| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Was tun nach "Live Security Platinum" VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.07.2012, 01:00
| #1 |
 |  Was tun nach "Live Security Platinum" Virus Also erstmal: Ich besitze ein System mit Windows 7 64 bit, ehe ich es später vergesse. Heute im Laufe des Tages musste ich dann den "Live Security Platinum"- Virus feststellen, da so gut wie alle Programme beendet waren, Explorer nicht funktionierten. Internet war aber noch da und auch .exe-Dateien konnte ich ausführen. Ich habe mir dann Malwarebytes Anti-Maleware runtergeladen und im Abgesichterten Modus (mit Netzwerktreibern jedoch, zum runterladen) mein System prüfen lassen. Der Virus wurde erkannt, ich habe ihn damit entfernt und dann ging das System erstmal wieder so wie es sein soll. Ich habe jedoch an dem Pc momentan 3 externe Festplatten angeschlossen und nun würde ich gerne irgendwie erfahren, ob diese jetzt "verseucht" sind, ob der rest meines Systems verseucht ist etc. Ich habe dann anschließend mit OTL scannen lassen. Danach nocheinmal mit Emsisoft den gescannt. Dabei wurden dann noch "Trace.File.Livesecurityplatinum!E1" und noch "Trojan.Java.Downloader!E2" gefunden und gelöscht. (OTL= Vor Emsisoft scan und OTL2 danach) Habe ich da jetzt Fehler gemacht? oder ist alles in Ordnung? Wie kann ich sichergehen, dass die Externen sauber sind? etc. |
|
16.07.2012, 16:09
| #2 |
| /// Helfer-Team  | Was tun nach "Live Security Platinum" Virus Fixen mit OTL
__________________Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
[2012.04.18 00:43:38 | 000,002,048 | -HS- | C] () -- C:\Users\Philip\AppData\Local\{79a1fb19-f922-7661-cfde-edd71a9dce1f}\@
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________ |
|
16.07.2012, 17:21
| #3 |
| | Was tun nach "Live Security Platinum" Virus Ich habe den Text nun kopiert, und damit gefixt.
__________________Jetzt sehe ich teils "unsichtbare" dateien, kann aber keinen Logfile finden. Also ich wurde automatisch abgemeldet, und danach war kein Logfile da. In dem Pfad "C:\_OTL\MovedFiles\07162012_175621\C_Users\Philip\AppData\Local\{79a1fb19-f922-7661-cfde-edd71a9dce1f}" sind nur immer jeweils der Ordner, und am ende eine versteckte Systemdatei namens "@". Wie bekomme ich jetzt einen Logfile? Nochmal mit OTL Scannen? |
|
16.07.2012, 17:24
| #4 |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Ja, versuche es nochmal mit dem Fix. |
|
16.07.2012, 17:43
| #5 |
| | Was tun nach "Live Security Platinum" Virus Ja jetzt hat es funktioniert. Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
File C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\Users\Philip\AppData\Local\{79a1fb19-f922-7661-cfde-edd71a9dce1f}\@ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Philip\Desktop\cmd.bat deleted successfully.
C:\Users\Philip\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Philip
->Temp folder emptied: 193531283 bytes
->Temporary Internet Files folder emptied: 161712983 bytes
->Java cache emptied: 147151 bytes
->FireFox cache emptied: 722014783 bytes
->Flash cache emptied: 25684 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 176623323 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36028471 bytes
RecycleBin emptied: 226839 bytes
Total Files Cleaned = 1.231,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Philip
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 07162012_183925
Files\Folders moved on Reboot...
C:\Users\Philip\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Philip\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
16.07.2012, 18:53
| #6 |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Sehr gut!  Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> Was tun nach "Live Security Platinum" Virus |
|
16.07.2012, 19:38
| #7 |
| | Was tun nach "Live Security Platinum" Virus Hier der Inhalt der Textdatei: Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/16/2012 at 20:36:09
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Philip - PHILIP-PC
# Running from : C:\Users\Philip\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v13.0.1 (de)
Profile name : default
File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\nr386reb.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [954 octets] - [16/07/2012 20:36:09]
########## EOF - C:\AdwCleaner[R1].txt - [1081 octets] ##########
|
|
16.07.2012, 19:56
| #8 |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Sehr gut!
danach: TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung. |
|
16.07.2012, 20:36
| #9 |
| | Was tun nach "Live Security Platinum" Virus Hier ist der ADWcleaner log: Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/16/2012 at 21:32:20
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Philip - PHILIP-PC
# Running from : C:\Users\Philip\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v13.0.1 (de)
Profile name : default
File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\nr386reb.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1080 octets] - [16/07/2012 20:36:09]
AdwCleaner[R2].txt - [1141 octets] - [16/07/2012 21:18:08]
AdwCleaner[S1].txt - [949 octets] - [16/07/2012 21:32:20]
########## EOF - C:\AdwCleaner[S1].txt - [1076 octets] ##########
Also bei dem TDSSKiller wurde zuerst gar nichts gefunden, danach (ich hatte bei 2 sachen unten optional dann den haken gesetzt) wurden 2 medium-rist sachen gefunden. Hier der Log: Code:
ATTFilter 21:36:47.0247 2676 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
21:36:47.0466 2676 ============================================================
21:36:47.0466 2676 Current date / time: 2012/07/16 21:36:47.0466
21:36:47.0466 2676 SystemInfo:
21:36:47.0466 2676
21:36:47.0466 2676 OS Version: 6.1.7601 ServicePack: 1.0
21:36:47.0466 2676 Product type: Workstation
21:36:47.0481 2676 ComputerName: PHILIP-PC
21:36:47.0481 2676 UserName: Philip
21:36:47.0481 2676 Windows directory: C:\Windows
21:36:47.0481 2676 System windows directory: C:\Windows
21:36:47.0481 2676 Running under WOW64
21:36:47.0481 2676 Processor architecture: Intel x64
21:36:47.0481 2676 Number of processors: 6
21:36:47.0481 2676 Page size: 0x1000
21:36:47.0481 2676 Boot type: Normal boot
21:36:47.0481 2676 ============================================================
21:36:48.0464 2676 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:36:48.0464 2676 Drive \Device\Harddisk1\DR1 - Size: 0x7470A00000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:36:48.0792 2676 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:36:48.0792 2676 Drive \Device\Harddisk3\DR3 - Size: 0x7470A00000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:36:48.0792 2676 ============================================================
21:36:48.0792 2676 \Device\Harddisk0\DR0:
21:36:48.0792 2676 MBR partitions:
21:36:48.0792 2676 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:36:48.0792 2676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:36:48.0792 2676 \Device\Harddisk1\DR1:
21:36:48.0792 2676 MBR partitions:
21:36:48.0792 2676 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
21:36:48.0792 2676 \Device\Harddisk2\DR2:
21:36:48.0792 2676 MBR partitions:
21:36:48.0792 2676 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
21:36:48.0792 2676 \Device\Harddisk3\DR3:
21:36:48.0792 2676 MBR partitions:
21:36:48.0792 2676 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
21:36:48.0792 2676 ============================================================
21:36:48.0823 2676 C: <-> \Device\Harddisk0\DR0\Partition1
21:36:48.0838 2676 E: <-> \Device\Harddisk2\DR2\Partition0
21:36:49.0135 2676 F: <-> \Device\Harddisk3\DR3\Partition0
21:36:49.0197 2676 G: <-> \Device\Harddisk1\DR1\Partition0
21:36:49.0197 2676 ============================================================
21:36:49.0197 2676 Initialize success
21:36:49.0197 2676 ============================================================
21:37:05.0733 4420 ============================================================
21:37:05.0733 4420 Scan started
21:37:05.0733 4420 Mode: Manual;
21:37:05.0733 4420 ============================================================
21:37:06.0404 4420 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
21:37:06.0404 4420 1394ohci - ok
21:37:06.0482 4420 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
21:37:06.0482 4420 a2acc - ok
21:37:06.0669 4420 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
21:37:06.0700 4420 a2AntiMalware - ok
21:37:06.0825 4420 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
21:37:06.0825 4420 A2DDA - ok
21:37:06.0934 4420 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:37:06.0934 4420 ACPI - ok
21:37:06.0950 4420 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:37:06.0950 4420 AcpiPmi - ok
21:37:06.0997 4420 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:37:06.0997 4420 AdobeARMservice - ok
21:37:07.0044 4420 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:37:07.0059 4420 adp94xx - ok
21:37:07.0106 4420 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:37:07.0106 4420 adpahci - ok
21:37:07.0137 4420 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:37:07.0137 4420 adpu320 - ok
21:37:07.0153 4420 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:37:07.0153 4420 AeLookupSvc - ok
21:37:07.0200 4420 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:37:07.0231 4420 AFD - ok
21:37:07.0262 4420 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:37:07.0262 4420 agp440 - ok
21:37:07.0309 4420 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:37:07.0309 4420 ALG - ok
21:37:07.0340 4420 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:37:07.0340 4420 aliide - ok
21:37:07.0356 4420 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:37:07.0356 4420 amdide - ok
21:37:07.0387 4420 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:37:07.0387 4420 AmdK8 - ok
21:37:07.0402 4420 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:37:07.0402 4420 AmdPPM - ok
21:37:07.0449 4420 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:37:07.0449 4420 amdsata - ok
21:37:07.0480 4420 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:37:07.0480 4420 amdsbs - ok
21:37:07.0480 4420 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:37:07.0480 4420 amdxata - ok
21:37:07.0512 4420 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
21:37:07.0512 4420 amd_sata - ok
21:37:07.0527 4420 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
21:37:07.0527 4420 amd_xata - ok
21:37:07.0590 4420 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:37:07.0590 4420 AntiVirSchedulerService - ok
21:37:07.0636 4420 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:37:07.0636 4420 AntiVirService - ok
21:37:07.0668 4420 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:37:07.0668 4420 AppID - ok
21:37:07.0683 4420 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:37:07.0683 4420 AppIDSvc - ok
21:37:07.0714 4420 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:37:07.0714 4420 Appinfo - ok
21:37:07.0746 4420 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:37:07.0746 4420 arc - ok
21:37:07.0761 4420 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:37:07.0761 4420 arcsas - ok
21:37:07.0792 4420 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
21:37:07.0808 4420 asmthub3 - ok
21:37:07.0839 4420 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
21:37:07.0855 4420 asmtxhci - ok
21:37:07.0886 4420 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:37:07.0886 4420 AsyncMac - ok
21:37:07.0902 4420 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:37:07.0902 4420 atapi - ok
21:37:07.0964 4420 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:37:07.0964 4420 AudioEndpointBuilder - ok
21:37:07.0964 4420 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:37:07.0964 4420 AudioSrv - ok
21:37:07.0995 4420 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:37:07.0995 4420 avgntflt - ok
21:37:08.0011 4420 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:37:08.0011 4420 avipbb - ok
21:37:08.0026 4420 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:37:08.0026 4420 avkmgr - ok
21:37:08.0058 4420 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:37:08.0058 4420 AxInstSV - ok
21:37:08.0104 4420 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:37:08.0136 4420 b06bdrv - ok
21:37:08.0182 4420 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:37:08.0198 4420 b57nd60a - ok
21:37:08.0229 4420 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:37:08.0229 4420 BDESVC - ok
21:37:08.0229 4420 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:37:08.0229 4420 Beep - ok
21:37:08.0292 4420 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:37:08.0292 4420 BFE - ok
21:37:08.0354 4420 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:37:08.0401 4420 BITS - ok
21:37:08.0448 4420 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:37:08.0448 4420 blbdrive - ok
21:37:08.0479 4420 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:37:08.0479 4420 bowser - ok
21:37:08.0510 4420 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:37:08.0510 4420 BrFiltLo - ok
21:37:08.0526 4420 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:37:08.0526 4420 BrFiltUp - ok
21:37:08.0557 4420 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:37:08.0557 4420 Browser - ok
21:37:08.0588 4420 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:37:08.0588 4420 Brserid - ok
21:37:08.0604 4420 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:37:08.0604 4420 BrSerWdm - ok
21:37:08.0619 4420 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:37:08.0619 4420 BrUsbMdm - ok
21:37:08.0635 4420 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:37:08.0635 4420 BrUsbSer - ok
21:37:08.0650 4420 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:37:08.0650 4420 BTHMODEM - ok
21:37:08.0682 4420 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:37:08.0682 4420 bthserv - ok
21:37:08.0697 4420 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:37:08.0713 4420 cdfs - ok
21:37:08.0744 4420 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:37:08.0744 4420 cdrom - ok
21:37:08.0775 4420 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:37:08.0775 4420 CertPropSvc - ok
21:37:08.0822 4420 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:37:08.0822 4420 circlass - ok
21:37:08.0838 4420 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:37:08.0853 4420 CLFS - ok
21:37:08.0916 4420 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:37:08.0916 4420 clr_optimization_v2.0.50727_32 - ok
21:37:08.0947 4420 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:37:08.0947 4420 clr_optimization_v2.0.50727_64 - ok
21:37:09.0009 4420 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:37:09.0040 4420 clr_optimization_v4.0.30319_32 - ok
21:37:09.0072 4420 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:37:09.0072 4420 clr_optimization_v4.0.30319_64 - ok
21:37:09.0103 4420 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:37:09.0103 4420 CmBatt - ok
21:37:09.0103 4420 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:37:09.0103 4420 cmdide - ok
21:37:09.0150 4420 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
21:37:09.0150 4420 CNG - ok
21:37:09.0150 4420 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:37:09.0150 4420 Compbatt - ok
21:37:09.0181 4420 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:37:09.0196 4420 CompositeBus - ok
21:37:09.0212 4420 COMSysApp - ok
21:37:09.0228 4420 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:37:09.0228 4420 crcdisk - ok
21:37:09.0259 4420 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:37:09.0259 4420 CryptSvc - ok
21:37:09.0290 4420 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:37:09.0290 4420 DcomLaunch - ok
21:37:09.0337 4420 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:37:09.0337 4420 defragsvc - ok
21:37:09.0368 4420 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:37:09.0368 4420 DfsC - ok
21:37:09.0399 4420 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:37:09.0399 4420 Dhcp - ok
21:37:09.0415 4420 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:37:09.0415 4420 discache - ok
21:37:09.0462 4420 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:37:09.0462 4420 Disk - ok
21:37:09.0477 4420 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:37:09.0477 4420 Dnscache - ok
21:37:09.0508 4420 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:37:09.0508 4420 dot3svc - ok
21:37:09.0524 4420 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:37:09.0524 4420 DPS - ok
21:37:09.0555 4420 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:37:09.0555 4420 drmkaud - ok
21:37:09.0602 4420 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:37:09.0618 4420 DXGKrnl - ok
21:37:09.0649 4420 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:37:09.0649 4420 EapHost - ok
21:37:09.0789 4420 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:37:09.0852 4420 ebdrv - ok
21:37:09.0976 4420 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:37:09.0976 4420 EFS - ok
21:37:10.0054 4420 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:37:10.0101 4420 ehRecvr - ok
21:37:10.0117 4420 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:37:10.0117 4420 ehSched - ok
21:37:10.0195 4420 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:37:10.0210 4420 elxstor - ok
21:37:10.0226 4420 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:37:10.0226 4420 ErrDev - ok
21:37:10.0273 4420 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:37:10.0273 4420 EventSystem - ok
21:37:10.0288 4420 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:37:10.0304 4420 exfat - ok
21:37:10.0366 4420 Fabs - ok
21:37:10.0398 4420 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:37:10.0398 4420 fastfat - ok
21:37:10.0460 4420 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:37:10.0476 4420 Fax - ok
21:37:10.0491 4420 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:37:10.0491 4420 fdc - ok
21:37:10.0507 4420 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:37:10.0507 4420 fdPHost - ok
21:37:10.0522 4420 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:37:10.0522 4420 FDResPub - ok
21:37:10.0538 4420 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:37:10.0538 4420 FileInfo - ok
21:37:10.0538 4420 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:37:10.0538 4420 Filetrace - ok
21:37:10.0710 4420 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:37:10.0756 4420 FirebirdServerMAGIXInstance - ok
21:37:10.0834 4420 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:37:10.0834 4420 flpydisk - ok
21:37:10.0850 4420 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:37:10.0850 4420 FltMgr - ok
21:37:10.0912 4420 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:37:10.0928 4420 FontCache - ok
21:37:10.0990 4420 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:37:10.0990 4420 FontCache3.0.0.0 - ok
21:37:11.0037 4420 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:37:11.0037 4420 FsDepends - ok
21:37:11.0053 4420 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:37:11.0053 4420 Fs_Rec - ok
21:37:11.0084 4420 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:37:11.0084 4420 fvevol - ok
21:37:11.0100 4420 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:37:11.0100 4420 gagp30kx - ok
21:37:11.0146 4420 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:37:11.0162 4420 gpsvc - ok
21:37:11.0193 4420 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:37:11.0193 4420 hamachi - ok
21:37:11.0224 4420 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:37:11.0224 4420 hcw85cir - ok
21:37:11.0271 4420 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:37:11.0302 4420 HdAudAddService - ok
21:37:11.0334 4420 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:37:11.0334 4420 HDAudBus - ok
21:37:11.0349 4420 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:37:11.0349 4420 HidBatt - ok
21:37:11.0365 4420 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:37:11.0365 4420 HidBth - ok
21:37:11.0380 4420 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:37:11.0380 4420 HidIr - ok
21:37:11.0396 4420 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:37:11.0396 4420 hidserv - ok
21:37:11.0427 4420 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:37:11.0427 4420 HidUsb - ok
21:37:11.0505 4420 HiPatchService (8d1f00f4254c3ef428b715484940427c) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:37:11.0505 4420 HiPatchService - ok
21:37:11.0536 4420 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:37:11.0536 4420 hkmsvc - ok
21:37:11.0552 4420 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:37:11.0552 4420 HomeGroupListener - ok
21:37:11.0568 4420 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:37:11.0583 4420 HomeGroupProvider - ok
21:37:11.0599 4420 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:37:11.0614 4420 HpSAMD - ok
21:37:11.0661 4420 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:37:11.0692 4420 HTTP - ok
21:37:11.0724 4420 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:37:11.0724 4420 hwpolicy - ok
21:37:11.0739 4420 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:37:11.0739 4420 i8042prt - ok
21:37:11.0786 4420 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:37:11.0817 4420 iaStorV - ok
21:37:11.0911 4420 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:37:11.0942 4420 idsvc - ok
21:37:11.0989 4420 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:37:11.0989 4420 iirsp - ok
21:37:12.0051 4420 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:37:12.0114 4420 IKEEXT - ok
21:37:12.0254 4420 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
21:37:12.0254 4420 IntcAzAudAddService - ok
21:37:12.0348 4420 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:37:12.0348 4420 intelide - ok
21:37:12.0363 4420 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
21:37:12.0363 4420 intelppm - ok
21:37:12.0394 4420 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:37:12.0394 4420 IPBusEnum - ok
21:37:12.0410 4420 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:12.0426 4420 IpFilterDriver - ok
21:37:12.0441 4420 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:37:12.0457 4420 iphlpsvc - ok
21:37:12.0472 4420 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:37:12.0472 4420 IPMIDRV - ok
21:37:12.0504 4420 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:37:12.0504 4420 IPNAT - ok
21:37:12.0535 4420 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:37:12.0535 4420 IRENUM - ok
21:37:12.0550 4420 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:37:12.0550 4420 isapnp - ok
21:37:12.0582 4420 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:37:12.0582 4420 iScsiPrt - ok
21:37:12.0628 4420 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\DRIVERS\jraid.sys
21:37:12.0628 4420 JRAID - ok
21:37:12.0660 4420 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:12.0660 4420 kbdclass - ok
21:37:12.0675 4420 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:12.0675 4420 kbdhid - ok
21:37:12.0706 4420 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:37:12.0706 4420 KeyIso - ok
21:37:12.0722 4420 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
21:37:12.0722 4420 KSecDD - ok
21:37:12.0753 4420 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
21:37:12.0753 4420 KSecPkg - ok
21:37:12.0800 4420 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:37:12.0800 4420 ksthunk - ok
21:37:12.0831 4420 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:37:12.0847 4420 KtmRm - ok
21:37:12.0878 4420 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:37:12.0878 4420 LanmanServer - ok
21:37:12.0894 4420 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:37:12.0894 4420 LanmanWorkstation - ok
21:37:12.0925 4420 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
21:37:12.0925 4420 LGBusEnum - ok
21:37:12.0956 4420 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
21:37:12.0956 4420 LGVirHid - ok
21:37:12.0972 4420 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:37:12.0972 4420 LHidFilt - ok
21:37:13.0003 4420 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:37:13.0003 4420 lltdio - ok
21:37:13.0050 4420 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:37:13.0050 4420 lltdsvc - ok
21:37:13.0065 4420 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:37:13.0065 4420 lmhosts - ok
21:37:13.0081 4420 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:37:13.0081 4420 LMouFilt - ok
21:37:13.0112 4420 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:37:13.0128 4420 LSI_FC - ok
21:37:13.0128 4420 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:37:13.0128 4420 LSI_SAS - ok
21:37:13.0143 4420 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:37:13.0143 4420 LSI_SAS2 - ok
21:37:13.0174 4420 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:37:13.0174 4420 LSI_SCSI - ok
21:37:13.0190 4420 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:37:13.0206 4420 luafv - ok
21:37:13.0221 4420 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:37:13.0221 4420 Mcx2Svc - ok
21:37:13.0237 4420 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:37:13.0237 4420 megasas - ok
21:37:13.0268 4420 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:37:13.0268 4420 MegaSR - ok
21:37:13.0299 4420 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:37:13.0299 4420 MMCSS - ok
21:37:13.0330 4420 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:37:13.0330 4420 Modem - ok
21:37:13.0346 4420 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:37:13.0346 4420 monitor - ok
21:37:13.0362 4420 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:37:13.0362 4420 mouclass - ok
21:37:13.0393 4420 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:37:13.0393 4420 mouhid - ok
21:37:13.0408 4420 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:37:13.0408 4420 mountmgr - ok
21:37:13.0486 4420 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:37:13.0486 4420 MozillaMaintenance - ok
21:37:13.0502 4420 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:37:13.0502 4420 mpio - ok
21:37:13.0518 4420 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:37:13.0518 4420 mpsdrv - ok
21:37:13.0580 4420 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:37:13.0580 4420 MpsSvc - ok
21:37:13.0596 4420 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:37:13.0596 4420 MRxDAV - ok
21:37:13.0627 4420 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:13.0627 4420 mrxsmb - ok
21:37:13.0642 4420 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:13.0642 4420 mrxsmb10 - ok
21:37:13.0674 4420 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:13.0674 4420 mrxsmb20 - ok
21:37:13.0674 4420 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:37:13.0674 4420 msahci - ok
21:37:13.0705 4420 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:37:13.0705 4420 msdsm - ok
21:37:13.0736 4420 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:37:13.0736 4420 MSDTC - ok
21:37:13.0767 4420 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:37:13.0767 4420 Msfs - ok
21:37:13.0783 4420 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:37:13.0783 4420 mshidkmdf - ok
21:37:13.0798 4420 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:37:13.0798 4420 msisadrv - ok
21:37:13.0830 4420 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:37:13.0830 4420 MSiSCSI - ok
21:37:13.0830 4420 msiserver - ok
21:37:13.0861 4420 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:37:13.0861 4420 MSKSSRV - ok
21:37:13.0876 4420 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:13.0876 4420 MSPCLOCK - ok
21:37:13.0908 4420 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:37:13.0908 4420 MSPQM - ok
21:37:13.0923 4420 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:37:13.0939 4420 MsRPC - ok
21:37:13.0954 4420 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:37:13.0954 4420 mssmbios - ok
21:37:13.0970 4420 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:37:13.0970 4420 MSTEE - ok
21:37:13.0970 4420 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:37:13.0970 4420 MTConfig - ok
21:37:13.0986 4420 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:37:13.0986 4420 Mup - ok
21:37:14.0032 4420 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:37:14.0032 4420 napagent - ok
21:37:14.0064 4420 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:37:14.0064 4420 NativeWifiP - ok
21:37:14.0126 4420 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:37:14.0142 4420 NDIS - ok
21:37:14.0142 4420 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:14.0142 4420 NdisCap - ok
21:37:14.0173 4420 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:14.0173 4420 NdisTapi - ok
21:37:14.0188 4420 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:14.0188 4420 Ndisuio - ok
21:37:14.0204 4420 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:14.0220 4420 NdisWan - ok
21:37:14.0220 4420 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:37:14.0220 4420 NDProxy - ok
21:37:14.0235 4420 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:37:14.0235 4420 NetBIOS - ok
21:37:14.0251 4420 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:37:14.0251 4420 NetBT - ok
21:37:14.0282 4420 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:37:14.0282 4420 Netlogon - ok
21:37:14.0313 4420 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:37:14.0313 4420 Netman - ok
21:37:14.0329 4420 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:37:14.0344 4420 netprofm - ok
21:37:14.0422 4420 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:37:14.0422 4420 NetTcpPortSharing - ok
21:37:14.0454 4420 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:37:14.0454 4420 nfrd960 - ok
21:37:14.0500 4420 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:37:14.0500 4420 NlaSvc - ok
21:37:14.0516 4420 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:37:14.0516 4420 Npfs - ok
21:37:14.0532 4420 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:37:14.0532 4420 nsi - ok
21:37:14.0547 4420 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:37:14.0547 4420 nsiproxy - ok
21:37:14.0625 4420 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:37:14.0656 4420 Ntfs - ok
21:37:14.0719 4420 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:37:14.0719 4420 Null - ok
21:37:14.0766 4420 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
21:37:14.0766 4420 NVHDA - ok
21:37:15.0140 4420 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:37:15.0218 4420 nvlddmkm - ok
21:37:15.0327 4420 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:37:15.0327 4420 nvraid - ok
21:37:15.0343 4420 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:37:15.0343 4420 nvstor - ok
21:37:15.0421 4420 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
21:37:15.0436 4420 nvsvc - ok
21:37:15.0546 4420 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:37:15.0546 4420 nvUpdatusService - ok
21:37:15.0624 4420 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:37:15.0624 4420 nv_agp - ok
21:37:15.0624 4420 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:37:15.0624 4420 ohci1394 - ok
21:37:15.0670 4420 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:37:15.0670 4420 p2pimsvc - ok
21:37:15.0702 4420 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:37:15.0702 4420 p2psvc - ok
21:37:15.0717 4420 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:37:15.0717 4420 Parport - ok
21:37:15.0748 4420 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:37:15.0748 4420 partmgr - ok
21:37:15.0764 4420 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:37:15.0764 4420 PcaSvc - ok
21:37:15.0780 4420 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:37:15.0780 4420 pci - ok
21:37:15.0795 4420 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:37:15.0795 4420 pciide - ok
21:37:15.0811 4420 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:37:15.0826 4420 pcmcia - ok
21:37:15.0842 4420 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:37:15.0842 4420 pcw - ok
21:37:15.0873 4420 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:37:15.0889 4420 PEAUTH - ok
21:37:15.0936 4420 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:37:15.0936 4420 PerfHost - ok
21:37:16.0014 4420 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:37:16.0029 4420 pla - ok
21:37:16.0076 4420 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:37:16.0092 4420 PlugPlay - ok
21:37:16.0107 4420 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:37:16.0107 4420 PNRPAutoReg - ok
21:37:16.0123 4420 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:37:16.0123 4420 PNRPsvc - ok
21:37:16.0154 4420 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:37:16.0170 4420 PolicyAgent - ok
21:37:16.0185 4420 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:37:16.0185 4420 Power - ok
21:37:16.0232 4420 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:37:16.0232 4420 PptpMiniport - ok
21:37:16.0248 4420 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:37:16.0248 4420 Processor - ok
21:37:16.0279 4420 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:37:16.0294 4420 ProfSvc - ok
21:37:16.0310 4420 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:37:16.0310 4420 ProtectedStorage - ok
21:37:16.0357 4420 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:37:16.0357 4420 Psched - ok
21:37:16.0419 4420 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:37:16.0435 4420 ql2300 - ok
21:37:16.0497 4420 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:37:16.0513 4420 ql40xx - ok
21:37:16.0544 4420 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:37:16.0544 4420 QWAVE - ok
21:37:16.0560 4420 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:37:16.0560 4420 QWAVEdrv - ok
21:37:16.0575 4420 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:37:16.0575 4420 RasAcd - ok
21:37:16.0622 4420 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:16.0622 4420 RasAgileVpn - ok
21:37:16.0638 4420 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:37:16.0638 4420 RasAuto - ok
21:37:16.0653 4420 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:16.0669 4420 Rasl2tp - ok
21:37:16.0700 4420 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:37:16.0700 4420 RasMan - ok
21:37:16.0716 4420 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:16.0731 4420 RasPppoe - ok
21:37:16.0747 4420 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:37:16.0747 4420 RasSstp - ok
21:37:16.0762 4420 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:37:16.0762 4420 rdbss - ok
21:37:16.0778 4420 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:37:16.0778 4420 rdpbus - ok
21:37:16.0794 4420 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:16.0794 4420 RDPCDD - ok
21:37:16.0794 4420 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:37:16.0794 4420 RDPENCDD - ok
21:37:16.0809 4420 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:37:16.0809 4420 RDPREFMP - ok
21:37:16.0856 4420 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:37:16.0856 4420 RDPWD - ok
21:37:16.0887 4420 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:37:16.0887 4420 rdyboost - ok
21:37:16.0918 4420 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:37:16.0918 4420 RemoteAccess - ok
21:37:16.0934 4420 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:37:16.0934 4420 RemoteRegistry - ok
21:37:16.0950 4420 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:37:16.0950 4420 RpcEptMapper - ok
21:37:16.0965 4420 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:37:16.0965 4420 RpcLocator - ok
21:37:16.0996 4420 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:37:16.0996 4420 RpcSs - ok
21:37:17.0028 4420 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:37:17.0028 4420 rspndr - ok
21:37:17.0059 4420 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:37:17.0074 4420 RTL8167 - ok
21:37:17.0090 4420 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:37:17.0090 4420 SamSs - ok
21:37:17.0106 4420 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:37:17.0106 4420 sbp2port - ok
21:37:17.0137 4420 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:37:17.0137 4420 SCardSvr - ok
21:37:17.0152 4420 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:37:17.0152 4420 scfilter - ok
21:37:17.0199 4420 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:37:17.0215 4420 Schedule - ok
21:37:17.0262 4420 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:37:17.0262 4420 SCPolicySvc - ok
21:37:17.0277 4420 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:37:17.0293 4420 SDRSVC - ok
21:37:17.0324 4420 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:37:17.0324 4420 secdrv - ok
21:37:17.0340 4420 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:37:17.0340 4420 seclogon - ok
21:37:17.0371 4420 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:37:17.0371 4420 SENS - ok
21:37:17.0386 4420 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:37:17.0386 4420 SensrSvc - ok
21:37:17.0402 4420 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:37:17.0402 4420 Serenum - ok
21:37:17.0418 4420 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:37:17.0418 4420 Serial - ok
21:37:17.0449 4420 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:37:17.0449 4420 sermouse - ok
21:37:17.0464 4420 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:37:17.0464 4420 SessionEnv - ok
21:37:17.0464 4420 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:37:17.0464 4420 sffdisk - ok
21:37:17.0480 4420 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:37:17.0480 4420 sffp_mmc - ok
21:37:17.0496 4420 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:37:17.0496 4420 sffp_sd - ok
21:37:17.0511 4420 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:37:17.0511 4420 sfloppy - ok
21:37:17.0558 4420 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:37:17.0574 4420 SharedAccess - ok
21:37:17.0605 4420 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:37:17.0605 4420 ShellHWDetection - ok
21:37:17.0620 4420 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:37:17.0636 4420 SiSRaid2 - ok
21:37:17.0652 4420 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:37:17.0652 4420 SiSRaid4 - ok
21:37:17.0730 4420 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:37:17.0730 4420 SkypeUpdate - ok
21:37:17.0745 4420 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:37:17.0745 4420 Smb - ok
21:37:17.0792 4420 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:37:17.0792 4420 SNMPTRAP - ok
21:37:17.0823 4420 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:37:17.0823 4420 spldr - ok
21:37:17.0839 4420 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:37:17.0854 4420 Spooler - ok
21:37:17.0995 4420 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:37:18.0042 4420 sppsvc - ok
21:37:18.0104 4420 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:37:18.0104 4420 sppuinotify - ok
21:37:18.0151 4420 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:37:18.0182 4420 srv - ok
21:37:18.0198 4420 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:37:18.0213 4420 srv2 - ok
21:37:18.0229 4420 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:37:18.0229 4420 srvnet - ok
21:37:18.0276 4420 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:37:18.0276 4420 SSDPSRV - ok
21:37:18.0291 4420 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:37:18.0291 4420 SstpSvc - ok
21:37:18.0322 4420 Steam Client Service - ok
21:37:18.0400 4420 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:37:18.0416 4420 Stereo Service - ok
21:37:18.0432 4420 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:37:18.0432 4420 stexstor - ok
21:37:18.0494 4420 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:37:18.0494 4420 stisvc - ok
21:37:18.0510 4420 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:37:18.0510 4420 swenum - ok
21:37:18.0541 4420 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:37:18.0556 4420 swprv - ok
21:37:18.0634 4420 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:37:18.0666 4420 SysMain - ok
21:37:18.0728 4420 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:37:18.0728 4420 TabletInputService - ok
21:37:18.0759 4420 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:37:18.0775 4420 TapiSrv - ok
21:37:18.0790 4420 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:37:18.0790 4420 TBS - ok
21:37:18.0915 4420 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:37:18.0946 4420 Tcpip - ok
21:37:19.0102 4420 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:37:19.0102 4420 TCPIP6 - ok
21:37:19.0165 4420 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:37:19.0165 4420 tcpipreg - ok
21:37:19.0180 4420 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:37:19.0180 4420 TDPIPE - ok
21:37:19.0212 4420 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:37:19.0212 4420 TDTCP - ok
21:37:19.0227 4420 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:37:19.0227 4420 tdx - ok
21:37:19.0243 4420 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:37:19.0243 4420 TermDD - ok
21:37:19.0290 4420 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:37:19.0336 4420 TermService - ok
21:37:19.0352 4420 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:37:19.0352 4420 Themes - ok
21:37:19.0368 4420 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:37:19.0383 4420 THREADORDER - ok
21:37:19.0399 4420 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:37:19.0399 4420 TrkWks - ok
21:37:19.0430 4420 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:37:19.0430 4420 TrustedInstaller - ok
21:37:19.0446 4420 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:19.0446 4420 tssecsrv - ok
21:37:19.0492 4420 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:37:19.0492 4420 TsUsbFlt - ok
21:37:19.0508 4420 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:37:19.0508 4420 TsUsbGD - ok
21:37:19.0555 4420 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:37:19.0555 4420 tunnel - ok
21:37:19.0555 4420 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:37:19.0555 4420 uagp35 - ok
21:37:19.0586 4420 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:37:19.0617 4420 udfs - ok
21:37:19.0633 4420 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:37:19.0633 4420 UI0Detect - ok
21:37:19.0664 4420 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:37:19.0664 4420 uliagpkx - ok
21:37:19.0680 4420 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:37:19.0680 4420 umbus - ok
21:37:19.0695 4420 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:37:19.0695 4420 UmPass - ok
21:37:19.0726 4420 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:37:19.0726 4420 upnphost - ok
21:37:19.0758 4420 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:19.0758 4420 usbccgp - ok
21:37:19.0758 4420 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:37:19.0758 4420 usbcir - ok
21:37:19.0773 4420 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:37:19.0773 4420 usbehci - ok
21:37:19.0804 4420 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
21:37:19.0804 4420 usbfilter - ok
21:37:19.0836 4420 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:37:19.0851 4420 usbhub - ok
21:37:19.0851 4420 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:37:19.0851 4420 usbohci - ok
21:37:19.0882 4420 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:37:19.0882 4420 usbprint - ok
21:37:19.0914 4420 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:37:19.0914 4420 usbscan - ok
21:37:19.0929 4420 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:19.0929 4420 USBSTOR - ok
21:37:19.0945 4420 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:37:19.0945 4420 usbuhci - ok
21:37:19.0960 4420 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:37:19.0960 4420 UxSms - ok
21:37:19.0992 4420 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:37:19.0992 4420 VaultSvc - ok
21:37:20.0023 4420 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:37:20.0023 4420 vdrvroot - ok
21:37:20.0054 4420 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:37:20.0085 4420 vds - ok
21:37:20.0101 4420 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:20.0101 4420 vga - ok
21:37:20.0116 4420 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:37:20.0116 4420 VgaSave - ok
21:37:20.0132 4420 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:37:20.0132 4420 vhdmp - ok
21:37:20.0148 4420 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:37:20.0148 4420 viaide - ok
21:37:20.0163 4420 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:37:20.0163 4420 volmgr - ok
21:37:20.0194 4420 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:37:20.0210 4420 volmgrx - ok
21:37:20.0226 4420 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:37:20.0226 4420 volsnap - ok
21:37:20.0257 4420 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:37:20.0257 4420 vsmraid - ok
21:37:20.0335 4420 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:37:20.0350 4420 VSS - ok
21:37:20.0428 4420 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:37:20.0428 4420 vwifibus - ok
21:37:20.0475 4420 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:37:20.0491 4420 W32Time - ok
21:37:20.0506 4420 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:37:20.0506 4420 WacomPen - ok
21:37:20.0522 4420 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:37:20.0522 4420 WANARP - ok
21:37:20.0522 4420 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:37:20.0522 4420 Wanarpv6 - ok
21:37:20.0584 4420 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:37:20.0616 4420 wbengine - ok
21:37:20.0694 4420 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:37:20.0694 4420 WbioSrvc - ok
21:37:20.0709 4420 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:37:20.0740 4420 wcncsvc - ok
21:37:20.0756 4420 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:37:20.0756 4420 WcsPlugInService - ok
21:37:20.0772 4420 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:37:20.0772 4420 Wd - ok
21:37:20.0818 4420 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:37:20.0818 4420 Wdf01000 - ok
21:37:20.0834 4420 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:37:20.0834 4420 WdiServiceHost - ok
21:37:20.0834 4420 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:37:20.0834 4420 WdiSystemHost - ok
21:37:20.0865 4420 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:37:20.0865 4420 WebClient - ok
21:37:20.0881 4420 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:37:20.0896 4420 Wecsvc - ok
21:37:20.0896 4420 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:37:20.0896 4420 wercplsupport - ok
21:37:20.0912 4420 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:37:20.0928 4420 WerSvc - ok
21:37:20.0974 4420 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:37:20.0974 4420 WfpLwf - ok
21:37:20.0990 4420 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:37:20.0990 4420 WIMMount - ok
21:37:21.0006 4420 WinDefend - ok
21:37:21.0006 4420 WinHttpAutoProxySvc - ok
21:37:21.0068 4420 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:37:21.0068 4420 Winmgmt - ok
21:37:21.0162 4420 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:37:21.0193 4420 WinRM - ok
21:37:21.0333 4420 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:37:21.0364 4420 Wlansvc - ok
21:37:21.0396 4420 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:37:21.0396 4420 WmiAcpi - ok
21:37:21.0442 4420 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:37:21.0442 4420 wmiApSrv - ok
21:37:21.0489 4420 WMPNetworkSvc - ok
21:37:21.0536 4420 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:37:21.0536 4420 WPCSvc - ok
21:37:21.0552 4420 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:37:21.0552 4420 WPDBusEnum - ok
21:37:21.0567 4420 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:37:21.0567 4420 ws2ifsl - ok
21:37:21.0583 4420 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:37:21.0583 4420 wscsvc - ok
21:37:21.0598 4420 WSearch - ok
21:37:21.0708 4420 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:37:21.0739 4420 wuauserv - ok
21:37:21.0817 4420 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:37:21.0817 4420 WudfPf - ok
21:37:21.0848 4420 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:37:21.0848 4420 wudfsvc - ok
21:37:21.0864 4420 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:37:21.0864 4420 WwanSvc - ok
21:37:21.0879 4420 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:37:22.0051 4420 \Device\Harddisk0\DR0 - ok
21:37:22.0051 4420 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:37:22.0051 4420 \Device\Harddisk1\DR1 - ok
21:37:22.0067 4420 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
21:37:22.0067 4420 \Device\Harddisk2\DR2 - ok
21:37:22.0067 4420 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
21:37:22.0067 4420 \Device\Harddisk3\DR3 - ok
21:37:22.0067 4420 Boot (0x1200) (6de87a4edb56d633388db54a2c8967dd) \Device\Harddisk0\DR0\Partition0
21:37:22.0067 4420 \Device\Harddisk0\DR0\Partition0 - ok
21:37:22.0082 4420 Boot (0x1200) (8a5a3918e6793055d9de2aa4b643e2d1) \Device\Harddisk0\DR0\Partition1
21:37:22.0082 4420 \Device\Harddisk0\DR0\Partition1 - ok
21:37:22.0082 4420 Boot (0x1200) (7554f17eee96dc433382177d27dbd872) \Device\Harddisk1\DR1\Partition0
21:37:22.0082 4420 \Device\Harddisk1\DR1\Partition0 - ok
21:37:22.0098 4420 Boot (0x1200) (39d41b5a734415299ce24e4cf5d5276e) \Device\Harddisk2\DR2\Partition0
21:37:22.0098 4420 \Device\Harddisk2\DR2\Partition0 - ok
21:37:22.0098 4420 Boot (0x1200) (e57cac9e1f39642ab0e809c1023e92db) \Device\Harddisk3\DR3\Partition0
21:37:22.0098 4420 \Device\Harddisk3\DR3\Partition0 - ok
21:37:22.0098 4420 ============================================================
21:37:22.0098 4420 Scan finished
21:37:22.0098 4420 ============================================================
21:37:22.0113 3132 Detected object count: 0
21:37:22.0113 3132 Actual detected object count: 0
21:37:54.0001 4744 ============================================================
21:37:54.0001 4744 Scan started
21:37:54.0001 4744 Mode: Manual; SigCheck; TDLFS;
21:37:54.0001 4744 ============================================================
21:37:54.0094 4744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
21:37:54.0157 4744 1394ohci - ok
21:37:54.0250 4744 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
21:37:54.0718 4744 a2acc - ok
21:37:54.0828 4744 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
21:37:54.0874 4744 a2AntiMalware - ok
21:37:54.0952 4744 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
21:37:54.0968 4744 A2DDA - ok
21:37:55.0046 4744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:37:55.0062 4744 ACPI - ok
21:37:55.0077 4744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:37:55.0124 4744 AcpiPmi - ok
21:37:55.0155 4744 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:37:55.0155 4744 AdobeARMservice - ok
21:37:55.0202 4744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:37:55.0218 4744 adp94xx - ok
21:37:55.0264 4744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:37:55.0280 4744 adpahci - ok
21:37:55.0296 4744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:37:55.0311 4744 adpu320 - ok
21:37:55.0327 4744 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:37:55.0436 4744 AeLookupSvc - ok
21:37:55.0483 4744 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:37:55.0514 4744 AFD - ok
21:37:55.0530 4744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:37:55.0545 4744 agp440 - ok
21:37:55.0561 4744 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:37:55.0623 4744 ALG - ok
21:37:55.0639 4744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:37:55.0639 4744 aliide - ok
21:37:55.0654 4744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:37:55.0654 4744 amdide - ok
21:37:55.0670 4744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:37:55.0701 4744 AmdK8 - ok
21:37:55.0717 4744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:37:55.0748 4744 AmdPPM - ok
21:37:55.0779 4744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:37:55.0779 4744 amdsata - ok
21:37:55.0810 4744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:37:55.0826 4744 amdsbs - ok
21:37:55.0842 4744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:37:55.0842 4744 amdxata - ok
21:37:55.0873 4744 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
21:37:55.0873 4744 amd_sata - ok
21:37:55.0888 4744 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
21:37:55.0904 4744 amd_xata - ok
21:37:55.0966 4744 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:37:55.0982 4744 AntiVirSchedulerService - ok
21:37:56.0013 4744 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:37:56.0013 4744 AntiVirService - ok
21:37:56.0029 4744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:37:56.0154 4744 AppID - ok
21:37:56.0169 4744 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:37:56.0200 4744 AppIDSvc - ok
21:37:56.0216 4744 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:37:56.0278 4744 Appinfo - ok
21:37:56.0294 4744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:37:56.0310 4744 arc - ok
21:37:56.0325 4744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:37:56.0325 4744 arcsas - ok
21:37:56.0356 4744 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
21:37:56.0388 4744 asmthub3 - ok
21:37:56.0419 4744 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
21:37:56.0450 4744 asmtxhci - ok
21:37:56.0481 4744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:37:56.0528 4744 AsyncMac - ok
21:37:56.0544 4744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:37:56.0544 4744 atapi - ok
21:37:56.0590 4744 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:37:56.0637 4744 AudioEndpointBuilder - ok
21:37:56.0653 4744 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:37:56.0684 4744 AudioSrv - ok
21:37:56.0700 4744 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:37:56.0715 4744 avgntflt - ok
21:37:56.0731 4744 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:37:56.0746 4744 avipbb - ok
21:37:56.0746 4744 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:37:56.0762 4744 avkmgr - ok
21:37:56.0778 4744 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:37:56.0824 4744 AxInstSV - ok
21:37:56.0856 4744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:37:56.0902 4744 b06bdrv - ok
21:37:56.0918 4744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:37:56.0949 4744 b57nd60a - ok
21:37:56.0965 4744 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:37:56.0996 4744 BDESVC - ok
21:37:57.0012 4744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:37:57.0058 4744 Beep - ok
21:37:57.0090 4744 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:37:57.0152 4744 BFE - ok
21:37:57.0199 4744 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:37:57.0261 4744 BITS - ok
21:37:57.0292 4744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:37:57.0324 4744 blbdrive - ok
21:37:57.0339 4744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:37:57.0370 4744 bowser - ok
21:37:57.0386 4744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:37:57.0417 4744 BrFiltLo - ok
21:37:57.0433 4744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:37:57.0433 4744 BrFiltUp - ok
21:37:57.0464 4744 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:37:57.0511 4744 Browser - ok
21:37:57.0526 4744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:37:57.0573 4744 Brserid - ok
21:37:57.0589 4744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:37:57.0604 4744 BrSerWdm - ok
21:37:57.0620 4744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:37:57.0636 4744 BrUsbMdm - ok
21:37:57.0636 4744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:37:57.0651 4744 BrUsbSer - ok
21:37:57.0682 4744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:37:57.0698 4744 BTHMODEM - ok
21:37:57.0714 4744 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:37:57.0745 4744 bthserv - ok
21:37:57.0760 4744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:37:57.0792 4744 cdfs - ok
21:37:57.0807 4744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:37:57.0823 4744 cdrom - ok
21:37:57.0823 4744 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:37:57.0870 4744 CertPropSvc - ok
21:37:57.0885 4744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:37:57.0901 4744 circlass - ok
21:37:57.0916 4744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:37:57.0932 4744 CLFS - ok
21:37:57.0994 4744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:37:58.0010 4744 clr_optimization_v2.0.50727_32 - ok
21:37:58.0041 4744 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:37:58.0041 4744 clr_optimization_v2.0.50727_64 - ok
21:37:58.0072 4744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:37:58.0088 4744 clr_optimization_v4.0.30319_32 - ok
21:37:58.0135 4744 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:37:58.0135 4744 clr_optimization_v4.0.30319_64 - ok
21:37:58.0166 4744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:37:58.0197 4744 CmBatt - ok
21:37:58.0213 4744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:37:58.0213 4744 cmdide - ok
21:37:58.0260 4744 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
21:37:58.0291 4744 CNG - ok
21:37:58.0291 4744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:37:58.0306 4744 Compbatt - ok
21:37:58.0322 4744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:37:58.0338 4744 CompositeBus - ok
21:37:58.0353 4744 COMSysApp - ok
21:37:58.0353 4744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:37:58.0369 4744 crcdisk - ok
21:37:58.0384 4744 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:37:58.0416 4744 CryptSvc - ok
21:37:58.0447 4744 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:37:58.0494 4744 DcomLaunch - ok
21:37:58.0525 4744 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:37:58.0572 4744 defragsvc - ok
21:37:58.0587 4744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:37:58.0618 4744 DfsC - ok
21:37:58.0650 4744 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:37:58.0681 4744 Dhcp - ok
21:37:58.0696 4744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:37:58.0743 4744 discache - ok
21:37:58.0759 4744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:37:58.0774 4744 Disk - ok
21:37:58.0806 4744 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:37:58.0837 4744 Dnscache - ok
21:37:58.0868 4744 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:37:58.0899 4744 dot3svc - ok
21:37:58.0915 4744 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:37:58.0962 4744 DPS - ok
21:37:58.0977 4744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:37:59.0008 4744 drmkaud - ok
21:37:59.0071 4744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:37:59.0086 4744 DXGKrnl - ok
21:37:59.0118 4744 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:37:59.0164 4744 EapHost - ok
21:37:59.0305 4744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:37:59.0352 4744 ebdrv - ok
21:37:59.0445 4744 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:37:59.0476 4744 EFS - ok
21:37:59.0554 4744 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:37:59.0601 4744 ehRecvr - ok
21:37:59.0601 4744 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:37:59.0632 4744 ehSched - ok
21:37:59.0695 4744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:37:59.0710 4744 elxstor - ok
21:37:59.0710 4744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:37:59.0742 4744 ErrDev - ok
21:37:59.0773 4744 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:37:59.0820 4744 EventSystem - ok
21:37:59.0835 4744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:37:59.0866 4744 exfat - ok
21:37:59.0913 4744 Fabs - ok
21:37:59.0929 4744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:37:59.0976 4744 fastfat - ok
21:38:00.0022 4744 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:38:00.0054 4744 Fax - ok
21:38:00.0069 4744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:38:00.0085 4744 fdc - ok
21:38:00.0100 4744 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:38:00.0132 4744 fdPHost - ok
21:38:00.0147 4744 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:38:00.0178 4744 FDResPub - ok
21:38:00.0194 4744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:38:00.0210 4744 FileInfo - ok
21:38:00.0225 4744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:38:00.0272 4744 Filetrace - ok
21:38:00.0397 4744 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:38:00.0444 4744 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
21:38:00.0444 4744 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
21:38:00.0522 4744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:38:00.0537 4744 flpydisk - ok
21:38:00.0553 4744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:38:00.0568 4744 FltMgr - ok
21:38:00.0631 4744 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:38:00.0662 4744 FontCache - ok
21:38:00.0724 4744 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:38:00.0740 4744 FontCache3.0.0.0 - ok
21:38:00.0787 4744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:38:00.0787 4744 FsDepends - ok
21:38:00.0802 4744 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:38:00.0818 4744 Fs_Rec - ok
21:38:00.0834 4744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:38:00.0849 4744 fvevol - ok
21:38:00.0865 4744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:38:00.0865 4744 gagp30kx - ok
21:38:00.0912 4744 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:38:00.0943 4744 gpsvc - ok
21:38:00.0958 4744 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:38:00.0974 4744 hamachi - ok
21:38:00.0990 4744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:38:01.0021 4744 hcw85cir - ok
21:38:01.0052 4744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:38:01.0068 4744 HdAudAddService - ok
21:38:01.0083 4744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:38:01.0114 4744 HDAudBus - ok
21:38:01.0130 4744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:38:01.0146 4744 HidBatt - ok
21:38:01.0161 4744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:38:01.0177 4744 HidBth - ok
21:38:01.0177 4744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:38:01.0192 4744 HidIr - ok
21:38:01.0208 4744 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:38:01.0239 4744 hidserv - ok
21:38:01.0255 4744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:38:01.0270 4744 HidUsb - ok
21:38:01.0317 4744 HiPatchService (8d1f00f4254c3ef428b715484940427c) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:38:01.0333 4744 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
21:38:01.0333 4744 HiPatchService - detected UnsignedFile.Multi.Generic (1)
21:38:01.0364 4744 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:38:01.0411 4744 hkmsvc - ok
21:38:01.0426 4744 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:38:01.0458 4744 HomeGroupListener - ok
21:38:01.0473 4744 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:38:01.0504 4744 HomeGroupProvider - ok
21:38:01.0520 4744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:38:01.0536 4744 HpSAMD - ok
21:38:01.0567 4744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:38:01.0614 4744 HTTP - ok
21:38:01.0614 4744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:38:01.0629 4744 hwpolicy - ok
21:38:01.0645 4744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:38:01.0660 4744 i8042prt - ok
21:38:01.0692 4744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:38:01.0707 4744 iaStorV - ok
21:38:01.0816 4744 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:38:01.0832 4744 idsvc - ok
21:38:01.0848 4744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:38:01.0863 4744 iirsp - ok
21:38:01.0910 4744 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:38:01.0941 4744 IKEEXT - ok
21:38:02.0066 4744 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
21:38:02.0097 4744 IntcAzAudAddService - ok
21:38:02.0175 4744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:38:02.0191 4744 intelide - ok
21:38:02.0206 4744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
21:38:02.0222 4744 intelppm - ok
21:38:02.0238 4744 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:38:02.0284 4744 IPBusEnum - ok
21:38:02.0300 4744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:38:02.0331 4744 IpFilterDriver - ok
21:38:02.0347 4744 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:38:02.0394 4744 iphlpsvc - ok
21:38:02.0409 4744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:38:02.0425 4744 IPMIDRV - ok
21:38:02.0440 4744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:38:02.0472 4744 IPNAT - ok
21:38:02.0487 4744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:38:02.0503 4744 IRENUM - ok
21:38:02.0518 4744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:38:02.0518 4744 isapnp - ok
21:38:02.0550 4744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:38:02.0565 4744 iScsiPrt - ok
21:38:02.0581 4744 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\DRIVERS\jraid.sys
21:38:02.0596 4744 JRAID - ok
21:38:02.0596 4744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:38:02.0612 4744 kbdclass - ok
21:38:02.0612 4744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:38:02.0628 4744 kbdhid - ok
21:38:02.0659 4744 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:38:02.0674 4744 KeyIso - ok
21:38:02.0706 4744 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
21:38:02.0706 4744 KSecDD - ok
21:38:02.0721 4744 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
21:38:02.0721 4744 KSecPkg - ok
21:38:02.0752 4744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:38:02.0799 4744 ksthunk - ok
21:38:02.0830 4744 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:38:02.0877 4744 KtmRm - ok
21:38:02.0908 4744 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:38:02.0940 4744 LanmanServer - ok
21:38:02.0955 4744 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:38:03.0002 4744 LanmanWorkstation - ok
21:38:03.0033 4744 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
21:38:03.0033 4744 LGBusEnum - ok
21:38:03.0064 4744 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
21:38:03.0064 4744 LGVirHid - ok
21:38:03.0080 4744 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:38:03.0096 4744 LHidFilt - ok
21:38:03.0096 4744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:38:03.0142 4744 lltdio - ok
21:38:03.0174 4744 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:38:03.0220 4744 lltdsvc - ok
21:38:03.0220 4744 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:38:03.0267 4744 lmhosts - ok
21:38:03.0283 4744 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:38:03.0283 4744 LMouFilt - ok
21:38:03.0314 4744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:38:03.0314 4744 LSI_FC - ok
21:38:03.0361 4744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:38:03.0361 4744 LSI_SAS - ok
21:38:03.0376 4744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:38:03.0376 4744 LSI_SAS2 - ok
21:38:03.0392 4744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:38:03.0408 4744 LSI_SCSI - ok
21:38:03.0423 4744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:38:03.0470 4744 luafv - ok
21:38:03.0486 4744 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:38:03.0517 4744 Mcx2Svc - ok
21:38:03.0532 4744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:38:03.0532 4744 megasas - ok
21:38:03.0564 4744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:38:03.0564 4744 MegaSR - ok
21:38:03.0595 4744 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:38:03.0626 4744 MMCSS - ok
21:38:03.0642 4744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:38:03.0673 4744 Modem - ok
21:38:03.0704 4744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:38:03.0735 4744 monitor - ok
21:38:03.0751 4744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:38:03.0751 4744 mouclass - ok
21:38:03.0766 4744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:38:03.0782 4744 mouhid - ok
21:38:03.0798 4744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:38:03.0813 4744 mountmgr - ok
21:38:03.0860 4744 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:38:03.0876 4744 MozillaMaintenance - ok
21:38:03.0891 4744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:38:03.0907 4744 mpio - ok
21:38:03.0922 4744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:38:03.0954 4744 mpsdrv - ok
21:38:04.0000 4744 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:38:04.0032 4744 MpsSvc - ok
21:38:04.0063 4744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:38:04.0078 4744 MRxDAV - ok
21:38:04.0125 4744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:38:04.0141 4744 mrxsmb - ok
21:38:04.0156 4744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:38:04.0172 4744 mrxsmb10 - ok
21:38:04.0203 4744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:38:04.0203 4744 mrxsmb20 - ok
21:38:04.0219 4744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:38:04.0234 4744 msahci - ok
21:38:04.0250 4744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:38:04.0266 4744 msdsm - ok
21:38:04.0297 4744 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:38:04.0312 4744 MSDTC - ok
21:38:04.0328 4744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:38:04.0375 4744 Msfs - ok
21:38:04.0390 4744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:38:04.0453 4744 mshidkmdf - ok
21:38:04.0453 4744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:38:04.0468 4744 msisadrv - ok
21:38:04.0500 4744 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:38:04.0531 4744 MSiSCSI - ok
21:38:04.0546 4744 msiserver - ok
21:38:04.0546 4744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:38:04.0593 4744 MSKSSRV - ok
21:38:04.0609 4744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:38:04.0640 4744 MSPCLOCK - ok
21:38:04.0656 4744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:38:04.0702 4744 MSPQM - ok
21:38:04.0734 4744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:38:04.0749 4744 MsRPC - ok
21:38:04.0749 4744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:38:04.0765 4744 mssmbios - ok
21:38:04.0780 4744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:38:04.0812 4744 MSTEE - ok
21:38:04.0827 4744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:38:04.0827 4744 MTConfig - ok
21:38:04.0843 4744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:38:04.0858 4744 Mup - ok
21:38:04.0890 4744 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:38:04.0936 4744 napagent - ok
21:38:04.0952 4744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:38:04.0983 4744 NativeWifiP - ok
21:38:05.0030 4744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:38:05.0046 4744 NDIS - ok
21:38:05.0061 4744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:38:05.0092 4744 NdisCap - ok
21:38:05.0092 4744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:38:05.0124 4744 NdisTapi - ok
21:38:05.0139 4744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:38:05.0170 4744 Ndisuio - ok
21:38:05.0170 4744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:38:05.0217 4744 NdisWan - ok
21:38:05.0233 4744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:38:05.0264 4744 NDProxy - ok
21:38:05.0264 4744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:38:05.0311 4744 NetBIOS - ok
21:38:05.0326 4744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:38:05.0358 4744 NetBT - ok
21:38:05.0389 4744 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:38:05.0389 4744 Netlogon - ok
21:38:05.0420 4744 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:38:05.0467 4744 Netman - ok
21:38:05.0482 4744 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:38:05.0514 4744 netprofm - ok
21:38:05.0607 4744 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:38:05.0607 4744 NetTcpPortSharing - ok
21:38:05.0638 4744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:38:05.0638 4744 nfrd960 - ok
21:38:05.0670 4744 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:38:05.0701 4744 NlaSvc - ok
21:38:05.0716 4744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:38:05.0748 4744 Npfs - ok
21:38:05.0748 4744 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:38:05.0779 4744 nsi - ok
21:38:05.0794 4744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:38:05.0826 4744 nsiproxy - ok
21:38:05.0919 4744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:38:05.0950 4744 Ntfs - ok
21:38:06.0028 4744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:38:06.0075 4744 Null - ok
21:38:06.0091 4744 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
21:38:06.0106 4744 NVHDA - ok
21:38:06.0496 4744 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:38:06.0684 4744 nvlddmkm - ok
21:38:06.0777 4744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:38:06.0793 4744 nvraid - ok
21:38:06.0808 4744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:38:06.0824 4744 nvstor - ok
21:38:06.0871 4744 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
21:38:06.0902 4744 nvsvc - ok
21:38:07.0011 4744 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:38:07.0027 4744 nvUpdatusService - ok
21:38:07.0089 4744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:38:07.0105 4744 nv_agp - ok
21:38:07.0120 4744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:38:07.0136 4744 ohci1394 - ok
21:38:07.0167 4744 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:38:07.0214 4744 p2pimsvc - ok
21:38:07.0245 4744 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:38:07.0261 4744 p2psvc - ok
21:38:07.0292 4744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:38:07.0323 4744 Parport - ok
21:38:07.0354 4744 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:38:07.0354 4744 partmgr - ok
21:38:07.0370 4744 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:38:07.0401 4744 PcaSvc - ok
21:38:07.0417 4744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:38:07.0417 4744 pci - ok
21:38:07.0432 4744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:38:07.0448 4744 pciide - ok
21:38:07.0464 4744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:38:07.0464 4744 pcmcia - ok
21:38:07.0479 4744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:38:07.0479 4744 pcw - ok
21:38:07.0526 4744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:38:07.0557 4744 PEAUTH - ok
21:38:07.0620 4744 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:38:07.0620 4744 PerfHost - ok
21:38:07.0698 4744 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:38:07.0744 4744 pla - ok
21:38:07.0791 4744 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:38:07.0822 4744 PlugPlay - ok
21:38:07.0838 4744 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:38:07.0869 4744 PNRPAutoReg - ok
21:38:07.0885 4744 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:38:07.0900 4744 PNRPsvc - ok
21:38:07.0932 4744 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:38:07.0978 4744 PolicyAgent - ok
21:38:07.0994 4744 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:38:08.0025 4744 Power - ok
21:38:08.0072 4744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:38:08.0103 4744 PptpMiniport - ok
21:38:08.0119 4744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:38:08.0134 4744 Processor - ok
21:38:08.0166 4744 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:38:08.0197 4744 ProfSvc - ok
21:38:08.0212 4744 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:38:08.0228 4744 ProtectedStorage - ok
21:38:08.0244 4744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:38:08.0290 4744 Psched - ok
21:38:08.0337 4744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:38:08.0368 4744 ql2300 - ok
21:38:08.0446 4744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:38:08.0462 4744 ql40xx - ok
21:38:08.0478 4744 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:38:08.0493 4744 QWAVE - ok
21:38:08.0509 4744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:38:08.0540 4744 QWAVEdrv - ok
21:38:08.0556 4744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:38:08.0587 4744 RasAcd - ok
21:38:08.0618 4744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:38:08.0634 4744 RasAgileVpn - ok
21:38:08.0665 4744 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:38:08.0696 4744 RasAuto - ok
21:38:08.0712 4744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:08.0758 4744 Rasl2tp - ok
21:38:08.0774 4744 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:38:08.0805 4744 RasMan - ok
21:38:08.0836 4744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:08.0883 4744 RasPppoe - ok
21:38:08.0883 4744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:38:08.0930 4744 RasSstp - ok
21:38:08.0961 4744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:38:08.0977 4744 rdbss - ok
21:38:08.0992 4744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:38:09.0008 4744 rdpbus - ok
21:38:09.0024 4744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:09.0055 4744 RDPCDD - ok
21:38:09.0070 4744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:38:09.0117 4744 RDPENCDD - ok
21:38:09.0133 4744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:38:09.0148 4744 RDPREFMP - ok
21:38:09.0195 4744 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:38:09.0226 4744 RDPWD - ok
21:38:09.0242 4744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:38:09.0258 4744 rdyboost - ok
21:38:09.0273 4744 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:38:09.0320 4744 RemoteAccess - ok
21:38:09.0336 4744 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:38:09.0367 4744 RemoteRegistry - ok
21:38:09.0398 4744 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:38:09.0445 4744 RpcEptMapper - ok
21:38:09.0460 4744 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:38:09.0476 4744 RpcLocator - ok
21:38:09.0507 4744 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:38:09.0538 4744 RpcSs - ok
21:38:09.0570 4744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:38:09.0585 4744 rspndr - ok
21:38:09.0632 4744 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:38:09.0648 4744 RTL8167 - ok
21:38:09.0663 4744 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:38:09.0679 4744 SamSs - ok
21:38:09.0694 4744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:38:09.0694 4744 sbp2port - ok
21:38:09.0726 4744 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:38:09.0757 4744 SCardSvr - ok
21:38:09.0772 4744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:38:09.0804 4744 scfilter - ok
21:38:09.0850 4744 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:38:09.0897 4744 Schedule - ok
21:38:09.0928 4744 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:38:09.0944 4744 SCPolicySvc - ok
21:38:09.0960 4744 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:38:09.0991 4744 SDRSVC - ok
21:38:10.0038 4744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:38:10.0069 4744 secdrv - ok
21:38:10.0084 4744 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:38:10.0116 4744 seclogon - ok
21:38:10.0131 4744 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:38:10.0162 4744 SENS - ok
21:38:10.0178 4744 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:38:10.0194 4744 SensrSvc - ok
21:38:10.0209 4744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:38:10.0225 4744 Serenum - ok
21:38:10.0240 4744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:38:10.0256 4744 Serial - ok
21:38:10.0272 4744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:38:10.0287 4744 sermouse - ok
21:38:10.0303 4744 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:38:10.0350 4744 SessionEnv - ok
21:38:10.0365 4744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:38:10.0381 4744 sffdisk - ok
21:38:10.0381 4744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:38:10.0412 4744 sffp_mmc - ok
21:38:10.0428 4744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:38:10.0459 4744 sffp_sd - ok
21:38:10.0459 4744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:38:10.0474 4744 sfloppy - ok
21:38:10.0506 4744 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:38:10.0552 4744 SharedAccess - ok
21:38:10.0584 4744 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:38:10.0630 4744 ShellHWDetection - ok
21:38:10.0646 4744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:38:10.0646 4744 SiSRaid2 - ok
21:38:10.0677 4744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:38:10.0677 4744 SiSRaid4 - ok
21:38:10.0755 4744 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:38:10.0755 4744 SkypeUpdate - ok
21:38:10.0771 4744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:38:10.0818 4744 Smb - ok
21:38:10.0833 4744 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:38:10.0849 4744 SNMPTRAP - ok
21:38:10.0864 4744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:38:10.0864 4744 spldr - ok
21:38:10.0911 4744 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:38:10.0942 4744 Spooler - ok
21:38:11.0067 4744 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:38:11.0145 4744 sppsvc - ok
21:38:11.0239 4744 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:38:11.0270 4744 sppuinotify - ok
21:38:11.0317 4744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:38:11.0364 4744 srv - ok
21:38:11.0395 4744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:38:11.0426 4744 srv2 - ok
21:38:11.0457 4744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:38:11.0473 4744 srvnet - ok
21:38:11.0488 4744 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:38:11.0520 4744 SSDPSRV - ok
21:38:11.0551 4744 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:38:11.0582 4744 SstpSvc - ok
21:38:11.0629 4744 Steam Client Service - ok
21:38:11.0691 4744 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:38:11.0707 4744 Stereo Service - ok
21:38:11.0738 4744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:38:11.0738 4744 stexstor - ok
21:38:11.0785 4744 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:38:11.0800 4744 stisvc - ok
21:38:11.0816 4744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:38:11.0832 4744 swenum - ok
21:38:11.0863 4744 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:38:11.0894 4744 swprv - ok
21:38:11.0988 4744 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:38:12.0034 4744 SysMain - ok
21:38:12.0112 4744 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:38:12.0112 4744 TabletInputService - ok
21:38:12.0144 4744 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:38:12.0190 4744 TapiSrv - ok
21:38:12.0206 4744 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:38:12.0237 4744 TBS - ok
21:38:12.0346 4744 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:38:12.0378 4744 Tcpip - ok
21:38:12.0518 4744 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:38:12.0549 4744 TCPIP6 - ok
21:38:12.0612 4744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:38:12.0643 4744 tcpipreg - ok
21:38:12.0658 4744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:38:12.0674 4744 TDPIPE - ok
21:38:12.0705 4744 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:38:12.0736 4744 TDTCP - ok
21:38:12.0752 4744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:38:12.0783 4744 tdx - ok
21:38:12.0799 4744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:38:12.0799 4744 TermDD - ok
21:38:12.0846 4744 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:38:12.0892 4744 TermService - ok
21:38:12.0908 4744 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:38:12.0924 4744 Themes - ok
21:38:12.0955 4744 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:38:12.0986 4744 THREADORDER - ok
21:38:12.0986 4744 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:38:13.0033 4744 TrkWks - ok
21:38:13.0064 4744 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:38:13.0111 4744 TrustedInstaller - ok
21:38:13.0111 4744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:13.0158 4744 tssecsrv - ok
21:38:13.0189 4744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:38:13.0220 4744 TsUsbFlt - ok
21:38:13.0236 4744 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:38:13.0251 4744 TsUsbGD - ok
21:38:13.0267 4744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:38:13.0298 4744 tunnel - ok
21:38:13.0314 4744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:38:13.0314 4744 uagp35 - ok
21:38:13.0345 4744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:38:13.0376 4744 udfs - ok
21:38:13.0407 4744 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:38:13.0423 4744 UI0Detect - ok
21:38:13.0423 4744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:38:13.0438 4744 uliagpkx - ok
21:38:13.0454 4744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:38:13.0485 4744 umbus - ok
21:38:13.0485 4744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:38:13.0501 4744 UmPass - ok
21:38:13.0532 4744 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:38:13.0594 4744 upnphost - ok
21:38:13.0610 4744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:13.0626 4744 usbccgp - ok
21:38:13.0657 4744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:38:13.0657 4744 usbcir - ok
21:38:13.0672 4744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:38:13.0704 4744 usbehci - ok
21:38:13.0735 4744 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
21:38:13.0735 4744 usbfilter - ok
21:38:13.0766 4744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:38:13.0782 4744 usbhub - ok
21:38:13.0782 4744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:38:13.0797 4744 usbohci - ok
21:38:13.0813 4744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:38:13.0844 4744 usbprint - ok
21:38:13.0860 4744 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:38:13.0875 4744 usbscan - ok
21:38:13.0891 4744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:38:13.0938 4744 USBSTOR - ok
21:38:13.0953 4744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:38:13.0969 4744 usbuhci - ok
21:38:13.0984 4744 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:38:14.0016 4744 UxSms - ok
21:38:14.0047 4744 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:38:14.0047 4744 VaultSvc - ok
21:38:14.0078 4744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:38:14.0078 4744 vdrvroot - ok
21:38:14.0109 4744 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:38:14.0156 4744 vds - ok
21:38:14.0172 4744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:38:14.0187 4744 vga - ok
21:38:14.0203 4744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:38:14.0250 4744 VgaSave - ok
21:38:14.0250 4744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:38:14.0265 4744 vhdmp - ok
21:38:14.0281 4744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:38:14.0296 4744 viaide - ok
21:38:14.0312 4744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:38:14.0312 4744 volmgr - ok
21:38:14.0328 4744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:38:14.0343 4744 volmgrx - ok
21:38:14.0359 4744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:38:14.0374 4744 volsnap - ok
21:38:14.0390 4744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:38:14.0390 4744 vsmraid - ok
21:38:14.0468 4744 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:38:14.0530 4744 VSS - ok
21:38:14.0608 4744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:38:14.0624 4744 vwifibus - ok
21:38:14.0671 4744 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:38:14.0702 4744 W32Time - ok
21:38:14.0718 4744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:38:14.0733 4744 WacomPen - ok
21:38:14.0749 4744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:14.0780 4744 WANARP - ok
21:38:14.0780 4744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:14.0811 4744 Wanarpv6 - ok
21:38:14.0874 4744 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:38:14.0920 4744 wbengine - ok
21:38:14.0998 4744 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:38:14.0998 4744 WbioSrvc - ok
21:38:15.0030 4744 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:38:15.0061 4744 wcncsvc - ok
21:38:15.0076 4744 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:38:15.0108 4744 WcsPlugInService - ok
21:38:15.0154 4744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:38:15.0154 4744 Wd - ok
21:38:15.0201 4744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:38:15.0217 4744 Wdf01000 - ok
21:38:15.0217 4744 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:38:15.0295 4744 WdiServiceHost - ok
21:38:15.0295 4744 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:38:15.0310 4744 WdiSystemHost - ok
21:38:15.0326 4744 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:38:15.0357 4744 WebClient - ok
21:38:15.0373 4744 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:38:15.0420 4744 Wecsvc - ok
21:38:15.0435 4744 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:38:15.0466 4744 wercplsupport - ok
21:38:15.0466 4744 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:38:15.0498 4744 WerSvc - ok
21:38:15.0529 4744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:15.0560 4744 WfpLwf - ok
21:38:15.0576 4744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:38:15.0576 4744 WIMMount - ok
21:38:15.0591 4744 WinDefend - ok
21:38:15.0607 4744 WinHttpAutoProxySvc - ok
21:38:15.0654 4744 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:38:15.0685 4744 Winmgmt - ok
21:38:15.0763 4744 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:38:15.0810 4744 WinRM - ok
21:38:15.0919 4744 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:38:15.0966 4744 Wlansvc - ok
21:38:15.0981 4744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:38:15.0997 4744 WmiAcpi - ok
21:38:16.0059 4744 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:38:16.0075 4744 wmiApSrv - ok
21:38:16.0106 4744 WMPNetworkSvc - ok
21:38:16.0137 4744 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:38:16.0153 4744 WPCSvc - ok
21:38:16.0168 4744 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:38:16.0184 4744 WPDBusEnum - ok
21:38:16.0200 4744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:38:16.0231 4744 ws2ifsl - ok
21:38:16.0246 4744 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:38:16.0262 4744 wscsvc - ok
21:38:16.0278 4744 WSearch - ok
21:38:16.0387 4744 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:38:16.0418 4744 wuauserv - ok
21:38:16.0512 4744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:38:16.0543 4744 WudfPf - ok
21:38:16.0574 4744 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:38:16.0605 4744 wudfsvc - ok
21:38:16.0621 4744 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:38:16.0652 4744 WwanSvc - ok
21:38:16.0652 4744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:38:16.0917 4744 \Device\Harddisk0\DR0 - ok
21:38:16.0933 4744 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:38:17.0276 4744 \Device\Harddisk1\DR1 - ok
21:38:17.0276 4744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
21:38:17.0432 4744 \Device\Harddisk2\DR2 - ok
21:38:17.0448 4744 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
21:38:17.0869 4744 \Device\Harddisk3\DR3 - ok
21:38:17.0869 4744 Boot (0x1200) (6de87a4edb56d633388db54a2c8967dd) \Device\Harddisk0\DR0\Partition0
21:38:17.0869 4744 \Device\Harddisk0\DR0\Partition0 - ok
21:38:17.0884 4744 Boot (0x1200) (8a5a3918e6793055d9de2aa4b643e2d1) \Device\Harddisk0\DR0\Partition1
21:38:17.0884 4744 \Device\Harddisk0\DR0\Partition1 - ok
21:38:17.0884 4744 Boot (0x1200) (7554f17eee96dc433382177d27dbd872) \Device\Harddisk1\DR1\Partition0
21:38:17.0884 4744 \Device\Harddisk1\DR1\Partition0 - ok
21:38:17.0884 4744 Boot (0x1200) (39d41b5a734415299ce24e4cf5d5276e) \Device\Harddisk2\DR2\Partition0
21:38:17.0884 4744 \Device\Harddisk2\DR2\Partition0 - ok
21:38:17.0884 4744 Boot (0x1200) (e57cac9e1f39642ab0e809c1023e92db) \Device\Harddisk3\DR3\Partition0
21:38:17.0884 4744 \Device\Harddisk3\DR3\Partition0 - ok
21:38:17.0900 4744 ============================================================
21:38:17.0900 4744 Scan finished
21:38:17.0900 4744 ============================================================
21:38:17.0900 3952 Detected object count: 2
21:38:17.0900 3952 Actual detected object count: 2
21:38:57.0009 3952 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe - copied to quarantine
21:38:57.0009 3952 HKLM\SYSTEM\ControlSet001\services\FirebirdServerMAGIXInstance - will be deleted on reboot
21:38:57.0025 3952 HKLM\SYSTEM\ControlSet002\services\FirebirdServerMAGIXInstance - will be deleted on reboot
21:38:57.0259 3952 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe - will be deleted on reboot
21:38:57.0259 3952 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:38:57.0321 3952 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - copied to quarantine
21:38:57.0321 3952 HKLM\SYSTEM\ControlSet001\services\HiPatchService - will be deleted on reboot
21:38:57.0337 3952 HKLM\SYSTEM\ControlSet002\services\HiPatchService - will be deleted on reboot
21:38:57.0337 3952 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - will be deleted on reboot
21:38:57.0337 3952 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Delete
21:39:02.0859 2828 Deinitialize success
Geändert von brain123 (16.07.2012 um 20:42 Uhr) |
|
16.07.2012, 20:45
| #10 |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Sehr gut! Malware mit Combofix beseitigen Lade Combofix von einem der folgenden Download-Spiegel herunter: BleepingComputer.com - ForoSpyware.com und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig! Beachte die ausführliche Original-Anleitung. Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
Vorbereitung und wichtige Hinweise
Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen! |
|
16.07.2012, 21:15
| #11 |
| | Was tun nach "Live Security Platinum" Virus das ist auch fertig. hier die combofix-logdatei: Code:
ATTFilter ComboFix 12-07-16.01 - Philip 16.07.2012 21:58:55.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8137.6531 [GMT 2:00]
ausgeführt von:: c:\users\Philip\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
F:\Autorun.inf
G:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-16 bis 2012-07-16 ))))))))))))))))))))))))))))))
.
.
2012-07-16 20:02 . 2012-07-16 20:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-16 19:38 . 2012-07-16 19:38 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-16 15:56 . 2012-07-16 15:56 -------- d-----w- C:\_OTL
2012-07-15 18:38 . 2012-07-16 16:01 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-07-15 17:06 . 2012-07-15 17:06 -------- d-----w- c:\users\Philip\AppData\Roaming\Malwarebytes
2012-07-15 17:06 . 2012-07-15 17:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-15 17:06 . 2012-07-15 17:06 -------- d-----w- c:\programdata\Malwarebytes
2012-07-15 17:06 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-15 15:34 . 2012-07-15 15:36 -------- d-----w- c:\programdata\82C6692C02F24BB6E466B446F875F002
2012-07-13 20:16 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B71C855-676E-430E-82F8-26EE03E0DCDF}\mpengine.dll
2012-07-13 15:10 . 2012-07-14 00:56 -------- d-----w- c:\users\Philip\AppData\Roaming\vlc
2012-07-13 15:10 . 2012-07-13 15:10 -------- d-----w- c:\program files (x86)\VideoLAN
2012-07-13 14:59 . 2012-07-13 14:59 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2012-07-11 17:37 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 17:28 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 17:22 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-09 17:09 . 2012-07-09 17:09 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-07-08 23:29 . 2012-07-08 23:29 -------- d-----w- c:\program files (x86)\Common Files\Enterbrain
2012-07-08 23:28 . 2012-07-08 23:28 -------- d-----w- c:\program files (x86)\Enterbrain
2012-07-05 22:24 . 2012-07-15 17:45 -------- d-----w- c:\users\UpdatusUser
2012-07-05 22:23 . 2012-07-16 20:04 -------- d-----w- c:\programdata\NVIDIA
2012-07-05 22:23 . 2012-05-15 09:29 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-07-05 22:23 . 2012-05-15 09:29 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-07-05 22:23 . 2012-05-15 09:29 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-07-05 22:23 . 2012-05-15 09:29 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-07-05 22:23 . 2012-05-15 09:29 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-07-05 22:23 . 2012-05-15 09:29 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-07-05 22:23 . 2012-05-15 09:28 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-07-05 22:23 . 2012-05-15 10:48 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-07-05 22:23 . 2012-05-15 10:48 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-07-05 22:23 . 2012-07-05 22:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-07-05 22:22 . 2012-05-15 10:48 818496 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-07-05 22:22 . 2012-05-15 10:48 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-07-05 22:22 . 2012-05-15 10:48 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2012-07-05 22:22 . 2012-05-15 10:48 202048 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-07-05 22:22 . 2012-05-15 10:48 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-07-05 22:22 . 2012-05-15 10:48 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-07-05 22:22 . 2012-05-15 10:48 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-07-05 22:22 . 2012-04-18 17:08 31040 ----a-w- c:\windows\system32\nvhdap64.dll
2012-07-05 22:22 . 2012-04-18 17:08 188736 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2012-07-05 22:22 . 2012-04-18 17:08 1451840 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-07-03 16:03 . 2012-07-03 16:03 -------- d-----w- c:\users\Philip\AppData\Local\Chromium
2012-07-03 16:03 . 2012-07-03 16:03 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls
2012-07-03 16:00 . 2012-07-03 16:03 -------- d-----w- c:\programdata\Hi-Rez Studios
2012-07-03 16:00 . 2012-07-16 19:40 -------- d-----w- c:\program files (x86)\Hi-Rez Studios
2012-07-02 21:41 . 2012-07-02 21:41 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-07-01 23:20 . 2012-07-01 23:20 -------- d-----w- c:\users\Philip\AppData\Local\MAGIX
2012-07-01 23:20 . 2012-07-01 23:20 -------- d-----w- c:\users\Philip\AppData\Local\Xara
2012-07-01 23:20 . 2012-07-13 15:00 -------- d-----w- c:\users\Philip\AppData\Roaming\MAGIX
2012-07-01 23:17 . 2012-07-01 23:19 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2012-07-01 23:17 . 2012-07-01 23:31 -------- d-----w- c:\program files (x86)\MAGIX
2012-07-01 23:17 . 2012-07-13 15:00 -------- d-----w- c:\programdata\MAGIX
2012-07-01 23:17 . 2012-07-01 23:31 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2012-06-27 16:06 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-06-25 21:16 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-25 21:16 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-25 21:16 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-25 21:16 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-25 21:16 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-25 21:16 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-25 21:16 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-25 21:16 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-25 21:16 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-20 03:21 . 2012-06-20 03:21 -------- d-----w- c:\users\Philip\AppData\Roaming\OpenOffice.org
2012-06-20 03:21 . 2012-06-20 03:21 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 13:19 . 2012-04-18 22:35 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-16 13:19 . 2012-04-18 22:35 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-15 10:48 . 2012-04-17 23:28 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2012-04-17 23:28 25743168 ----a-w- c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-04-17 23:28 246592 ----a-w- c:\windows\system32\nvinitx.dll
2012-05-15 10:48 . 2012-04-17 23:28 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2012-04-17 23:28 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-05-15 10:48 . 2012-04-17 23:28 8139072 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-04-17 23:28 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-05-15 10:48 . 2012-04-17 23:28 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-04-17 23:28 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-04-17 23:28 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2012-04-17 23:28 2681664 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-04-17 23:28 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-05-15 10:48 . 2012-04-17 23:28 25248064 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-04-17 23:28 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-04-17 23:28 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-05-15 10:48 . 2012-04-17 23:28 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-04-17 23:28 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-05-15 10:48 . 2012-04-17 23:28 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-05-08 20:03 . 2012-04-17 19:02 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 20:03 . 2012-04-17 19:02 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-04 11:06 . 2012-06-13 21:28 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 21:28 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 21:28 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 21:28 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 21:28 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 21:28 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 21:28 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 21:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 21:28 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 21:28 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 21:28 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 21:28 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 21:28 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 21:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-18 15:06 . 2012-04-18 15:06 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-18 12:22 . 2012-04-18 12:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-17 23:20 . 2012-04-17 23:20 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-04-17 23:20 . 2012-04-17 23:20 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-04-17 23:20 . 2012-04-17 23:20 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-04-17 23:20 . 2012-04-17 23:20 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-04-17 23:20 . 2012-04-17 23:20 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-04-17 23:20 . 2012-04-17 23:20 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-04-17 23:20 . 2012-04-17 23:20 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-04-17 23:20 . 2012-04-17 23:20 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-04-17 23:20 . 2012-04-17 23:20 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-04-17 23:20 . 2012-04-17 23:20 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-04-17 23:20 . 2012-04-17 23:20 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-04-17 23:20 . 2012-04-17 23:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-04-17 23:20 . 2012-04-17 23:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-04-17 23:20 . 2012-04-17 23:20 448512 ----a-w- c:\windows\system32\html.iec
2012-04-17 23:20 . 2012-04-17 23:20 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-04-17 23:20 . 2012-04-17 23:20 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-04-17 23:20 . 2012-04-17 23:20 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-04-17 23:20 . 2012-04-17 23:20 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-04-17 23:20 . 2012-04-17 23:20 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-04-17 23:20 . 2012-04-17 23:20 222208 ----a-w- c:\windows\system32\msls31.dll
2012-04-17 23:20 . 2012-04-17 23:20 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-04-17 23:20 . 2012-04-17 23:20 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-04-17 23:20 . 2012-04-17 23:20 160256 ----a-w- c:\windows\system32\wextract.exe
2012-04-17 23:20 . 2012-04-17 23:20 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-04-17 23:20 . 2012-04-17 23:20 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-04-17 23:20 . 2012-04-17 23:20 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-04-17 23:20 . 2012-04-17 23:20 12288 ----a-w- c:\windows\system32\mshta.exe
2012-04-17 23:20 . 2012-04-17 23:20 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-04-17 23:20 . 2012-04-17 23:20 114176 ----a-w- c:\windows\system32\admparse.dll
2012-04-17 23:20 . 2012-04-17 23:20 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-04-17 23:20 . 2012-04-17 23:20 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-04-17 23:20 . 2012-04-17 23:20 101888 ----a-w- c:\windows\SysWow64\admparse.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-03 17417392]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-04-18 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-04-30 66320]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-06-17 3069752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\nr386reb.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-10019610.sys
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-16 22:08:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-16 20:08
.
Vor Suchlauf: 10 Verzeichnis(se), 899.135.885.312 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 898.741.817.344 Bytes frei
.
- - End Of File - - 1ED2114DAC96763BA358DF478856704E
und hier die add-remove-programs Code:
ATTFilter Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) - Deutsch Asmedia ASM104x USB 3.0 Host Controller Driver Avira Free Antivirus Combined Community Codec Pack 2011-11-11 Diablo III Emsisoft Anti-Malware erLT Firebird SQL Server - MAGIX Edition Hi-Rez Studios Authenticate and Update Service Java Auto Updater Java(TM) 6 Update 31 JMicron JMB36X Driver League of Legends MAGIX Screenshare MAGIX Speed burnR (MSI) MAGIX Video Pro X3 Malwarebytes Anti-Malware Version 1.62.0.1300 Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 13.0.1 (x86 de) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OpenOffice.org 3.4 Pando Media Booster Realtek Ethernet Controller Driver Realtek High Definition Audio Driver RPG MAKER VX Ace RPG MAKER VX Ace RTP Samplitude Music Studio 17 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Skype™ 5.10 StarCraft II Steam Tribes: Ascend Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VLC media player 2.0.2 Xiph.Org Open Codecs 0.85.17777 |
|
16.07.2012, 21:41
| #12 |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Sehr gut! Combofix deinstallieren Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking (Norton) und Anti-Malware Programme deaktivieren. Start => Ausführen => dort reinschreiben ComboFix /Uninstall => Enter drücken Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch daraus die Schädlinge verschwinden. Es wird ein neuer Systemwiederherstellungspunkt erstellt. Gleichzeitig setzt Combofix die Zeiteinstellungen wieder auf die Ursprungseinstellungen, und setzt die Systemeinstellungen wieder so zurück, dass Dateierweiterungen und Systemdateien versteckt sind, was Du bei Bedarf im Explorer unter Extras => Ordneroptionen aber wieder ändern bzw. Deinen persönlichen Vorlieben entsprechend anpassen kannst. Bitte danach: http://www.trojaner-board.de/72874-s...eparieren.html |
|
16.07.2012, 22:02
| #13 |
| | Was tun nach "Live Security Platinum" Virus Ich habe jetzt Combofix deinstalliert und bei der Systemprüfung wurden keine Integritätsfehler gefunden. Das heißt, der Pc+die externen sind jetzt sauber? Edit: Ah und im Firefox ist momentan das flashplugin nicht drauf. einfach wieder installieren oder? Geändert von brain123 (16.07.2012 um 22:22 Uhr) |
|
17.07.2012, 16:49
| #14 | |
| /// Helfer-Team | Was tun nach "Live Security Platinum" Virus Sehr gut! damit bist Du sauber und entlassen!  Zitat:
Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
Lektuere zum abarbeiten: http://www.trojaner-board.de/90880-d...tallation.html http://www.trojaner-board.de/105213-...tellungen.html PluginCheck http://www.trojaner-board.de/96344-a...-rechners.html Secunia Online Software Inspector http://www.trojaner-board.de/71715-k...iendungen.html http://www.trojaner-board.de/83238-a...sschalten.html |
|
18.07.2012, 21:14
| #15 |
| | Was tun nach "Live Security Platinum" Virus Ersteinmal vielen Dank für die Hilfe. Ich weiß nicht so genau, ob ich das noch hier rein posten soll, oder einen neuen Thread machen soll. An sich funktioniert der Pc so, wie er soll, nur im Laufe des Tages wurden heute 2 Viren von Antivir gefunden (tr/crypt.epack.gen8, und noch einer). Dann habe ich ca 30 minuten später nochmal den Antivir Scan laufen lassen, der dann 2 Funde hatte. Die sind erstmal in der Qarantäne. Ausschnitt aus dem Report von Antivir: Code:
ATTFilter Beginne mit der Desinfektion:
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{9D34463F-A443-0178-EE98-2322DD60353A}-~!#1805.tmp
[FUND] Ist das Trojanische Pferd TR/Rogue.KD.672857
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5589b597.qua' verschoben!
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{92404E29-834F-6F84-01C9-9DB5DCB67FA8}-~!#1805.tmp
[FUND] Ist das Trojanische Pferd TR/Rogue.KD.672857
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d6c9a30.qua' verschoben!
Wenn ich einen neuen Thread machen soll, einfach sagen. |
|
| Themen zu Was tun nach "Live Security Platinum" Virus |
| beendet, emsisoft, entfernt, erkannt, explorer, externe festplatte, fehler, festplatte, festplatten, internet, live, malwarebytes, modus, netzwerk, platinum, programme, prüfen, scan, scannen, security, system, tan, verseucht, virus, windows, windows 7, windows 7 64 bit |
Linear-Darstellung
