018bus - ok
21:05:04.0492 5568 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys
21:05:04.0492 5568 s1018mdfl - ok
21:05:04.0538 5568 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys
21:05:04.0554 5568 s1018mdm - ok
21:05:04.0632 5568 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys
21:05:04.0663 5568 s1018mgmt - ok
21:05:04.0694 5568 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys
21:05:04.0710 5568 s1018nd5 - ok
21:05:04.0741 5568 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys
21:05:04.0757 5568 s1018obex - ok
21:05:04.0882 5568 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys
21:05:04.0897 5568 s1018unic - ok
21:05:04.0960 5568 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
21:05:04.0975 5568 SamSs - ok
21:05:05.0272 5568 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:05:05.0318 5568 sbp2port - ok
21:05:05.0412 5568 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
21:05:05.0474 5568 SCardSvr - ok
21:05:05.0568 5568 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
21:05:05.0630 5568 Schedule - ok
21:05:05.0677 5568 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
21:05:05.0708 5568 SCPolicySvc - ok
21:05:05.0740 5568 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
21:05:05.0771 5568 sdbus - ok
21:05:05.0818 5568 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
21:05:05.0896 5568 SDRSVC - ok
21:05:05.0911 5568 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:05:05.0974 5568 secdrv - ok
21:05:06.0036 5568 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
21:05:06.0067 5568 seclogon - ok
21:05:06.0176 5568 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
21:05:06.0223 5568 seehcri - ok
21:05:06.0239 5568 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
21:05:06.0270 5568 SENS - ok
21:05:06.0301 5568 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:05:06.0364 5568 Serenum - ok
21:05:06.0457 5568 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:05:06.0520 5568 Serial - ok
21:05:06.0535 5568 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:05:06.0566 5568 sermouse - ok
21:05:06.0754 5568 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
21:05:06.0785 5568 SessionEnv - ok
21:05:06.0800 5568 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:05:06.0816 5568 sffdisk - ok
21:05:06.0878 5568 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:05:06.0910 5568 sffp_mmc - ok
21:05:06.0941 5568 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:05:07.0019 5568 sffp_sd - ok
21:05:07.0066 5568 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:05:07.0190 5568 sfloppy - ok
21:05:07.0315 5568 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
21:05:07.0362 5568 SharedAccess - ok
21:05:07.0456 5568 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
21:05:07.0534 5568 ShellHWDetection - ok
21:05:07.0549 5568 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:05:07.0565 5568 sisagp - ok
21:05:07.0643 5568 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:05:07.0658 5568 SiSRaid2 - ok
21:05:07.0705 5568 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:05:07.0721 5568 SiSRaid4 - ok
21:05:08.0251 5568 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
21:05:08.0360 5568 slsvc - ok
21:05:08.0563 5568 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
21:05:08.0610 5568 SLUINotify - ok
21:05:08.0688 5568 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
21:05:08.0735 5568 Smb - ok
21:05:08.0797 5568 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
21:05:08.0813 5568 SNMPTRAP - ok
21:05:08.0860 5568 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:05:08.0860 5568 spldr - ok
21:05:08.0938 5568 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
21:05:08.0984 5568 Spooler - ok
21:05:09.0094 5568 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
21:05:09.0140 5568 srv - ok
21:05:09.0312 5568 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
21:05:09.0343 5568 srv2 - ok
21:05:09.0468 5568 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
21:05:09.0515 5568 srvnet - ok
21:05:09.0671 5568 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
21:05:09.0718 5568 SSDPSRV - ok
21:05:09.0749 5568 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:05:09.0764 5568 ssmdrv - ok
21:05:09.0811 5568 SSPORT (5f77725ec309de1242d8efc8e9259a9f) C:\Windows\system32\Drivers\SSPORT.sys
21:05:09.0842 5568 SSPORT ( UnsignedFile.Multi.Generic ) - warning
21:05:09.0842 5568 SSPORT - detected UnsignedFile.Multi.Generic (1)
21:05:09.0889 5568 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
21:05:09.0920 5568 SstpSvc - ok
21:05:09.0998 5568 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
21:05:10.0014 5568 stisvc - ok
21:05:10.0045 5568 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:05:10.0061 5568 swenum - ok
21:05:10.0139 5568 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
21:05:10.0170 5568 swprv - ok
21:05:10.0232 5568 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:05:10.0232 5568 Symc8xx - ok
21:05:10.0248 5568 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:05:10.0264 5568 Sym_hi - ok
21:05:10.0295 5568 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:05:10.0295 5568 Sym_u3 - ok
21:05:10.0498 5568 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
21:05:10.0560 5568 SysMain - ok
21:05:10.0622 5568 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
21:05:10.0685 5568 TabletInputService - ok
21:05:10.0934 5568 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
21:05:10.0997 5568 TapiSrv - ok
21:05:11.0075 5568 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
21:05:11.0122 5568 TBS - ok
21:05:11.0262 5568 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
21:05:11.0387 5568 Tcpip - ok
21:05:11.0402 5568 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
21:05:11.0449 5568 Tcpip6 - ok
21:05:11.0590 5568 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
21:05:11.0652 5568 tcpipreg - ok
21:05:11.0683 5568 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:05:11.0730 5568 TDPIPE - ok
21:05:11.0746 5568 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:05:11.0777 5568 TDTCP - ok
21:05:11.0808 5568 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
21:05:11.0902 5568 tdx - ok
21:05:12.0011 5568 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
21:05:12.0026 5568 TermDD - ok
21:05:12.0073 5568 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
21:05:12.0120 5568 TermService - ok
21:05:12.0214 5568 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
21:05:12.0245 5568 Themes - ok
21:05:12.0307 5568 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:05:12.0323 5568 THREADORDER - ok
21:05:12.0385 5568 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
21:05:12.0416 5568 TrkWks - ok
21:05:12.0494 5568 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
21:05:12.0526 5568 TrustedInstaller - ok
21:05:12.0619 5568 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:05:12.0666 5568 tssecsrv - ok
21:05:12.0697 5568 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:05:12.0713 5568 tunmp - ok
21:05:12.0760 5568 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
21:05:12.0775 5568 tunnel - ok
21:05:12.0853 5568 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:05:12.0853 5568 uagp35 - ok
21:05:12.0900 5568 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
21:05:12.0947 5568 udfs - ok
21:05:13.0056 5568 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
21:05:13.0118 5568 UI0Detect - ok
21:05:13.0274 5568 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:05:13.0290 5568 uliagpkx - ok
21:05:13.0337 5568 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:05:13.0368 5568 uliahci - ok
21:05:13.0399 5568 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:05:13.0415 5568 UlSata - ok
21:05:13.0571 5568 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:05:13.0571 5568 ulsata2 - ok
21:05:13.0680 5568 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:05:13.0727 5568 umbus - ok
21:05:14.0023 5568 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
21:05:14.0070 5568 upnphost - ok
21:05:14.0117 5568 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
21:05:14.0132 5568 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
21:05:14.0132 5568 USBAAPL - detected UnsignedFile.Multi.Generic (1)
21:05:14.0195 5568 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:05:14.0226 5568 usbccgp - ok
21:05:14.0288 5568 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:05:14.0366 5568 usbcir - ok
21:05:14.0429 5568 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
21:05:14.0476 5568 usbehci - ok
21:05:14.0538 5568 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
21:05:14.0600 5568 usbhub - ok
21:05:14.0632 5568 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:05:14.0678 5568 usbohci - ok
21:05:14.0725 5568 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:05:14.0741 5568 usbprint - ok
21:05:14.0819 5568 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:05:14.0834 5568 USBSTOR - ok
21:05:14.0866 5568 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:05:14.0912 5568 usbuhci - ok
21:05:15.0053 5568 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
21:05:15.0068 5568 usnjsvc - ok
21:05:15.0115 5568 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
21:05:15.0162 5568 UxSms - ok
21:05:15.0583 5568 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
21:05:15.0677 5568 vds - ok
21:05:15.0739 5568 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:05:15.0770 5568 vga - ok
21:05:15.0880 5568 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:05:15.0942 5568 VgaSave - ok
21:05:16.0129 5568 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:05:16.0177 5568 viaagp - ok
21:05:16.0208 5568 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:05:16.0239 5568 ViaC7 - ok
21:05:16.0255 5568 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:05:16.0271 5568 viaide - ok
21:05:16.0411 5568 VmbService (7e4769483d416aa04b916aab7ef0dbaf) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:05:16.0411 5568 VmbService ( UnsignedFile.Multi.Generic ) - warning
21:05:16.0411 5568 VmbService - detected UnsignedFile.Multi.Generic (1)
21:05:16.0427 5568 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:05:16.0442 5568 volmgr - ok
21:05:16.0520 5568 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
21:05:16.0536 5568 volmgrx - ok
21:05:16.0614 5568 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
21:05:16.0629 5568 volsnap - ok
21:05:16.0676 5568 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:05:16.0692 5568 vsmraid - ok
21:05:17.0144 5568 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
21:05:17.0253 5568 VSS - ok
21:05:17.0285 5568 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
21:05:17.0363 5568 W32Time - ok
21:05:17.0441 5568 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:05:17.0519 5568 WacomPen - ok
21:05:17.0612 5568 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:05:17.0659 5568 Wanarp - ok
21:05:17.0659 5568 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:05:17.0675 5568 Wanarpv6 - ok
21:05:17.0737 5568 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
21:05:17.0768 5568 wcncsvc - ok
21:05:17.0815 5568 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
21:05:17.0877 5568 WcsPlugInService - ok
21:05:17.0940 5568 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:05:17.0955 5568 Wd - ok
21:05:18.0033 5568 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:05:18.0080 5568 Wdf01000 - ok
21:05:18.0096 5568 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:05:18.0143 5568 WdiServiceHost - ok
21:05:18.0143 5568 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:05:18.0174 5568 WdiSystemHost - ok
21:05:18.0423 5568 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
21:05:18.0455 5568 WebClient - ok
21:05:18.0595 5568 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
21:05:18.0642 5568 Wecsvc - ok
21:05:18.0704 5568 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
21:05:18.0735 5568 wercplsupport - ok
21:05:18.0782 5568 WerSvc (4081288554294f144e5a7d4ee20e3ce6) C:\Windows\System32\WerSvc.dll
21:05:18.0813 5568 WerSvc - ok
21:05:18.0969 5568 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
21:05:18.0985 5568 WinDefend - ok
21:05:18.0985 5568 WinHttpAutoProxySvc - ok
21:05:19.0203 5568 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
21:05:19.0235 5568 Winmgmt - ok
21:05:19.0328 5568 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
21:05:19.0406 5568 WinRM - ok
21:05:19.0515 5568 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
21:05:19.0547 5568 Wlansvc - ok
21:05:19.0671 5568 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
21:05:19.0718 5568 WLSetupSvc - ok
21:05:19.0781 5568 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
21:05:19.0827 5568 WmiAcpi - ok
21:05:20.0420 5568 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
21:05:20.0514 5568 wmiApSrv - ok
21:05:20.0748 5568 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:05:20.0841 5568 WMPNetworkSvc - ok
21:05:20.0888 5568 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
21:05:20.0951 5568 WPCSvc - ok
21:05:20.0982 5568 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
21:05:21.0013 5568 WPDBusEnum - ok
21:05:21.0091 5568 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
21:05:21.0122 5568 WpdUsb - ok
21:05:21.0169 5568 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:05:21.0200 5568 ws2ifsl - ok
21:05:21.0309 5568 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
21:05:21.0325 5568 wscsvc - ok
21:05:21.0341 5568 WSearch - ok
21:05:21.0684 5568 WTGService (67c1bcccb4b59552bd62827f812a3a8b) C:\Program Files\XSManager\WTGService.exe
21:05:21.0699 5568 WTGService - ok
21:05:22.0199 5568 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
21:05:22.0355 5568 wuauserv - ok
21:05:22.0823 5568 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:05:22.0885 5568 WUDFRd - ok
21:05:22.0901 5568 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
21:05:22.0947 5568 wudfsvc - ok
21:05:22.0994 5568 XMLDIUSB (eec2098940e9a0804b25dd6be3676224) C:\Windows\system32\Drivers\XMLDIUSB.sys
21:05:23.0041 5568 XMLDIUSB - ok
21:05:23.0088 5568 XS Stick Service (4a8de57515970066e1afc562cbe818c7) C:\Windows\service4g.exe
21:05:23.0103 5568 XS Stick Service - ok
21:05:23.0244 5568 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:05:24.0461 5568 \Device\Harddisk0\DR0 - ok
21:05:24.0492 5568 Boot (0x1200) (dd153639ed9a486481e164549cb6200d) \Device\Harddisk0\DR0\Partition0
21:05:24.0492 5568 \Device\Harddisk0\DR0\Partition0 - ok
21:05:24.0523 5568 Boot (0x1200) (c362d02326c1edd424d6f2cb926cd2c8) \Device\Harddisk0\DR0\Partition1
21:05:24.0523 5568 \Device\Harddisk0\DR0\Partition1 - ok
21:05:24.0523 5568 ============================================================
21:05:24.0523 5568 Scan finished
21:05:24.0523 5568 ============================================================
21:05:24.0539 5560 Detected object count: 9
21:05:24.0539 5560 Actual detected object count: 9
21:07:25.0907 5560 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0907 5560 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0907 5560 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0907 5560 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0907 5560 mf2nt ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0907 5560 mf2nt ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0907 5560 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0907 5560 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0907 5560 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0907 5560 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0907 5560 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0922 5560 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0922 5560 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0922 5560 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0922 5560 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0922 5560 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:25.0922 5560 VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:25.0922 5560 VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
17.07.2012, 11:00
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.07.2012, 16:46
| #21 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hallo, unten stehend das Log von ComboFix. Gruß Code:
ATTFilter Combofix Logfile: |
|
18.07.2012, 15:31
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter Folder::
c:\users\Max Mustermann\AppData\Roaming\Orabli
Firefox::
FF - ProfilePath - c:\users\Max Mustermann\AppData\Roaming\Mozilla\Firefox\Profiles\6bxs5b0k.default\
FF - prefs.js: browser.startup.homepage - google.de/news
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.07.2012, 17:31
| #23 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hallo, hier die neue Log-Datei. Gruß Code:
ATTFilter Combofix Logfile: |
|
19.07.2012, 09:36
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.07.2012, 14:02
| #25 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hallo Arne, GMER ist tatsächlich abgestürtzt. Unten die Log-Files von OSAM und aswMBR. Gruß Code:
ATTFilter OSAM Logfile: Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-19 14:41:28
-----------------------------
14:41:28.599 OS Version: Windows 6.0.6001 Service Pack 1
14:41:28.599 Number of processors: 2 586 0xF0D
14:41:28.600 ComputerName: MaxMustermann-PC UserName: Max Mustermann
14:41:29.942 Initialize success
14:42:13.888 AVAST engine defs: 12071901
14:43:31.019 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:43:31.022 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
14:43:31.071 Disk 0 MBR read successfully
14:43:31.074 Disk 0 MBR scan
14:43:31.081 Disk 0 Windows VISTA default MBR code
14:43:31.130 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 285244 MB offset 2048
14:43:31.157 Disk 0 Partition 2 00 0C FAT32 LBA MSWIN4.1 19999 MB offset 584181760
14:43:31.165 Disk 0 scanning sectors +625139712
14:43:31.241 Disk 0 scanning C:\Windows\system32\drivers
14:43:42.206 Service scanning
14:44:03.257 Modules scanning
14:44:06.963 Disk 0 trace - called modules:
14:44:06.981 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys ndis.sys netr28.sys
14:44:06.987 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d46ac8]
14:44:06.993 3 CLASSPNP.SYS[8adaa745] -> nt!IofCallDriver -> [0x85b43de8]
14:44:06.999 5 acpi.sys[806926a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85aee830]
14:44:08.483 AVAST engine scan C:\Windows
14:44:13.375 AVAST engine scan C:\Windows\system32
14:47:05.157 AVAST engine scan C:\Windows\system32\drivers
14:47:26.137 AVAST engine scan C:\Users\Max Mustermann
14:53:15.811 AVAST engine scan C:\ProgramData
14:54:43.990 Scan finished successfully
14:57:03.926 Disk 0 MBR has been saved successfully to "C:\Users\Max Mustermann\Desktop\System_Fix_Jul2012\MBR.dat"
14:57:03.935 The log file has been saved successfully to "C:\Users\Max Mustermann\Desktop\System_Fix_Jul2012\aswMBR_20120719.txt"
|
|
19.07.2012, 19:36
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.07.2012, 09:54
| #27 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hi, hier die Logs von MBAM und SUPER Anti Spyware. Gruß Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.20.04 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Max Mustermann :: MaxMustermann-PC [Administrator] 20.07.2012 13:53:05 mbam-log-2012-07-20 (16-17-38).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377407 Laufzeit: 2 Stunde(n), 16 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\_OTL\MovedFiles\07152012_114655\C_Users\Max Mustermann\AppData\Roaming\Ereta\ifmuu.exe (Spyware.Zbot.RR) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/20/2012 at 05:51 PM
Application Version : 5.5.1006
Core Rules Database Version : 8933
Trace Rules Database Version: 6745
Scan type : Complete Scan
Total Scan Time : 01:23:40
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Administrator
Memory items scanned : 779
Memory threats detected : 0
Registry items scanned : 35872
Registry threats detected : 0
File items scanned : 49858
File threats detected : 30
Adware.Tracking Cookie
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@ad.zanox[2].txt [ /ad.zanox ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@ad1.adfarm1.adition[2].txt [ /ad1.adfarm1.adition ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@adfarm1.adition[1].txt [ /adfarm1.adition ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@adform[1].txt [ /adform ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@apmebf[1].txt [ /apmebf ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@atdmt[2].txt [ /atdmt ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@doubleclick[1].txt [ /doubleclick ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@dyntracker[1].txt [ /dyntracker ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@fastclick[2].txt [ /fastclick ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@mediaplex[1].txt [ /mediaplex ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@smartadserver[2].txt [ /smartadserver ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@track.adform[2].txt [ /track.adform ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@tracking.quisma[1].txt [ /tracking.quisma ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@www.zanox-affiliate[2].txt [ /www.zanox-affiliate ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@zanox-affiliate[2].txt [ /zanox-affiliate ]
C:\Users\Max Mustermann\AppData\Roaming\Microsoft\Windows\Cookies\Max_Mustermann@zanox[2].txt [ /zanox ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@tracking.quisma[1].txt [ Cookie:Max Mustermann@tracking.quisma.com/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@zanox[2].txt [ Cookie:Max Mustermann@zanox.com/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@adform[1].txt [ Cookie:Max Mustermann@adform.net/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@atdmt[2].txt [ Cookie:Max Mustermann@atdmt.com/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@www.zanox-affiliate[2].txt [ Cookie:Max Mustermann@www.zanox-affiliate.de/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@apmebf[1].txt [ Cookie:Max Mustermann@apmebf.com/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@doubleclick[1].txt [ Cookie:Max Mustermann@doubleclick.net/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@ad.zanox[2].txt [ Cookie:Max Mustermann@ad.zanox.com/ ]
C:\USERS\Max Mustermann\Cookies\Max_Mustermann@ad1.adfarm1.adition[2].txt [ Cookie:Max Mustermann@ad1.adfarm1.adition.com/ ]
.doubleclick.net [ C:\USERS\Max Mustermann\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.divx.112.2o7.net [ C:\USERS\Max Mustermann\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\Max Mustermann\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\Max Mustermann\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Trojan.Agent/Gen-Dlg
C:\_OTL\MOVEDFILES\07152012_114655\C_USERS\Max Mustermann\APPDATA\ROAMING\ERETA\IFMUU.EXE
|
|
23.07.2012, 12:01
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Sieht ok aus, da wurden nur Cookies und Schädlinge in der Q von OTL gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.07.2012, 21:18
| #29 |
| | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Hallo, jetzt ist alles in Ordnung. Prima, danke für die geduldige und kompetente Unterstützung!  Viele Grüße |
|
26.07.2012, 14:16
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Brauche Hilfe: Entfernen des Trojaners "BUNDESPOLIZEI - Ihr Computer wurde gesperrt" |
| abgesicherten, avira rescue, brauche, computer, desktop, ebenfalls, entfernen, gesperrt, hallo zusammen, infizierte, log-datei, malwarebytes, programm, quarantäne, rechner, spyware.zbot.rr, system, trojan.agent/gen-dlg, trojan.winlock.g, trojaner, trojaner bundespolizei entfernen, win32/adware.adon, win32/softonicdownloader.a |
