| |
| |||||||
Log-Analyse und Auswertung: Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.08.2012, 21:58
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Firmenrechner werden hier eigentlich nicht bereinigt Siehe => http://www.trojaner-board.de/108422-...-anfragen.html Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.08.2012, 22:52
| #17 |
 | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Hallo cosinus,
__________________sorry, das mit dem Firmenrechner hatte ich nicht gelesen, meine Firma hat keine IT-Abteilung (außer mir) und der einzige Mitarbeiter, den ich habe, der etwas mehr Ahnung als ich hat, empfahl mir dieses Forum, weil er auch nicht wusste, was wir machen sollten, außer den Rechner neu aufzusetzen. Falls es anders ginge, wäre dies gut, wenn ihr in dem Fall nichts machen wollt, ist es auch ok, kurze Antwort wäre nett. Besten Dank für die Hilfe bisher, Lutz |
|
21.08.2012, 13:23
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Dann machen wir eine Ausnahme, ich bin aber nur noch heute für ein paar Stunden da, dann erst wieder kann am 30.08. antworten
__________________Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2016174801-281377585-634588873-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2016174801-281377585-634588873-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-2016174801-281377585-634588873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\Shell - "" = AutoRun
O33 - MountPoints2\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
:Files
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\L
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\U
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\n
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\@
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\L
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\U
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\n
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\@
C:\Users\ls\AppData\Roaming\11007
C:\Users\ls\AppData\Roaming\11008
C:\Users\ls\AppData\Roaming\kock
C:\Users\ls\AppData\Roaming\UAs
C:\Users\ls\AppData\Roaming\xmldm
C:\Users\ls1\AppData\Roaming\11007
C:\Users\ls1\AppData\Roaming\11008
C:\Users\ls1\AppData\Roaming\kock
C:\Users\ls1\AppData\Roaming\UAs
C:\Users\ls1\AppData\Roaming\xmldm
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
21.08.2012, 14:40
| #19 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Hallo Cosinus, danke für die Ausnahme und die weitere Hilfe, hier ist das Log Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2016174801-281377585-634588873-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-2016174801-281377585-634588873-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk moved successfully.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2016174801-281377585-634588873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f479f46-9f1f-11e1-9dcf-3859f9f6821d}\ not found.
File F:\LaunchU3.exe -a not found.
========== FILES ==========
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\L folder moved successfully.
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\U folder moved successfully.
File\Folder C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\n not found.
C:\Windows\Installer\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\@ moved successfully.
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\L folder moved successfully.
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\U folder moved successfully.
File\Folder C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\n not found.
C:\Users\ls\AppData\Local\{98ca87a9-ae14-e6ea-61a1-b9ae46f3c625}\@ moved successfully.
C:\Users\ls\AppData\Roaming\11007\components folder moved successfully.
C:\Users\ls\AppData\Roaming\11007 folder moved successfully.
C:\Users\ls\AppData\Roaming\11008\components folder moved successfully.
C:\Users\ls\AppData\Roaming\11008 folder moved successfully.
C:\Users\ls\AppData\Roaming\kock folder moved successfully.
C:\Users\ls\AppData\Roaming\UAs folder moved successfully.
C:\Users\ls\AppData\Roaming\xmldm folder moved successfully.
File\Folder C:\Users\ls1\AppData\Roaming\11007 not found.
File\Folder C:\Users\ls1\AppData\Roaming\11008 not found.
File\Folder C:\Users\ls1\AppData\Roaming\kock not found.
File\Folder C:\Users\ls1\AppData\Roaming\UAs not found.
C:\Users\ls1\AppData\Roaming\xmldm folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\ls\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\ls1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ls
->Temp folder emptied: 5295 bytes
->Temporary Internet Files folder emptied: 336005954 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 498289987 bytes
->Flash cache emptied: 210258 bytes
User: ls1
->Temp folder emptied: 2172098 bytes
->Temporary Internet Files folder emptied: 739837317 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 376236345 bytes
->Flash cache emptied: 62425 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 99844 bytes
Session Manager Temp folder emptied: 412802145 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50112935 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 750 bytes
RecycleBin emptied: 17604178860 bytes
Total Files Cleaned = 19,093.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: ls
->Flash cache emptied: 0 bytes
User: ls1
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.57.0 log created on 08212012_151637
Files\Folders moved on Reboot...
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk not found!
D:\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk not found!
File D:\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
30.08.2012, 10:45
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 00:48
| #21 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Hallo cosinus, hoffe, du hattest einen netten Urlaub, danke für die Fortsetzung, hier das Log von TDSS. Viele Grüße, Lutz Code:
ATTFilter 01:24:11.0989 9716 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
01:24:12.0036 9716 ============================================================
01:24:12.0036 9716 Current date / time: 2012/08/31 01:24:12.0036
01:24:12.0036 9716 SystemInfo:
01:24:12.0036 9716
01:24:12.0036 9716 OS Version: 6.1.7601 ServicePack: 1.0
01:24:12.0036 9716 Product type: Workstation
01:24:12.0036 9716 ComputerName: NBLS
01:24:12.0036 9716 UserName: ls
01:24:12.0036 9716 Windows directory: C:\Windows
01:24:12.0036 9716 System windows directory: C:\Windows
01:24:12.0036 9716 Running under WOW64
01:24:12.0036 9716 Processor architecture: Intel x64
01:24:12.0036 9716 Number of processors: 4
01:24:12.0036 9716 Page size: 0x1000
01:24:12.0036 9716 Boot type: Normal boot
01:24:12.0036 9716 ============================================================
01:24:14.0812 9716 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:24:14.0828 9716 ============================================================
01:24:14.0828 9716 \Device\Harddisk0\DR0:
01:24:14.0844 9716 MBR partitions:
01:24:14.0859 9716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x41C800, BlocksNum 0x4E20000
01:24:14.0875 9716 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x523D000, BlocksNum 0x1388000
01:24:14.0890 9716 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x65C6A72, BlocksNum 0x318A2BD9
01:24:14.0937 9716 ============================================================
01:24:14.0984 9716 C: <-> \Device\Harddisk0\DR0\Partition1
01:24:15.0015 9716 D: <-> \Device\Harddisk0\DR0\Partition3
01:24:15.0031 9716 ============================================================
01:24:15.0031 9716 Initialize success
01:24:15.0031 9716 ============================================================
01:25:34.0482 10504 ============================================================
01:25:34.0482 10504 Scan started
01:25:34.0482 10504 Mode: Manual; SigCheck; TDLFS;
01:25:34.0482 10504 ============================================================
01:25:37.0976 10504 ================ Scan services =============================
01:25:38.0101 10504 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:25:38.0351 10504 1394ohci - ok
01:25:38.0366 10504 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:25:38.0382 10504 ACPI - ok
01:25:38.0397 10504 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:25:38.0475 10504 AcpiPmi - ok
01:25:38.0491 10504 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:25:38.0507 10504 adp94xx - ok
01:25:38.0522 10504 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:25:38.0538 10504 adpahci - ok
01:25:38.0538 10504 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:25:38.0553 10504 adpu320 - ok
01:25:38.0585 10504 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:25:38.0741 10504 AeLookupSvc - ok
01:25:38.0772 10504 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:25:38.0819 10504 AFD - ok
01:25:38.0865 10504 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
01:25:38.0928 10504 AgereSoftModem - ok
01:25:38.0959 10504 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:25:38.0959 10504 agp440 - ok
01:25:38.0975 10504 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:25:39.0006 10504 ALG - ok
01:25:39.0037 10504 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:25:39.0037 10504 aliide - ok
01:25:39.0037 10504 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:25:39.0053 10504 amdide - ok
01:25:39.0053 10504 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:25:39.0084 10504 AmdK8 - ok
01:25:39.0099 10504 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:25:39.0162 10504 AmdPPM - ok
01:25:39.0193 10504 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:25:39.0193 10504 amdsata - ok
01:25:39.0209 10504 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:25:39.0224 10504 amdsbs - ok
01:25:39.0224 10504 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:25:39.0240 10504 amdxata - ok
01:25:39.0302 10504 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
01:25:39.0333 10504 AntiVirMailService - ok
01:25:39.0365 10504 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
01:25:39.0365 10504 AntiVirSchedulerService - ok
01:25:39.0396 10504 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
01:25:39.0396 10504 AntiVirService - ok
01:25:39.0427 10504 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
01:25:39.0427 10504 AntiVirWebService - ok
01:25:39.0474 10504 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:25:39.0614 10504 AppID - ok
01:25:39.0630 10504 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:25:39.0661 10504 AppIDSvc - ok
01:25:39.0692 10504 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:25:39.0723 10504 Appinfo - ok
01:25:39.0770 10504 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
01:25:39.0817 10504 AppMgmt - ok
01:25:39.0848 10504 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
01:25:39.0848 10504 arc - ok
01:25:39.0864 10504 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:25:39.0879 10504 arcsas - ok
01:25:39.0973 10504 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:25:40.0004 10504 aspnet_state - ok
01:25:40.0020 10504 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:25:40.0051 10504 AsyncMac - ok
01:25:40.0067 10504 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:25:40.0067 10504 atapi - ok
01:25:40.0176 10504 [ FA47E65AA0C1DBC6DFEB7E9C6F12A5EA ] ATService C:\Program Files\Fingerprint Sensor\ATService.exe
01:25:40.0238 10504 ATService - ok
01:25:40.0285 10504 [ 4131DABB573D70FDA332A55F206F6CFF ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
01:25:40.0316 10504 ATSwpWDF - ok
01:25:40.0363 10504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:25:40.0410 10504 AudioEndpointBuilder - ok
01:25:40.0425 10504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:25:40.0457 10504 AudioSrv - ok
01:25:40.0488 10504 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
01:25:40.0503 10504 avgntflt - ok
01:25:40.0519 10504 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
01:25:40.0519 10504 avipbb - ok
01:25:40.0550 10504 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
01:25:40.0550 10504 avkmgr - ok
01:25:40.0581 10504 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:25:40.0644 10504 AxInstSV - ok
01:25:40.0691 10504 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:25:40.0737 10504 b06bdrv - ok
01:25:40.0753 10504 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:25:40.0784 10504 b57nd60a - ok
01:25:40.0831 10504 [ 6F29CA4EA1DB1888016EB22ADAE4227D ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
01:25:40.0847 10504 bcbtums - ok
01:25:40.0878 10504 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:25:40.0925 10504 BDESVC - ok
01:25:40.0925 10504 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:25:40.0956 10504 Beep - ok
01:25:40.0987 10504 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
01:25:41.0018 10504 blbdrive - ok
01:25:41.0034 10504 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:25:41.0081 10504 bowser - ok
01:25:41.0112 10504 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:25:41.0127 10504 BrFiltLo - ok
01:25:41.0143 10504 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:25:41.0159 10504 BrFiltUp - ok
01:25:41.0190 10504 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
01:25:41.0237 10504 Browser - ok
01:25:41.0252 10504 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:25:41.0268 10504 Brserid - ok
01:25:41.0283 10504 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:25:41.0299 10504 BrSerWdm - ok
01:25:41.0315 10504 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:25:41.0346 10504 BrUsbMdm - ok
01:25:41.0346 10504 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:25:41.0361 10504 BrUsbSer - ok
01:25:41.0393 10504 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
01:25:41.0455 10504 BthEnum - ok
01:25:41.0471 10504 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:25:41.0502 10504 BTHMODEM - ok
01:25:41.0517 10504 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:25:41.0549 10504 BthPan - ok
01:25:41.0564 10504 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
01:25:41.0595 10504 BTHPORT - ok
01:25:41.0627 10504 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:25:41.0658 10504 bthserv - ok
01:25:41.0673 10504 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
01:25:41.0705 10504 BTHUSB - ok
01:25:41.0767 10504 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
01:25:41.0783 10504 BTWAMPFL - ok
01:25:41.0798 10504 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
01:25:41.0814 10504 btwaudio - ok
01:25:41.0829 10504 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
01:25:41.0845 10504 btwavdt - ok
01:25:41.0907 10504 [ 36E3016BEDC45274E00E2943B591AEEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
01:25:41.0939 10504 btwdins - ok
01:25:41.0939 10504 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
01:25:41.0954 10504 btwl2cap - ok
01:25:41.0954 10504 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
01:25:41.0970 10504 btwrchid - ok
01:25:41.0985 10504 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:25:42.0032 10504 cdfs - ok
01:25:42.0048 10504 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:25:42.0079 10504 cdrom - ok
01:25:42.0095 10504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:25:42.0141 10504 CertPropSvc - ok
01:25:42.0173 10504 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
01:25:42.0188 10504 circlass - ok
01:25:42.0219 10504 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:25:42.0219 10504 CLFS - ok
01:25:42.0282 10504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:25:42.0282 10504 clr_optimization_v2.0.50727_32 - ok
01:25:42.0329 10504 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:25:42.0329 10504 clr_optimization_v2.0.50727_64 - ok
01:25:42.0375 10504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:25:42.0438 10504 clr_optimization_v4.0.30319_32 - ok
01:25:42.0469 10504 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:25:42.0485 10504 clr_optimization_v4.0.30319_64 - ok
01:25:42.0500 10504 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
01:25:42.0531 10504 CmBatt - ok
01:25:42.0547 10504 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:25:42.0563 10504 cmdide - ok
01:25:42.0594 10504 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:25:42.0656 10504 CNG - ok
01:25:42.0672 10504 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:25:42.0672 10504 Compbatt - ok
01:25:42.0703 10504 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:25:42.0719 10504 CompositeBus - ok
01:25:42.0719 10504 COMSysApp - ok
01:25:42.0734 10504 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:25:42.0734 10504 crcdisk - ok
01:25:42.0765 10504 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:25:42.0828 10504 CryptSvc - ok
01:25:42.0859 10504 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
01:25:42.0921 10504 CSC - ok
01:25:42.0953 10504 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
01:25:42.0984 10504 CscService - ok
01:25:43.0015 10504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:25:43.0109 10504 DcomLaunch - ok
01:25:43.0124 10504 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:25:43.0155 10504 defragsvc - ok
01:25:43.0171 10504 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:25:43.0218 10504 DfsC - ok
01:25:43.0249 10504 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:25:43.0296 10504 Dhcp - ok
01:25:43.0311 10504 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:25:43.0358 10504 discache - ok
01:25:43.0374 10504 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
01:25:43.0389 10504 Disk - ok
01:25:43.0421 10504 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
01:25:43.0467 10504 dmvsc - ok
01:25:43.0499 10504 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:25:43.0545 10504 Dnscache - ok
01:25:43.0561 10504 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:25:43.0592 10504 dot3svc - ok
01:25:43.0639 10504 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:25:43.0670 10504 DPS - ok
01:25:43.0701 10504 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:25:43.0717 10504 drmkaud - ok
01:25:43.0733 10504 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:25:43.0764 10504 DXGKrnl - ok
01:25:43.0795 10504 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
01:25:43.0811 10504 e1cexpress - ok
01:25:43.0826 10504 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:25:43.0857 10504 EapHost - ok
01:25:43.0935 10504 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:25:44.0013 10504 ebdrv - ok
01:25:44.0045 10504 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:25:44.0091 10504 EFS - ok
01:25:44.0154 10504 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:25:44.0232 10504 ehRecvr - ok
01:25:44.0232 10504 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:25:44.0263 10504 ehSched - ok
01:25:44.0294 10504 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:25:44.0310 10504 elxstor - ok
01:25:44.0325 10504 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:25:44.0341 10504 ErrDev - ok
01:25:44.0372 10504 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:25:44.0419 10504 EventSystem - ok
01:25:44.0513 10504 [ 7A526761229C10B0D8508B905F0FEE4C ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
01:25:44.0544 10504 EvtEng - ok
01:25:44.0575 10504 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:25:44.0606 10504 exfat - ok
01:25:44.0653 10504 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:25:44.0684 10504 fastfat - ok
01:25:44.0731 10504 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:25:44.0871 10504 Fax - ok
01:25:44.0918 10504 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
01:25:44.0918 10504 FBIOSDRV - ok
01:25:44.0965 10504 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
01:25:45.0027 10504 fdc - ok
01:25:45.0059 10504 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:25:45.0090 10504 fdPHost - ok
01:25:45.0090 10504 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:25:45.0121 10504 FDResPub - ok
01:25:45.0137 10504 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:25:45.0152 10504 FileInfo - ok
01:25:45.0152 10504 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:25:45.0183 10504 Filetrace - ok
01:25:45.0215 10504 [ 2FA407147F273D7852FEB7BDA71E54E1 ] FJGSDisk C:\Windows\system32\DRIVERS\FJGSDisk.sys
01:25:45.0230 10504 FJGSDisk - ok
01:25:45.0246 10504 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:25:45.0246 10504 flpydisk - ok
01:25:45.0261 10504 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:25:45.0277 10504 FltMgr - ok
01:25:45.0293 10504 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:25:45.0355 10504 FontCache - ok
01:25:45.0402 10504 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:25:45.0417 10504 FontCache3.0.0.0 - ok
01:25:45.0433 10504 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:25:45.0433 10504 FsDepends - ok
01:25:45.0464 10504 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:25:45.0464 10504 Fs_Rec - ok
01:25:45.0480 10504 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\drivers\FUJ02B1.sys
01:25:45.0527 10504 FUJ02B1 - ok
01:25:45.0542 10504 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
01:25:45.0573 10504 FUJ02E3 - ok
01:25:45.0589 10504 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:25:45.0589 10504 fvevol - ok
01:25:45.0620 10504 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:25:45.0636 10504 gagp30kx - ok
01:25:45.0714 10504 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
01:25:45.0714 10504 GoogleDesktopManager-060409-093314 - ok
01:25:45.0761 10504 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:25:45.0807 10504 gpsvc - ok
01:25:45.0839 10504 [ FB9AD1E93E445AB84594931B8552501A ] guardian2 C:\Windows\system32\Drivers\oz776x64.sys
01:25:45.0870 10504 guardian2 - ok
01:25:45.0901 10504 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:25:45.0932 10504 hcw85cir - ok
01:25:45.0948 10504 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:25:45.0979 10504 HdAudAddService - ok
01:25:45.0995 10504 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:25:46.0010 10504 HDAudBus - ok
01:25:46.0026 10504 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:25:46.0041 10504 HidBatt - ok
01:25:46.0073 10504 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:25:46.0088 10504 HidBth - ok
01:25:46.0104 10504 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
01:25:46.0119 10504 HidIr - ok
01:25:46.0135 10504 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:25:46.0182 10504 hidserv - ok
01:25:46.0213 10504 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:25:46.0213 10504 HidUsb - ok
01:25:46.0260 10504 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:25:46.0291 10504 hkmsvc - ok
01:25:46.0307 10504 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:25:46.0369 10504 HomeGroupListener - ok
01:25:46.0400 10504 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:25:46.0431 10504 HomeGroupProvider - ok
01:25:46.0447 10504 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:25:46.0447 10504 HpSAMD - ok
01:25:46.0478 10504 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:25:46.0525 10504 HTTP - ok
01:25:46.0541 10504 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:25:46.0541 10504 hwpolicy - ok
01:25:46.0572 10504 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:25:46.0572 10504 i8042prt - ok
01:25:46.0603 10504 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys
01:25:46.0619 10504 iaStor - ok
01:25:46.0650 10504 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:25:46.0665 10504 iaStorV - ok
01:25:46.0728 10504 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:25:46.0743 10504 idsvc - ok
01:25:46.0931 10504 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:25:47.0227 10504 igfx - ok
01:25:47.0243 10504 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:25:47.0243 10504 iirsp - ok
01:25:47.0289 10504 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:25:47.0336 10504 IKEEXT - ok
01:25:47.0367 10504 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
01:25:47.0383 10504 intaud_WaveExtensible - ok
01:25:47.0445 10504 [ D492D3B5A8DDDE1D6621A8C53855EABF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:25:47.0523 10504 IntcAzAudAddService - ok
01:25:47.0555 10504 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
01:25:47.0586 10504 IntcDAud - ok
01:25:47.0601 10504 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:25:47.0601 10504 intelide - ok
01:25:47.0633 10504 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:25:47.0648 10504 intelppm - ok
01:25:47.0695 10504 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:25:47.0711 10504 IPBusEnum - ok
01:25:47.0726 10504 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:25:47.0757 10504 IpFilterDriver - ok
01:25:47.0789 10504 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:25:47.0804 10504 IPMIDRV - ok
01:25:47.0851 10504 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:25:47.0882 10504 IPNAT - ok
01:25:47.0929 10504 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:25:47.0945 10504 IRENUM - ok
01:25:47.0960 10504 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:25:47.0960 10504 isapnp - ok
01:25:47.0976 10504 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:25:47.0991 10504 iScsiPrt - ok
01:25:48.0023 10504 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
01:25:48.0038 10504 iwdbus - ok
01:25:48.0038 10504 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:25:48.0054 10504 kbdclass - ok
01:25:48.0069 10504 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:25:48.0085 10504 kbdhid - ok
01:25:48.0101 10504 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:25:48.0101 10504 KeyIso - ok
01:25:48.0132 10504 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:25:48.0132 10504 KSecDD - ok
01:25:48.0147 10504 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:25:48.0163 10504 KSecPkg - ok
01:25:48.0179 10504 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:25:48.0210 10504 ksthunk - ok
01:25:48.0257 10504 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:25:48.0288 10504 KtmRm - ok
01:25:48.0319 10504 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:25:48.0350 10504 LanmanServer - ok
01:25:48.0381 10504 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:25:48.0413 10504 LanmanWorkstation - ok
01:25:48.0459 10504 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
01:25:48.0475 10504 LHidFilt - ok
01:25:48.0537 10504 [ F3CA8234F60EBA24604B5A9390D2FED5 ] LIDIS 3 Service C:\Program Files (x86)\LIDIS 3\Bin\srvany.exe
01:25:48.0553 10504 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - warning
01:25:48.0553 10504 LIDIS 3 Service - detected UnsignedFile.Multi.Generic (1)
01:25:48.0584 10504 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:25:48.0615 10504 lltdio - ok
01:25:48.0662 10504 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:25:48.0709 10504 lltdsvc - ok
01:25:48.0740 10504 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:25:48.0756 10504 lmhosts - ok
01:25:48.0787 10504 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
01:25:48.0787 10504 LMouFilt - ok
01:25:48.0865 10504 [ A63B719F4F8657F3FCD84436D09378C8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:25:48.0881 10504 LMS - ok
01:25:48.0912 10504 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:25:48.0912 10504 LSI_FC - ok
01:25:48.0943 10504 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:25:48.0943 10504 LSI_SAS - ok
01:25:48.0959 10504 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:25:48.0959 10504 LSI_SAS2 - ok
01:25:48.0974 10504 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:25:48.0974 10504 LSI_SCSI - ok
01:25:48.0990 10504 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:25:49.0021 10504 luafv - ok
01:25:49.0083 10504 [ 11DDB1D900078FBE3691DF7B878AEC28 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
01:25:49.0083 10504 LUsbFilt - ok
01:25:49.0130 10504 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:25:49.0130 10504 MBAMProtector - ok
01:25:49.0177 10504 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:25:49.0193 10504 MBAMService - ok
01:25:49.0239 10504 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:25:49.0255 10504 Mcx2Svc - ok
01:25:49.0255 10504 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
01:25:49.0271 10504 megasas - ok
01:25:49.0286 10504 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:25:49.0302 10504 MegaSR - ok
01:25:49.0333 10504 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:25:49.0333 10504 MEIx64 - ok
01:25:49.0364 10504 [ 3048A72A85B31BA3980499B93B93CD30 ] mircap C:\Windows\system32\DRIVERS\mircap.sys
01:25:49.0395 10504 mircap - ok
01:25:49.0411 10504 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:25:49.0442 10504 MMCSS - ok
01:25:49.0489 10504 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:25:49.0520 10504 Modem - ok
01:25:49.0567 10504 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:25:49.0583 10504 monitor - ok
01:25:49.0598 10504 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:25:49.0614 10504 mouclass - ok
01:25:49.0629 10504 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:25:49.0645 10504 mouhid - ok
01:25:49.0661 10504 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:25:49.0661 10504 mountmgr - ok
01:25:49.0676 10504 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:25:49.0692 10504 mpio - ok
01:25:49.0707 10504 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:25:49.0723 10504 mpsdrv - ok
01:25:49.0739 10504 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:25:49.0770 10504 MRxDAV - ok
01:25:49.0785 10504 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:25:49.0832 10504 mrxsmb - ok
01:25:49.0863 10504 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:25:49.0863 10504 mrxsmb10 - ok
01:25:49.0879 10504 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:25:49.0895 10504 mrxsmb20 - ok
01:25:49.0910 10504 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:25:49.0910 10504 msahci - ok
01:25:49.0926 10504 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:25:49.0941 10504 msdsm - ok
01:25:49.0957 10504 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:25:49.0973 10504 MSDTC - ok
01:25:50.0004 10504 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:25:50.0019 10504 Msfs - ok
01:25:50.0035 10504 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:25:50.0222 10504 mshidkmdf - ok
01:25:50.0238 10504 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:25:50.0238 10504 msisadrv - ok
01:25:50.0269 10504 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:25:50.0300 10504 MSiSCSI - ok
01:25:50.0300 10504 msiserver - ok
01:25:50.0331 10504 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:25:50.0347 10504 MSKSSRV - ok
01:25:50.0363 10504 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:25:50.0394 10504 MSPCLOCK - ok
01:25:50.0394 10504 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:25:50.0425 10504 MSPQM - ok
01:25:50.0456 10504 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:25:50.0472 10504 MsRPC - ok
01:25:50.0487 10504 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:25:50.0487 10504 mssmbios - ok
01:25:50.0503 10504 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:25:50.0519 10504 MSTEE - ok
01:25:50.0534 10504 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:25:50.0550 10504 MTConfig - ok
01:25:50.0581 10504 [ 258779453979AE1A89CB466C8B61176F ] mtpaudio C:\Windows\system32\DRIVERS\mtpaudio.sys
01:25:50.0612 10504 mtpaudio - ok
01:25:50.0612 10504 [ 985CAACFFC429E0719D08E550B4F0982 ] mtvpbus C:\Windows\system32\DRIVERS\mtvpbus.sys
01:25:50.0643 10504 mtvpbus - ok
01:25:50.0659 10504 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:25:50.0659 10504 Mup - ok
01:25:50.0706 10504 [ 95D193CAE3C4D575D88B6D93DDCD60D3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
01:25:50.0721 10504 MyWiFiDHCPDNS - ok
01:25:50.0737 10504 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:25:50.0784 10504 napagent - ok
01:25:50.0799 10504 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:25:50.0831 10504 NativeWifiP - ok
01:25:50.0862 10504 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:25:50.0893 10504 NDIS - ok
01:25:50.0909 10504 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:25:50.0940 10504 NdisCap - ok
01:25:50.0971 10504 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:25:51.0002 10504 NdisTapi - ok
01:25:51.0018 10504 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:25:51.0049 10504 Ndisuio - ok
01:25:51.0065 10504 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:25:51.0096 10504 NdisWan - ok
01:25:51.0111 10504 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:25:51.0158 10504 NDProxy - ok
01:25:51.0236 10504 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
01:25:51.0267 10504 Nero BackItUp Scheduler 4.0 - ok
01:25:51.0299 10504 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:25:51.0330 10504 NetBIOS - ok
01:25:51.0345 10504 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:25:51.0377 10504 NetBT - ok
01:25:51.0392 10504 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:25:51.0408 10504 Netlogon - ok
01:25:51.0423 10504 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:25:51.0455 10504 Netman - ok
01:25:51.0470 10504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:51.0501 10504 NetMsmqActivator - ok
01:25:51.0501 10504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:51.0501 10504 NetPipeActivator - ok
01:25:51.0533 10504 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:25:51.0564 10504 netprofm - ok
01:25:51.0564 10504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:51.0564 10504 NetTcpActivator - ok
01:25:51.0564 10504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:51.0579 10504 NetTcpPortSharing - ok
01:25:51.0720 10504 [ 8ADAA4CC125EC1A1CB66E363DF531CC4 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
01:25:51.0907 10504 NETwNs64 - ok
01:25:51.0923 10504 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:25:51.0938 10504 nfrd960 - ok
01:25:51.0954 10504 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:25:51.0985 10504 NlaSvc - ok
01:25:52.0001 10504 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:25:52.0032 10504 Npfs - ok
01:25:52.0047 10504 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:25:52.0063 10504 nsi - ok
01:25:52.0079 10504 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:25:52.0110 10504 nsiproxy - ok
01:25:52.0157 10504 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:25:52.0203 10504 Ntfs - ok
01:25:52.0219 10504 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:25:52.0235 10504 Null - ok
01:25:52.0266 10504 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
01:25:52.0297 10504 nusb3hub - ok
01:25:52.0313 10504 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
01:25:52.0328 10504 nusb3xhc - ok
01:25:52.0344 10504 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:25:52.0344 10504 nvraid - ok
01:25:52.0375 10504 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:25:52.0391 10504 nvstor - ok
01:25:52.0406 10504 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:25:52.0406 10504 nv_agp - ok
01:25:52.0422 10504 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:25:52.0437 10504 ohci1394 - ok
01:25:52.0484 10504 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:25:52.0484 10504 ose - ok
01:25:52.0515 10504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:25:52.0547 10504 p2pimsvc - ok
01:25:52.0562 10504 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:25:52.0593 10504 p2psvc - ok
01:25:52.0625 10504 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
01:25:52.0625 10504 Parport - ok
01:25:52.0640 10504 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:25:52.0656 10504 partmgr - ok
01:25:52.0671 10504 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:25:52.0703 10504 PcaSvc - ok
01:25:52.0718 10504 [ B26E102E0F54773119B162F56C9DD994 ] pci C:\Windows\system32\drivers\pci.sys
01:25:52.0718 10504 pci - ok
01:25:52.0734 10504 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:25:52.0734 10504 pciide - ok
01:25:52.0749 10504 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:25:52.0765 10504 pcmcia - ok
01:25:52.0781 10504 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:25:52.0781 10504 pcw - ok
01:25:52.0796 10504 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:25:52.0859 10504 PEAUTH - ok
01:25:52.0905 10504 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:25:52.0968 10504 PeerDistSvc - ok
01:25:53.0030 10504 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:25:53.0046 10504 PerfHost - ok
01:25:53.0108 10504 [ 6CE8BB00A615A4F3FA2F36FDB2EF4EFA ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
01:25:53.0124 10504 PFNService ( UnsignedFile.Multi.Generic ) - warning
01:25:53.0124 10504 PFNService - detected UnsignedFile.Multi.Generic (1)
01:25:53.0186 10504 [ 9FEAB474189E6FE97CFF1195C09CD1B3 ] PJDrv C:\Program Files (x86)\Panasonic\Wireless Manager ME4.5\PJDrv.sys
01:25:53.0202 10504 PJDrv ( UnsignedFile.Multi.Generic ) - warning
01:25:53.0202 10504 PJDrv - detected UnsignedFile.Multi.Generic (1)
01:25:53.0249 10504 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:25:53.0295 10504 pla - ok
01:25:53.0342 10504 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:25:53.0389 10504 PlugPlay - ok
01:25:53.0405 10504 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:25:53.0420 10504 PNRPAutoReg - ok
01:25:53.0436 10504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:25:53.0451 10504 PNRPsvc - ok
01:25:53.0467 10504 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
01:25:53.0483 10504 Point64 - ok
01:25:53.0514 10504 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:25:53.0545 10504 PolicyAgent - ok
01:25:53.0576 10504 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
01:25:53.0607 10504 Power - ok
01:25:53.0639 10504 [ 76FF4836EFA78DBF3F39F612D88CA7E7 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
01:25:53.0639 10504 PowerSavingUtilityService - ok
01:25:53.0670 10504 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:25:53.0701 10504 PptpMiniport - ok
01:25:53.0717 10504 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
01:25:53.0748 10504 Processor - ok
01:25:53.0763 10504 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:25:53.0795 10504 ProfSvc - ok
01:25:53.0810 10504 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:25:53.0810 10504 ProtectedStorage - ok
01:25:53.0826 10504 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:25:53.0857 10504 Psched - ok
01:25:53.0904 10504 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
01:25:53.0904 10504 PSI_SVC_2 - ok
01:25:53.0935 10504 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:25:53.0982 10504 ql2300 - ok
01:25:53.0997 10504 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:25:53.0997 10504 ql40xx - ok
01:25:54.0029 10504 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:25:54.0044 10504 QWAVE - ok
01:25:54.0044 10504 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:25:54.0075 10504 QWAVEdrv - ok
01:25:54.0138 10504 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
01:25:54.0153 10504 RapiMgr - ok
01:25:54.0169 10504 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:25:54.0200 10504 RasAcd - ok
01:25:54.0216 10504 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:25:54.0247 10504 RasAgileVpn - ok
01:25:54.0263 10504 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:25:54.0294 10504 RasAuto - ok
01:25:54.0309 10504 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:25:54.0341 10504 Rasl2tp - ok
01:25:54.0356 10504 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:25:54.0387 10504 RasMan - ok
01:25:54.0387 10504 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:25:54.0434 10504 RasPppoe - ok
01:25:54.0434 10504 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:25:54.0481 10504 RasSstp - ok
01:25:54.0481 10504 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:25:54.0528 10504 rdbss - ok
01:25:54.0528 10504 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:25:54.0543 10504 rdpbus - ok
01:25:54.0559 10504 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:25:54.0606 10504 RDPCDD - ok
01:25:54.0621 10504 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:25:54.0653 10504 RDPDR - ok
01:25:54.0653 10504 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:25:54.0684 10504 RDPENCDD - ok
01:25:54.0699 10504 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:25:54.0731 10504 RDPREFMP - ok
01:25:54.0762 10504 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:25:54.0793 10504 RDPWD - ok
01:25:54.0824 10504 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:25:54.0840 10504 rdyboost - ok
01:25:54.0902 10504 [ 2EC95080FAD2621C5E3034DE4C39A2A3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
01:25:54.0933 10504 RegSrvc - ok
01:25:54.0980 10504 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:25:55.0011 10504 RemoteAccess - ok
01:25:55.0043 10504 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:25:55.0089 10504 RemoteRegistry - ok
01:25:55.0121 10504 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:25:55.0136 10504 RFCOMM - ok
01:25:55.0136 10504 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:25:55.0167 10504 RpcEptMapper - ok
01:25:55.0199 10504 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:25:55.0230 10504 RpcLocator - ok
01:25:55.0277 10504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:25:55.0308 10504 RpcSs - ok
01:25:55.0386 10504 [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
01:25:55.0401 10504 RSPCIESTOR - ok
01:25:55.0433 10504 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:25:55.0464 10504 rspndr - ok
01:25:55.0479 10504 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:25:55.0511 10504 s3cap - ok
01:25:55.0526 10504 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:25:55.0526 10504 SamSs - ok
01:25:55.0542 10504 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:25:55.0557 10504 sbp2port - ok
01:25:55.0557 10504 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:25:55.0604 10504 SCardSvr - ok
01:25:55.0620 10504 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:25:55.0651 10504 scfilter - ok
01:25:55.0667 10504 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:25:55.0729 10504 Schedule - ok
01:25:55.0745 10504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:25:55.0760 10504 SCPolicySvc - ok
01:25:55.0791 10504 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:25:55.0807 10504 sdbus - ok
01:25:55.0838 10504 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:25:55.0885 10504 SDRSVC - ok
01:25:55.0885 10504 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:25:55.0901 10504 secdrv - ok
01:25:55.0916 10504 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:25:55.0947 10504 seclogon - ok
01:25:55.0963 10504 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:25:55.0994 10504 SENS - ok
01:25:56.0025 10504 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:25:56.0072 10504 SensrSvc - ok
01:25:56.0088 10504 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:25:56.0103 10504 Serenum - ok
01:25:56.0135 10504 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:25:56.0166 10504 Serial - ok
01:25:56.0181 10504 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:25:56.0197 10504 sermouse - ok
01:25:56.0228 10504 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:25:56.0259 10504 SessionEnv - ok
01:25:56.0259 10504 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:25:56.0291 10504 sffdisk - ok
01:25:56.0306 10504 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:25:56.0322 10504 sffp_mmc - ok
01:25:56.0337 10504 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:25:56.0353 10504 sffp_sd - ok
01:25:56.0369 10504 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:25:56.0369 10504 sfloppy - ok
01:25:56.0400 10504 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:25:56.0447 10504 ShellHWDetection - ok
01:25:56.0493 10504 [ F16269F0A47CBBF4578204283AC0D6B3 ] Sierra Wireless QDL Service C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
01:25:56.0493 10504 Sierra Wireless QDL Service - ok
01:25:56.0525 10504 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:25:56.0525 10504 SiSRaid2 - ok
01:25:56.0540 10504 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:25:56.0540 10504 SiSRaid4 - ok
01:25:56.0696 10504 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:25:56.0759 10504 Skype C2C Service - ok
01:25:56.0805 10504 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:25:56.0805 10504 SkypeUpdate - ok
01:25:56.0821 10504 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:25:56.0868 10504 Smb - ok
01:25:56.0883 10504 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:25:56.0899 10504 SNMPTRAP - ok
01:25:56.0946 10504 [ 9CD1C53490EB5601870A69A8E40F7B12 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
01:25:57.0008 10504 SNP2UVC - ok
01:25:57.0024 10504 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:25:57.0024 10504 spldr - ok
01:25:57.0039 10504 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
01:25:57.0071 10504 Spooler - ok
01:25:57.0133 10504 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:25:57.0227 10504 sppsvc - ok
01:25:57.0242 10504 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:25:57.0273 10504 sppuinotify - ok
01:25:57.0305 10504 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:25:57.0367 10504 srv - ok
01:25:57.0383 10504 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:25:57.0398 10504 srv2 - ok
01:25:57.0429 10504 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:25:57.0445 10504 srvnet - ok
01:25:57.0461 10504 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:25:57.0492 10504 SSDPSRV - ok
01:25:57.0492 10504 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:25:57.0523 10504 SstpSvc - ok
01:25:57.0539 10504 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:25:57.0554 10504 stexstor - ok
01:25:57.0601 10504 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:25:57.0617 10504 stisvc - ok
01:25:57.0632 10504 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:25:57.0632 10504 storflt - ok
01:25:57.0663 10504 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
01:25:57.0695 10504 StorSvc - ok
01:25:57.0726 10504 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:25:57.0741 10504 storvsc - ok
01:25:57.0741 10504 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:25:57.0757 10504 swenum - ok
01:25:57.0788 10504 [ 27FA8EBC9A28B57658F6747473CB5C8E ] swg3kflt00 C:\Windows\system32\DRIVERS\swg3kflt00.sys
01:25:57.0819 10504 swg3kflt00 - ok
01:25:57.0851 10504 [ D74305444436E41BEB59FF2260A6394A ] swg3kmbb00 C:\Windows\system32\DRIVERS\swg3kmbb00.sys
01:25:57.0882 10504 swg3kmbb00 - ok
01:25:57.0897 10504 [ 143B763E71DF2ED586C278541F89432D ] swg3knmea00 C:\Windows\system32\DRIVERS\swg3knmea00.sys
01:25:57.0929 10504 swg3knmea00 - ok
01:25:57.0960 10504 [ 143B763E71DF2ED586C278541F89432D ] swg3kser00 C:\Windows\system32\DRIVERS\swg3kser00.sys
01:25:57.0975 10504 swg3kser00 - ok
01:25:57.0991 10504 [ B49E9DB5401ECC28A104E64F5434A38E ] swibus00 C:\Windows\system32\DRIVERS\swibus00.sys
01:25:58.0007 10504 swibus00 - ok
01:25:58.0007 10504 [ B49E9DB5401ECC28A104E64F5434A38E ] swibusflt00 C:\Windows\system32\DRIVERS\swibusflt00.sys
01:25:58.0022 10504 swibusflt00 - ok
01:25:58.0100 10504 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:25:58.0147 10504 swprv - ok
01:25:58.0178 10504 [ 3C08FB2829A5304825F974B1631DEDFA ] SynTP C:\Windows\system32\drivers\SynTP.sys
01:25:58.0194 10504 SynTP - ok
01:25:58.0241 10504 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:25:58.0303 10504 SysMain - ok
01:25:58.0319 10504 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:25:58.0334 10504 TabletInputService - ok
01:25:58.0350 10504 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:25:58.0381 10504 TapiSrv - ok
01:25:58.0397 10504 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:25:58.0412 10504 TBS - ok
01:25:58.0459 10504 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:25:58.0521 10504 Tcpip - ok
01:25:58.0553 10504 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:25:58.0584 10504 TCPIP6 - ok
01:25:58.0599 10504 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:25:58.0631 10504 tcpipreg - ok
01:25:58.0631 10504 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:25:58.0677 10504 TDPIPE - ok
01:25:58.0693 10504 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:25:58.0709 10504 TDTCP - ok
01:25:58.0724 10504 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:25:58.0755 10504 tdx - ok
01:25:58.0849 10504 [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
01:25:58.0911 10504 TeamViewer6 - ok
01:25:59.0005 10504 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
01:25:59.0067 10504 TeamViewer7 - ok
01:25:59.0099 10504 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:25:59.0099 10504 TermDD - ok
01:25:59.0130 10504 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:25:59.0161 10504 TermService - ok
01:25:59.0177 10504 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:25:59.0208 10504 Themes - ok
01:25:59.0223 10504 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:25:59.0255 10504 THREADORDER - ok
01:25:59.0286 10504 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
01:25:59.0301 10504 TPM - ok
01:25:59.0317 10504 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:25:59.0348 10504 TrkWks - ok
01:25:59.0395 10504 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:25:59.0442 10504 TrustedInstaller - ok
01:25:59.0457 10504 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:25:59.0504 10504 tssecsrv - ok
01:25:59.0520 10504 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:25:59.0551 10504 TsUsbFlt - ok
01:25:59.0582 10504 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:25:59.0598 10504 TsUsbGD - ok
01:25:59.0613 10504 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:25:59.0645 10504 tunnel - ok
01:25:59.0660 10504 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:25:59.0676 10504 uagp35 - ok
01:25:59.0676 10504 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:25:59.0723 10504 udfs - ok
01:25:59.0754 10504 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:25:59.0754 10504 UI0Detect - ok
01:25:59.0769 10504 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:25:59.0785 10504 uliagpkx - ok
01:25:59.0801 10504 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:25:59.0801 10504 umbus - ok
01:25:59.0816 10504 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
01:25:59.0832 10504 UmPass - ok
01:25:59.0847 10504 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
01:25:59.0879 10504 UmRdpService - ok
01:25:59.0972 10504 [ E419566C7918A4C8E9497AFBD502FB2A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:26:00.0050 10504 UNS - ok
01:26:00.0097 10504 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:26:00.0128 10504 upnphost - ok
01:26:00.0175 10504 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
01:26:00.0206 10504 usbaudio - ok
01:26:00.0237 10504 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:26:00.0269 10504 usbccgp - ok
01:26:00.0300 10504 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:26:00.0315 10504 usbcir - ok
01:26:00.0347 10504 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
01:26:00.0378 10504 usbehci - ok
01:26:00.0471 10504 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:26:00.0487 10504 usbhub - ok
01:26:00.0503 10504 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:26:00.0518 10504 usbohci - ok
01:26:00.0534 10504 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
01:26:00.0534 10504 usbprint - ok
01:26:00.0549 10504 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:26:00.0596 10504 USBSTOR - ok
01:26:00.0612 10504 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:26:00.0612 10504 usbuhci - ok
01:26:00.0627 10504 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
01:26:00.0659 10504 usbvideo - ok
01:26:00.0674 10504 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:26:00.0721 10504 UxSms - ok
01:26:00.0737 10504 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:26:00.0737 10504 VaultSvc - ok
01:26:00.0752 10504 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:26:00.0752 10504 vdrvroot - ok
01:26:00.0768 10504 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:26:00.0799 10504 vds - ok
01:26:00.0830 10504 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:26:00.0846 10504 vga - ok
01:26:00.0846 10504 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:26:00.0877 10504 VgaSave - ok
01:26:00.0893 10504 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:26:00.0908 10504 vhdmp - ok
01:26:00.0924 10504 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:26:00.0924 10504 viaide - ok
01:26:00.0939 10504 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:26:00.0955 10504 vmbus - ok
01:26:00.0971 10504 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:26:00.0986 10504 VMBusHID - ok
01:26:01.0002 10504 [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:26:01.0002 10504 volmgr - ok
01:26:01.0017 10504 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:26:01.0033 10504 volmgrx - ok
01:26:01.0049 10504 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:26:01.0064 10504 volsnap - ok
01:26:01.0080 10504 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:26:01.0095 10504 vsmraid - ok
01:26:01.0127 10504 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:26:01.0189 10504 VSS - ok
01:26:01.0189 10504 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:26:01.0205 10504 vwifibus - ok
01:26:01.0236 10504 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:26:01.0251 10504 vwififlt - ok
01:26:01.0267 10504 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:26:01.0283 10504 vwifimp - ok
01:26:01.0298 10504 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:26:01.0329 10504 W32Time - ok
01:26:01.0345 10504 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:26:01.0361 10504 WacomPen - ok
01:26:01.0376 10504 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:26:01.0407 10504 WANARP - ok
01:26:01.0407 10504 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:26:01.0423 10504 Wanarpv6 - ok
01:26:01.0485 10504 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:26:01.0532 10504 WatAdminSvc - ok
01:26:01.0563 10504 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:26:01.0626 10504 wbengine - ok
01:26:01.0641 10504 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:26:01.0673 10504 WbioSrvc - ok
01:26:01.0704 10504 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
01:26:01.0719 10504 WcesComm - ok
01:26:01.0735 10504 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:26:01.0766 10504 wcncsvc - ok
01:26:01.0782 10504 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:26:01.0813 10504 WcsPlugInService - ok
01:26:01.0844 10504 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
01:26:01.0844 10504 Wd - ok
01:26:01.0860 10504 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:26:01.0891 10504 Wdf01000 - ok
01:26:01.0907 10504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:26:01.0985 10504 WdiServiceHost - ok
01:26:01.0985 10504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:26:02.0000 10504 WdiSystemHost - ok
01:26:02.0016 10504 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:26:02.0031 10504 WebClient - ok
01:26:02.0047 10504 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:26:02.0063 10504 Wecsvc - ok
01:26:02.0078 10504 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:26:02.0109 10504 wercplsupport - ok
01:26:02.0125 10504 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:26:02.0156 10504 WerSvc - ok
01:26:02.0172 10504 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:26:02.0203 10504 WfpLwf - ok
01:26:02.0219 10504 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:26:02.0219 10504 WIMMount - ok
01:26:02.0219 10504 WinHttpAutoProxySvc - ok
01:26:02.0265 10504 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:26:02.0297 10504 Winmgmt - ok
01:26:02.0343 10504 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:26:02.0421 10504 WinRM - ok
01:26:02.0453 10504 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
01:26:02.0468 10504 WinUsb - ok
01:26:02.0484 10504 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:26:02.0515 10504 Wlansvc - ok
01:26:02.0562 10504 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:26:02.0577 10504 wlcrasvc - ok
01:26:02.0640 10504 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:26:02.0702 10504 wlidsvc - ok
01:26:02.0718 10504 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:26:02.0718 10504 WmiAcpi - ok
01:26:02.0749 10504 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:26:02.0765 10504 wmiApSrv - ok
01:26:02.0796 10504 WMPNetworkSvc - ok
01:26:02.0796 10504 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:26:02.0827 10504 WPCSvc - ok
01:26:02.0843 10504 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:26:02.0874 10504 WPDBusEnum - ok
01:26:02.0889 10504 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:26:02.0905 10504 ws2ifsl - ok
01:26:02.0936 10504 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:26:02.0967 10504 WSDPrintDevice - ok
01:26:02.0983 10504 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
01:26:02.0999 10504 WSDScan - ok
01:26:02.0999 10504 WSearch - ok
01:26:03.0014 10504 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:26:03.0045 10504 WudfPf - ok
01:26:03.0045 10504 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:26:03.0092 10504 WUDFRd - ok
01:26:03.0108 10504 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:26:03.0123 10504 wudfsvc - ok
01:26:03.0170 10504 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:26:03.0186 10504 WwanSvc - ok
01:26:03.0248 10504 [ 7C5522028410A4A34BB8021F026733AF ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
01:26:03.0264 10504 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - warning
01:26:03.0264 10504 XMouseButton Launcher - detected UnsignedFile.Multi.Generic (1)
01:26:03.0295 10504 [ 8886B900CF97E1FF25BA8BD05B555C24 ] XobniService C:\Program Files (x86)\Xobni\XobniService.exe
01:26:03.0295 10504 XobniService - ok
01:26:03.0326 10504 ================ Scan global ===============================
01:26:03.0342 10504 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:26:03.0357 10504 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:26:03.0373 10504 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:26:03.0389 10504 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:26:03.0420 10504 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
01:26:03.0420 10504 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
01:26:03.0420 10504 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
01:26:03.0420 10504 ================ Scan MBR ==================================
01:26:03.0420 10504 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:26:03.0888 10504 \Device\Harddisk0\DR0 - ok
01:26:03.0888 10504 ================ Scan VBR ==================================
01:26:03.0919 10504 [ 41FFB6FC3354B6C1AE87CF5D82B896D6 ] \Device\Harddisk0\DR0\Partition1
01:26:03.0919 10504 \Device\Harddisk0\DR0\Partition1 - ok
01:26:03.0935 10504 [ 5A1411CB058626E0D2488E1CCB002386 ] \Device\Harddisk0\DR0\Partition2
01:26:03.0935 10504 \Device\Harddisk0\DR0\Partition2 - ok
01:26:03.0950 10504 [ E1221B9A5C3A8BF3C8B47BDF58DC9B2D ] \Device\Harddisk0\DR0\Partition3
01:26:03.0950 10504 \Device\Harddisk0\DR0\Partition3 - ok
01:26:03.0950 10504 ============================================================
01:26:03.0950 10504 Scan finished
01:26:03.0950 10504 ============================================================
01:26:03.0950 10700 Detected object count: 5
01:26:03.0950 10700 Actual detected object count: 5
01:29:51.0211 10700 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:29:51.0211 10700 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:29:51.0211 10700 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
01:29:51.0211 10700 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:29:51.0211 10700 PJDrv ( UnsignedFile.Multi.Generic ) - skipped by user
01:29:51.0211 10700 PJDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:29:51.0211 10700 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - skipped by user
01:29:51.0211 10700 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:29:51.0211 10700 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
01:29:51.0211 10700 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Skip
Geändert von LutzSchnalke (31.08.2012 um 00:49 Uhr) Grund: Schreibfehler |
|
31.08.2012, 10:51
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/TrojanerCode:
ATTFilter C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b )
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 11:21
| #23 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Vielen Dank! Lutz Hier der Log nach dem Entfernen und vor dem Reboot, den nach dem Reboot füge ich in eine zweite Antwort (wegen der Länge) Code:
ATTFilter 12:15:47.0748 3192 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:15:47.0763 3192 ============================================================
12:15:47.0763 3192 Current date / time: 2012/08/31 12:15:47.0763
12:15:47.0763 3192 SystemInfo:
12:15:47.0763 3192
12:15:47.0763 3192 OS Version: 6.1.7601 ServicePack: 1.0
12:15:47.0763 3192 Product type: Workstation
12:15:47.0763 3192 ComputerName: NBLS
12:15:47.0763 3192 UserName: ls
12:15:47.0763 3192 Windows directory: C:\Windows
12:15:47.0763 3192 System windows directory: C:\Windows
12:15:47.0763 3192 Running under WOW64
12:15:47.0763 3192 Processor architecture: Intel x64
12:15:47.0763 3192 Number of processors: 4
12:15:47.0763 3192 Page size: 0x1000
12:15:47.0763 3192 Boot type: Normal boot
12:15:47.0763 3192 ============================================================
12:15:48.0621 3192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:15:48.0621 3192 ============================================================
12:15:48.0621 3192 \Device\Harddisk0\DR0:
12:15:48.0637 3192 MBR partitions:
12:15:48.0637 3192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x41C800, BlocksNum 0x4E20000
12:15:48.0668 3192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x523D000, BlocksNum 0x1388000
12:15:48.0668 3192 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x65C6A72, BlocksNum 0x318A2BD9
12:15:48.0699 3192 ============================================================
12:15:48.0730 3192 C: <-> \Device\Harddisk0\DR0\Partition1
12:15:48.0777 3192 D: <-> \Device\Harddisk0\DR0\Partition3
12:15:48.0777 3192 ============================================================
12:15:48.0777 3192 Initialize success
12:15:48.0777 3192 ============================================================
12:16:01.0866 4420 ============================================================
12:16:01.0866 4420 Scan started
12:16:01.0866 4420 Mode: Manual; SigCheck; TDLFS;
12:16:01.0866 4420 ============================================================
12:16:05.0313 4420 ================ Scan services =============================
12:16:05.0454 4420 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:16:05.0547 4420 1394ohci - ok
12:16:05.0563 4420 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:16:05.0578 4420 ACPI - ok
12:16:05.0610 4420 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:16:05.0672 4420 AcpiPmi - ok
12:16:05.0688 4420 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:16:05.0703 4420 adp94xx - ok
12:16:05.0719 4420 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:16:05.0734 4420 adpahci - ok
12:16:05.0750 4420 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:16:05.0766 4420 adpu320 - ok
12:16:05.0781 4420 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:16:05.0922 4420 AeLookupSvc - ok
12:16:05.0953 4420 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:16:05.0984 4420 AFD - ok
12:16:06.0031 4420 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
12:16:06.0093 4420 AgereSoftModem - ok
12:16:06.0109 4420 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:16:06.0109 4420 agp440 - ok
12:16:06.0140 4420 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:16:06.0171 4420 ALG - ok
12:16:06.0187 4420 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:16:06.0187 4420 aliide - ok
12:16:06.0218 4420 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:16:06.0218 4420 amdide - ok
12:16:06.0234 4420 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:16:06.0249 4420 AmdK8 - ok
12:16:06.0265 4420 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:16:06.0280 4420 AmdPPM - ok
12:16:06.0312 4420 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:16:06.0312 4420 amdsata - ok
12:16:06.0343 4420 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:16:06.0358 4420 amdsbs - ok
12:16:06.0374 4420 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:16:06.0374 4420 amdxata - ok
12:16:06.0452 4420 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
12:16:06.0468 4420 AntiVirMailService - ok
12:16:06.0514 4420 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:16:06.0514 4420 AntiVirSchedulerService - ok
12:16:06.0530 4420 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:16:06.0546 4420 AntiVirService - ok
12:16:06.0561 4420 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:16:06.0577 4420 AntiVirWebService - ok
12:16:06.0608 4420 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:16:06.0764 4420 AppID - ok
12:16:06.0780 4420 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:16:06.0826 4420 AppIDSvc - ok
12:16:06.0842 4420 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:16:06.0889 4420 Appinfo - ok
12:16:06.0936 4420 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:16:06.0982 4420 AppMgmt - ok
12:16:07.0014 4420 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:16:07.0029 4420 arc - ok
12:16:07.0045 4420 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:16:07.0045 4420 arcsas - ok
12:16:07.0138 4420 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:16:07.0170 4420 aspnet_state - ok
12:16:07.0185 4420 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:16:07.0216 4420 AsyncMac - ok
12:16:07.0248 4420 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:16:07.0248 4420 atapi - ok
12:16:07.0357 4420 [ FA47E65AA0C1DBC6DFEB7E9C6F12A5EA ] ATService C:\Program Files\Fingerprint Sensor\ATService.exe
12:16:07.0435 4420 ATService - ok
12:16:07.0482 4420 [ 4131DABB573D70FDA332A55F206F6CFF ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
12:16:07.0528 4420 ATSwpWDF - ok
12:16:07.0575 4420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:16:07.0622 4420 AudioEndpointBuilder - ok
12:16:07.0638 4420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:16:07.0669 4420 AudioSrv - ok
12:16:07.0700 4420 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:16:07.0700 4420 avgntflt - ok
12:16:07.0716 4420 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:16:07.0731 4420 avipbb - ok
12:16:07.0747 4420 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:16:07.0762 4420 avkmgr - ok
12:16:07.0778 4420 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:16:07.0856 4420 AxInstSV - ok
12:16:07.0903 4420 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:16:07.0934 4420 b06bdrv - ok
12:16:07.0950 4420 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:16:07.0981 4420 b57nd60a - ok
12:16:08.0028 4420 [ 6F29CA4EA1DB1888016EB22ADAE4227D ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
12:16:08.0043 4420 bcbtums - ok
12:16:08.0090 4420 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:16:08.0121 4420 BDESVC - ok
12:16:08.0137 4420 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:16:08.0168 4420 Beep - ok
12:16:08.0184 4420 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:16:08.0215 4420 blbdrive - ok
12:16:08.0246 4420 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:16:08.0293 4420 bowser - ok
12:16:08.0308 4420 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:16:08.0324 4420 BrFiltLo - ok
12:16:08.0340 4420 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:16:08.0355 4420 BrFiltUp - ok
12:16:08.0386 4420 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
12:16:08.0418 4420 Browser - ok
12:16:08.0433 4420 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:16:08.0464 4420 Brserid - ok
12:16:08.0480 4420 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:16:08.0496 4420 BrSerWdm - ok
12:16:08.0511 4420 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:16:08.0527 4420 BrUsbMdm - ok
12:16:08.0542 4420 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:16:08.0558 4420 BrUsbSer - ok
12:16:08.0589 4420 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
12:16:08.0636 4420 BthEnum - ok
12:16:08.0652 4420 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:16:08.0683 4420 BTHMODEM - ok
12:16:08.0698 4420 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:16:08.0730 4420 BthPan - ok
12:16:08.0761 4420 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:16:08.0776 4420 BTHPORT - ok
12:16:08.0823 4420 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:16:08.0839 4420 bthserv - ok
12:16:08.0870 4420 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:16:08.0901 4420 BTHUSB - ok
12:16:08.0948 4420 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
12:16:08.0964 4420 BTWAMPFL - ok
12:16:08.0995 4420 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:16:09.0010 4420 btwaudio - ok
12:16:09.0026 4420 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:16:09.0042 4420 btwavdt - ok
12:16:09.0104 4420 [ 36E3016BEDC45274E00E2943B591AEEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:16:09.0135 4420 btwdins - ok
12:16:09.0151 4420 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:16:09.0151 4420 btwl2cap - ok
12:16:09.0166 4420 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:16:09.0182 4420 btwrchid - ok
12:16:09.0198 4420 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:16:09.0244 4420 cdfs - ok
12:16:09.0260 4420 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:16:09.0291 4420 cdrom - ok
12:16:09.0322 4420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:16:09.0354 4420 CertPropSvc - ok
12:16:09.0385 4420 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:16:09.0400 4420 circlass - ok
12:16:09.0432 4420 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:16:09.0432 4420 CLFS - ok
12:16:09.0494 4420 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:16:09.0510 4420 clr_optimization_v2.0.50727_32 - ok
12:16:09.0541 4420 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:16:09.0556 4420 clr_optimization_v2.0.50727_64 - ok
12:16:09.0603 4420 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:16:09.0666 4420 clr_optimization_v4.0.30319_32 - ok
12:16:09.0681 4420 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:16:09.0712 4420 clr_optimization_v4.0.30319_64 - ok
12:16:09.0728 4420 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:16:09.0744 4420 CmBatt - ok
12:16:09.0775 4420 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:16:09.0775 4420 cmdide - ok
12:16:09.0868 4420 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:16:09.0993 4420 CNG - ok
12:16:10.0414 4420 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:16:10.0430 4420 Compbatt - ok
12:16:10.0446 4420 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:16:10.0461 4420 CompositeBus - ok
12:16:10.0461 4420 COMSysApp - ok
12:16:10.0477 4420 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:16:10.0492 4420 crcdisk - ok
12:16:10.0508 4420 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:16:10.0570 4420 CryptSvc - ok
12:16:10.0602 4420 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
12:16:10.0664 4420 CSC - ok
12:16:10.0711 4420 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
12:16:10.0726 4420 CscService - ok
12:16:10.0758 4420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:16:10.0851 4420 DcomLaunch - ok
12:16:10.0898 4420 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:16:10.0945 4420 defragsvc - ok
12:16:10.0976 4420 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:16:11.0007 4420 DfsC - ok
12:16:11.0070 4420 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:16:11.0101 4420 Dhcp - ok
12:16:11.0148 4420 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:16:11.0194 4420 discache - ok
12:16:11.0226 4420 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:16:11.0226 4420 Disk - ok
12:16:11.0257 4420 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:16:11.0304 4420 dmvsc - ok
12:16:11.0335 4420 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:16:11.0382 4420 Dnscache - ok
12:16:11.0397 4420 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:16:11.0444 4420 dot3svc - ok
12:16:11.0460 4420 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:16:11.0506 4420 DPS - ok
12:16:11.0522 4420 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:16:11.0553 4420 drmkaud - ok
12:16:11.0569 4420 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:16:11.0600 4420 DXGKrnl - ok
12:16:11.0631 4420 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
12:16:11.0631 4420 e1cexpress - ok
12:16:11.0662 4420 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:16:11.0694 4420 EapHost - ok
12:16:11.0756 4420 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:16:11.0865 4420 ebdrv - ok
12:16:11.0896 4420 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:16:11.0943 4420 EFS - ok
12:16:12.0021 4420 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:16:12.0084 4420 ehRecvr - ok
12:16:12.0099 4420 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:16:12.0130 4420 ehSched - ok
12:16:12.0162 4420 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:16:12.0177 4420 elxstor - ok
12:16:12.0193 4420 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:16:12.0208 4420 ErrDev - ok
12:16:12.0240 4420 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:16:12.0271 4420 EventSystem - ok
12:16:12.0380 4420 [ 7A526761229C10B0D8508B905F0FEE4C ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:16:12.0411 4420 EvtEng - ok
12:16:12.0442 4420 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:16:12.0474 4420 exfat - ok
12:16:12.0489 4420 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:16:12.0520 4420 fastfat - ok
12:16:12.0552 4420 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:16:12.0645 4420 Fax - ok
12:16:12.0661 4420 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
12:16:12.0676 4420 FBIOSDRV - ok
12:16:12.0692 4420 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:16:12.0723 4420 fdc - ok
12:16:12.0739 4420 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:16:12.0770 4420 fdPHost - ok
12:16:12.0801 4420 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:16:12.0817 4420 FDResPub - ok
12:16:12.0832 4420 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:16:12.0848 4420 FileInfo - ok
12:16:12.0864 4420 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:16:12.0895 4420 Filetrace - ok
12:16:12.0973 4420 [ 2FA407147F273D7852FEB7BDA71E54E1 ] FJGSDisk C:\Windows\system32\DRIVERS\FJGSDisk.sys
12:16:12.0988 4420 FJGSDisk - ok
12:16:13.0020 4420 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:16:13.0066 4420 flpydisk - ok
12:16:13.0113 4420 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:16:13.0129 4420 FltMgr - ok
12:16:13.0160 4420 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:16:13.0222 4420 FontCache - ok
12:16:13.0269 4420 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:16:13.0269 4420 FontCache3.0.0.0 - ok
12:16:13.0285 4420 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:16:13.0285 4420 FsDepends - ok
12:16:13.0316 4420 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:16:13.0316 4420 Fs_Rec - ok
12:16:13.0332 4420 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\drivers\FUJ02B1.sys
12:16:13.0363 4420 FUJ02B1 - ok
12:16:13.0394 4420 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
12:16:13.0410 4420 FUJ02E3 - ok
12:16:13.0425 4420 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:16:13.0441 4420 fvevol - ok
12:16:13.0456 4420 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:16:13.0472 4420 gagp30kx - ok
12:16:13.0566 4420 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
12:16:13.0581 4420 GoogleDesktopManager-060409-093314 - ok
12:16:13.0628 4420 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:16:13.0768 4420 gpsvc - ok
12:16:13.0800 4420 [ FB9AD1E93E445AB84594931B8552501A ] guardian2 C:\Windows\system32\Drivers\oz776x64.sys
12:16:13.0815 4420 guardian2 - ok
12:16:13.0846 4420 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:16:13.0893 4420 hcw85cir - ok
12:16:13.0924 4420 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:16:13.0956 4420 HdAudAddService - ok
12:16:14.0049 4420 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:16:14.0065 4420 HDAudBus - ok
12:16:14.0096 4420 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:16:14.0143 4420 HidBatt - ok
12:16:14.0174 4420 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:16:14.0190 4420 HidBth - ok
12:16:14.0221 4420 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:16:14.0236 4420 HidIr - ok
12:16:14.0252 4420 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:16:14.0283 4420 hidserv - ok
12:16:14.0299 4420 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:16:14.0314 4420 HidUsb - ok
12:16:14.0330 4420 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:16:14.0377 4420 hkmsvc - ok
12:16:14.0392 4420 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:16:14.0439 4420 HomeGroupListener - ok
12:16:14.0455 4420 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:16:14.0470 4420 HomeGroupProvider - ok
12:16:14.0486 4420 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:16:14.0486 4420 HpSAMD - ok
12:16:14.0517 4420 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:16:14.0564 4420 HTTP - ok
12:16:14.0595 4420 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:16:14.0595 4420 hwpolicy - ok
12:16:14.0626 4420 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:16:14.0626 4420 i8042prt - ok
12:16:14.0658 4420 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:16:14.0673 4420 iaStor - ok
12:16:14.0704 4420 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:16:14.0720 4420 iaStorV - ok
12:16:14.0767 4420 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:16:14.0798 4420 idsvc - ok
12:16:14.0985 4420 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:16:15.0313 4420 igfx - ok
12:16:15.0360 4420 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:16:15.0360 4420 iirsp - ok
12:16:15.0391 4420 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:16:15.0438 4420 IKEEXT - ok
12:16:15.0796 4420 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:16:15.0874 4420 intaud_WaveExtensible - ok
12:16:16.0046 4420 [ D492D3B5A8DDDE1D6621A8C53855EABF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:16:16.0108 4420 IntcAzAudAddService - ok
12:16:16.0155 4420 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:16:16.0186 4420 IntcDAud - ok
12:16:16.0202 4420 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:16:16.0202 4420 intelide - ok
12:16:16.0233 4420 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:16:16.0249 4420 intelppm - ok
12:16:16.0280 4420 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:16:16.0311 4420 IPBusEnum - ok
12:16:16.0358 4420 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:16:16.0389 4420 IpFilterDriver - ok
12:16:16.0420 4420 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:16:16.0436 4420 IPMIDRV - ok
12:16:16.0483 4420 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:16:16.0514 4420 IPNAT - ok
12:16:16.0530 4420 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:16:16.0545 4420 IRENUM - ok
12:16:16.0561 4420 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:16:16.0561 4420 isapnp - ok
12:16:16.0576 4420 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:16:16.0592 4420 iScsiPrt - ok
12:16:16.0623 4420 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
12:16:16.0639 4420 iwdbus - ok
12:16:16.0639 4420 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:16:16.0654 4420 kbdclass - ok
12:16:16.0654 4420 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:16:16.0686 4420 kbdhid - ok
12:16:16.0686 4420 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:16:16.0701 4420 KeyIso - ok
12:16:16.0717 4420 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:16:16.0732 4420 KSecDD - ok
12:16:16.0748 4420 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:16:16.0748 4420 KSecPkg - ok
12:16:16.0764 4420 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:16:16.0810 4420 ksthunk - ok
12:16:16.0857 4420 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:16:16.0888 4420 KtmRm - ok
12:16:16.0935 4420 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:16:16.0966 4420 LanmanServer - ok
12:16:17.0013 4420 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:16:17.0044 4420 LanmanWorkstation - ok
12:16:17.0107 4420 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:16:17.0122 4420 LHidFilt - ok
12:16:17.0200 4420 [ F3CA8234F60EBA24604B5A9390D2FED5 ] LIDIS 3 Service C:\Program Files (x86)\LIDIS 3\Bin\srvany.exe
12:16:17.0216 4420 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - warning
12:16:17.0216 4420 LIDIS 3 Service - detected UnsignedFile.Multi.Generic (1)
12:16:17.0232 4420 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:16:17.0263 4420 lltdio - ok
12:16:17.0310 4420 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:16:17.0356 4420 lltdsvc - ok
12:16:17.0372 4420 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:16:17.0388 4420 lmhosts - ok
12:16:17.0450 4420 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:16:17.0466 4420 LMouFilt - ok
12:16:17.0512 4420 [ A63B719F4F8657F3FCD84436D09378C8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:16:17.0512 4420 LMS - ok
12:16:17.0544 4420 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:16:17.0559 4420 LSI_FC - ok
12:16:17.0575 4420 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:16:17.0575 4420 LSI_SAS - ok
12:16:17.0590 4420 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:16:17.0590 4420 LSI_SAS2 - ok
12:16:17.0606 4420 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:16:17.0606 4420 LSI_SCSI - ok
12:16:17.0622 4420 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:16:17.0653 4420 luafv - ok
12:16:17.0684 4420 [ 11DDB1D900078FBE3691DF7B878AEC28 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
12:16:17.0700 4420 LUsbFilt - ok
12:16:17.0731 4420 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:16:17.0746 4420 MBAMProtector - ok
12:16:17.0778 4420 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:16:17.0809 4420 MBAMService - ok
12:16:17.0824 4420 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:16:17.0840 4420 Mcx2Svc - ok
12:16:17.0856 4420 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:16:17.0856 4420 megasas - ok
12:16:17.0887 4420 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:16:17.0887 4420 MegaSR - ok
12:16:17.0918 4420 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:16:17.0918 4420 MEIx64 - ok
12:16:17.0949 4420 [ 3048A72A85B31BA3980499B93B93CD30 ] mircap C:\Windows\system32\DRIVERS\mircap.sys
12:16:17.0980 4420 mircap - ok
12:16:17.0996 4420 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:16:18.0027 4420 MMCSS - ok
12:16:18.0043 4420 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:16:18.0090 4420 Modem - ok
12:16:18.0105 4420 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:16:18.0136 4420 monitor - ok
12:16:18.0168 4420 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:16:18.0183 4420 mouclass - ok
12:16:18.0199 4420 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:16:18.0214 4420 mouhid - ok
12:16:18.0292 4420 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:16:18.0292 4420 mountmgr - ok
12:16:18.0339 4420 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:16:18.0355 4420 mpio - ok
12:16:18.0355 4420 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:16:18.0386 4420 mpsdrv - ok
12:16:18.0433 4420 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:16:18.0464 4420 MRxDAV - ok
12:16:18.0480 4420 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:16:18.0526 4420 mrxsmb - ok
12:16:18.0542 4420 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:16:18.0542 4420 mrxsmb10 - ok
12:16:18.0558 4420 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:16:18.0589 4420 mrxsmb20 - ok
12:16:18.0589 4420 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:16:18.0604 4420 msahci - ok
12:16:18.0620 4420 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:16:18.0620 4420 msdsm - ok
12:16:18.0636 4420 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:16:18.0667 4420 MSDTC - ok
12:16:18.0682 4420 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:16:18.0714 4420 Msfs - ok
12:16:18.0729 4420 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:16:18.0760 4420 mshidkmdf - ok
12:16:18.0776 4420 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:16:18.0792 4420 msisadrv - ok
12:16:18.0823 4420 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:16:18.0854 4420 MSiSCSI - ok
12:16:18.0870 4420 msiserver - ok
12:16:18.0885 4420 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:16:18.0901 4420 MSKSSRV - ok
12:16:18.0948 4420 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:16:18.0994 4420 MSPCLOCK - ok
12:16:18.0994 4420 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:16:19.0026 4420 MSPQM - ok
12:16:19.0057 4420 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:16:19.0057 4420 MsRPC - ok
12:16:19.0072 4420 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:16:19.0072 4420 mssmbios - ok
12:16:19.0088 4420 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:16:19.0119 4420 MSTEE - ok
12:16:19.0166 4420 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:16:19.0244 4420 MTConfig - ok
12:16:19.0338 4420 [ 258779453979AE1A89CB466C8B61176F ] mtpaudio C:\Windows\system32\DRIVERS\mtpaudio.sys
12:16:19.0353 4420 mtpaudio - ok
12:16:19.0353 4420 [ 985CAACFFC429E0719D08E550B4F0982 ] mtvpbus C:\Windows\system32\DRIVERS\mtvpbus.sys
12:16:19.0384 4420 mtvpbus - ok
12:16:19.0400 4420 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:16:19.0416 4420 Mup - ok
12:16:19.0447 4420 [ 95D193CAE3C4D575D88B6D93DDCD60D3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:16:19.0462 4420 MyWiFiDHCPDNS - ok
12:16:19.0478 4420 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:16:19.0525 4420 napagent - ok
12:16:19.0556 4420 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:16:19.0587 4420 NativeWifiP - ok
12:16:19.0618 4420 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:16:19.0634 4420 NDIS - ok
12:16:19.0650 4420 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:16:19.0696 4420 NdisCap - ok
12:16:19.0712 4420 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:16:19.0743 4420 NdisTapi - ok
12:16:19.0759 4420 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:16:19.0790 4420 Ndisuio - ok
12:16:19.0821 4420 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:16:19.0852 4420 NdisWan - ok
12:16:19.0868 4420 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:16:19.0899 4420 NDProxy - ok
12:16:19.0993 4420 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:16:20.0024 4420 Nero BackItUp Scheduler 4.0 - ok
12:16:20.0040 4420 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:16:20.0071 4420 NetBIOS - ok
12:16:20.0086 4420 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:16:20.0133 4420 NetBT - ok
12:16:20.0180 4420 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:16:20.0196 4420 Netlogon - ok
12:16:20.0289 4420 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:16:20.0352 4420 Netman - ok
12:16:20.0398 4420 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:16:20.0414 4420 NetMsmqActivator - ok
12:16:20.0430 4420 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:16:20.0430 4420 NetPipeActivator - ok
12:16:20.0445 4420 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:16:20.0476 4420 netprofm - ok
12:16:20.0492 4420 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:16:20.0492 4420 NetTcpActivator - ok
12:16:20.0492 4420 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:16:20.0492 4420 NetTcpPortSharing - ok
12:16:20.0648 4420 [ 8ADAA4CC125EC1A1CB66E363DF531CC4 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:16:20.0866 4420 NETwNs64 - ok
12:16:20.0898 4420 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:16:20.0913 4420 nfrd960 - ok
12:16:20.0929 4420 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:16:20.0976 4420 NlaSvc - ok
12:16:20.0991 4420 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:16:21.0022 4420 Npfs - ok
12:16:21.0366 4420 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:16:21.0397 4420 nsi - ok
12:16:21.0397 4420 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:16:21.0444 4420 nsiproxy - ok
12:16:21.0475 4420 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:16:21.0522 4420 Ntfs - ok
12:16:21.0537 4420 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:16:21.0553 4420 Null - ok
12:16:21.0584 4420 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:16:21.0615 4420 nusb3hub - ok
12:16:21.0615 4420 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:16:21.0646 4420 nusb3xhc - ok
12:16:21.0662 4420 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:16:21.0662 4420 nvraid - ok
12:16:21.0693 4420 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:16:21.0709 4420 nvstor - ok
12:16:21.0724 4420 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:16:21.0724 4420 nv_agp - ok
12:16:21.0740 4420 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:16:21.0756 4420 ohci1394 - ok
12:16:21.0787 4420 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:16:21.0802 4420 ose - ok
12:16:21.0818 4420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:16:21.0849 4420 p2pimsvc - ok
12:16:21.0880 4420 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:16:21.0896 4420 p2psvc - ok
12:16:21.0943 4420 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:16:21.0943 4420 Parport - ok
12:16:21.0974 4420 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:16:21.0974 4420 partmgr - ok
12:16:21.0990 4420 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:16:22.0021 4420 PcaSvc - ok
12:16:22.0036 4420 [ B26E102E0F54773119B162F56C9DD994 ] pci C:\Windows\system32\drivers\pci.sys
12:16:22.0052 4420 pci - ok
12:16:22.0052 4420 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:16:22.0068 4420 pciide - ok
12:16:22.0083 4420 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:16:22.0083 4420 pcmcia - ok
12:16:22.0099 4420 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:16:22.0114 4420 pcw - ok
12:16:22.0130 4420 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:16:22.0161 4420 PEAUTH - ok
12:16:22.0224 4420 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:16:22.0302 4420 PeerDistSvc - ok
12:16:22.0395 4420 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:16:22.0411 4420 PerfHost - ok
12:16:22.0473 4420 [ 6CE8BB00A615A4F3FA2F36FDB2EF4EFA ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
12:16:22.0489 4420 PFNService ( UnsignedFile.Multi.Generic ) - warning
12:16:22.0489 4420 PFNService - detected UnsignedFile.Multi.Generic (1)
12:16:22.0551 4420 [ 9FEAB474189E6FE97CFF1195C09CD1B3 ] PJDrv C:\Program Files (x86)\Panasonic\Wireless Manager ME4.5\PJDrv.sys
12:16:22.0567 4420 PJDrv ( UnsignedFile.Multi.Generic ) - warning
12:16:22.0567 4420 PJDrv - detected UnsignedFile.Multi.Generic (1)
12:16:22.0598 4420 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:16:22.0660 4420 pla - ok
12:16:22.0692 4420 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:16:22.0738 4420 PlugPlay - ok
12:16:22.0738 4420 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:16:22.0770 4420 PNRPAutoReg - ok
12:16:22.0785 4420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:16:22.0785 4420 PNRPsvc - ok
12:16:22.0816 4420 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:16:22.0816 4420 Point64 - ok
12:16:22.0848 4420 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:16:22.0894 4420 PolicyAgent - ok
12:16:22.0941 4420 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
12:16:22.0972 4420 Power - ok
12:16:23.0004 4420 [ 76FF4836EFA78DBF3F39F612D88CA7E7 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
12:16:23.0004 4420 PowerSavingUtilityService - ok
12:16:23.0035 4420 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:16:23.0066 4420 PptpMiniport - ok
12:16:23.0082 4420 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:16:23.0113 4420 Processor - ok
12:16:23.0144 4420 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:16:23.0175 4420 ProfSvc - ok
12:16:23.0175 4420 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:16:23.0191 4420 ProtectedStorage - ok
12:16:23.0191 4420 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:16:23.0238 4420 Psched - ok
12:16:23.0284 4420 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:16:23.0284 4420 PSI_SVC_2 - ok
12:16:23.0347 4420 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:16:23.0394 4420 ql2300 - ok
12:16:23.0440 4420 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:16:23.0440 4420 ql40xx - ok
12:16:23.0503 4420 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:16:23.0518 4420 QWAVE - ok
12:16:23.0534 4420 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:16:23.0565 4420 QWAVEdrv - ok
12:16:23.0628 4420 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:16:23.0628 4420 RapiMgr - ok
12:16:23.0643 4420 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:16:23.0674 4420 RasAcd - ok
12:16:23.0706 4420 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:16:23.0737 4420 RasAgileVpn - ok
12:16:23.0752 4420 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:16:23.0784 4420 RasAuto - ok
12:16:23.0799 4420 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:16:23.0846 4420 Rasl2tp - ok
12:16:23.0862 4420 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:16:23.0893 4420 RasMan - ok
12:16:23.0940 4420 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:16:23.0971 4420 RasPppoe - ok
12:16:24.0002 4420 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:16:24.0033 4420 RasSstp - ok
12:16:24.0049 4420 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:16:24.0080 4420 rdbss - ok
12:16:24.0111 4420 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:16:24.0111 4420 rdpbus - ok
12:16:24.0142 4420 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:16:24.0174 4420 RDPCDD - ok
12:16:24.0205 4420 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:16:24.0252 4420 RDPDR - ok
12:16:24.0267 4420 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:16:24.0298 4420 RDPENCDD - ok
12:16:24.0345 4420 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:16:24.0439 4420 RDPREFMP - ok
12:16:24.0470 4420 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:16:24.0564 4420 RDPWD - ok
12:16:24.0595 4420 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:16:24.0610 4420 rdyboost - ok
12:16:24.0673 4420 [ 2EC95080FAD2621C5E3034DE4C39A2A3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:16:24.0704 4420 RegSrvc - ok
12:16:24.0735 4420 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:16:24.0766 4420 RemoteAccess - ok
12:16:24.0782 4420 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:16:24.0829 4420 RemoteRegistry - ok
12:16:24.0844 4420 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:16:24.0876 4420 RFCOMM - ok
12:16:24.0891 4420 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:16:24.0922 4420 RpcEptMapper - ok
12:16:24.0985 4420 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:16:24.0985 4420 RpcLocator - ok
12:16:25.0000 4420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:16:25.0032 4420 RpcSs - ok
12:16:25.0094 4420 [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:16:25.0094 4420 RSPCIESTOR - ok
12:16:25.0125 4420 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:16:25.0156 4420 rspndr - ok
12:16:25.0188 4420 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:16:25.0203 4420 s3cap - ok
12:16:25.0219 4420 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:16:25.0219 4420 SamSs - ok
12:16:25.0234 4420 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:16:25.0250 4420 sbp2port - ok
12:16:25.0266 4420 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:16:25.0297 4420 SCardSvr - ok
12:16:25.0344 4420 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:16:25.0406 4420 scfilter - ok
12:16:25.0578 4420 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:16:25.0656 4420 Schedule - ok
12:16:25.0702 4420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:16:25.0718 4420 SCPolicySvc - ok
12:16:25.0765 4420 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:16:25.0781 4420 sdbus - ok
12:16:25.0812 4420 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:16:25.0859 4420 SDRSVC - ok
12:16:25.0874 4420 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:16:25.0905 4420 secdrv - ok
12:16:25.0937 4420 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:16:25.0983 4420 seclogon - ok
12:16:25.0999 4420 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:16:26.0030 4420 SENS - ok
12:16:26.0046 4420 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:16:26.0093 4420 SensrSvc - ok
12:16:26.0124 4420 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:16:26.0139 4420 Serenum - ok
12:16:26.0155 4420 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:16:26.0186 4420 Serial - ok
12:16:26.0202 4420 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:16:26.0217 4420 sermouse - ok
12:16:26.0233 4420 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:16:26.0264 4420 SessionEnv - ok
12:16:26.0280 4420 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:16:26.0295 4420 sffdisk - ok
12:16:26.0311 4420 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:16:26.0342 4420 sffp_mmc - ok
12:16:26.0358 4420 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:16:26.0763 4420 sffp_sd - ok
12:16:26.0826 4420 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:16:26.0857 4420 sfloppy - ok
12:16:26.0919 4420 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:16:26.0951 4420 ShellHWDetection - ok
12:16:26.0997 4420 [ F16269F0A47CBBF4578204283AC0D6B3 ] Sierra Wireless QDL Service C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
12:16:27.0013 4420 Sierra Wireless QDL Service - ok
12:16:27.0029 4420 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:16:27.0044 4420 SiSRaid2 - ok
12:16:27.0044 4420 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:16:27.0060 4420 SiSRaid4 - ok
12:16:27.0200 4420 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:16:27.0278 4420 Skype C2C Service - ok
12:16:27.0341 4420 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:16:27.0356 4420 SkypeUpdate - ok
12:16:27.0372 4420 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:16:27.0403 4420 Smb - ok
12:16:27.0434 4420 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:16:27.0450 4420 SNMPTRAP - ok
12:16:27.0481 4420 [ 9CD1C53490EB5601870A69A8E40F7B12 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
12:16:27.0543 4420 SNP2UVC - ok
12:16:27.0575 4420 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:16:27.0575 4420 spldr - ok
12:16:27.0590 4420 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
12:16:27.0621 4420 Spooler - ok
12:16:27.0715 4420 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:16:27.0824 4420 sppsvc - ok
12:16:27.0855 4420 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:16:27.0887 4420 sppuinotify - ok
12:16:27.0918 4420 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:16:27.0980 4420 srv - ok
12:16:27.0980 4420 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:16:28.0011 4420 srv2 - ok
12:16:28.0027 4420 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:16:28.0043 4420 srvnet - ok
12:16:28.0074 4420 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:16:28.0105 4420 SSDPSRV - ok
12:16:28.0121 4420 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:16:28.0136 4420 SstpSvc - ok
12:16:28.0183 4420 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:16:28.0199 4420 stexstor - ok
12:16:28.0230 4420 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:16:28.0245 4420 stisvc - ok
12:16:28.0277 4420 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:16:28.0292 4420 storflt - ok
12:16:28.0308 4420 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
12:16:28.0355 4420 StorSvc - ok
12:16:28.0386 4420 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:16:28.0386 4420 storvsc - ok
12:16:28.0401 4420 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:16:28.0401 4420 swenum - ok
12:16:28.0433 4420 [ 27FA8EBC9A28B57658F6747473CB5C8E ] swg3kflt00 C:\Windows\system32\DRIVERS\swg3kflt00.sys
12:16:28.0448 4420 swg3kflt00 - ok
12:16:28.0479 4420 [ D74305444436E41BEB59FF2260A6394A ] swg3kmbb00 C:\Windows\system32\DRIVERS\swg3kmbb00.sys
12:16:28.0511 4420 swg3kmbb00 - ok
12:16:28.0526 4420 [ 143B763E71DF2ED586C278541F89432D ] swg3knmea00 C:\Windows\system32\DRIVERS\swg3knmea00.sys
12:16:28.0557 4420 swg3knmea00 - ok
12:16:28.0573 4420 [ 143B763E71DF2ED586C278541F89432D ] swg3kser00 C:\Windows\system32\DRIVERS\swg3kser00.sys
12:16:28.0573 4420 swg3kser00 - ok
12:16:28.0589 4420 [ B49E9DB5401ECC28A104E64F5434A38E ] swibus00 C:\Windows\system32\DRIVERS\swibus00.sys
12:16:28.0604 4420 swibus00 - ok
12:16:28.0620 4420 [ B49E9DB5401ECC28A104E64F5434A38E ] swibusflt00 C:\Windows\system32\DRIVERS\swibusflt00.sys
12:16:28.0620 4420 swibusflt00 - ok
12:16:28.0651 4420 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:16:28.0698 4420 swprv - ok
12:16:28.0745 4420 [ 3C08FB2829A5304825F974B1631DEDFA ] SynTP C:\Windows\system32\drivers\SynTP.sys
12:16:28.0760 4420 SynTP - ok
12:16:28.0885 4420 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:16:29.0088 4420 SysMain - ok
12:16:29.0103 4420 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:16:29.0119 4420 TabletInputService - ok
12:16:29.0135 4420 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:16:29.0166 4420 TapiSrv - ok
12:16:29.0181 4420 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:16:29.0197 4420 TBS - ok
12:16:29.0291 4420 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:16:29.0337 4420 Tcpip - ok
12:16:29.0384 4420 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:16:29.0415 4420 TCPIP6 - ok
12:16:29.0431 4420 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:16:29.0462 4420 tcpipreg - ok
12:16:29.0478 4420 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:16:29.0525 4420 TDPIPE - ok
12:16:29.0540 4420 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:16:29.0556 4420 TDTCP - ok
12:16:29.0571 4420 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:16:29.0618 4420 tdx - ok
12:16:29.0852 4420 [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
12:16:29.0946 4420 TeamViewer6 - ok
12:16:30.0039 4420 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:16:30.0133 4420 TeamViewer7 - ok
12:16:30.0164 4420 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:16:30.0180 4420 TermDD - ok
12:16:30.0195 4420 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:16:30.0258 4420 TermService - ok
12:16:30.0273 4420 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:16:30.0289 4420 Themes - ok
12:16:30.0320 4420 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:16:30.0336 4420 THREADORDER - ok
12:16:30.0398 4420 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
12:16:30.0429 4420 TPM - ok
12:16:30.0429 4420 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:16:30.0476 4420 TrkWks - ok
12:16:30.0523 4420 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:16:30.0539 4420 TrustedInstaller - ok
12:16:30.0601 4420 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:16:30.0663 4420 tssecsrv - ok
12:16:30.0695 4420 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:16:30.0726 4420 TsUsbFlt - ok
12:16:30.0804 4420 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:16:30.0866 4420 TsUsbGD - ok
12:16:30.0960 4420 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:16:31.0022 4420 tunnel - ok
12:16:31.0038 4420 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:16:31.0053 4420 uagp35 - ok
12:16:31.0069 4420 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:16:31.0100 4420 udfs - ok
12:16:31.0131 4420 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:16:31.0131 4420 UI0Detect - ok
12:16:31.0147 4420 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:16:31.0163 4420 uliagpkx - ok
12:16:31.0178 4420 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:16:31.0178 4420 umbus - ok
12:16:31.0209 4420 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:16:31.0225 4420 UmPass - ok
12:16:31.0256 4420 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
12:16:31.0272 4420 UmRdpService - ok
12:16:31.0350 4420 [ E419566C7918A4C8E9497AFBD502FB2A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:16:31.0443 4420 UNS - ok
12:16:31.0490 4420 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:16:31.0537 4420 upnphost - ok
12:16:31.0568 4420 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:16:31.0599 4420 usbaudio - ok
12:16:31.0631 4420 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:16:31.0662 4420 usbccgp - ok
12:16:31.0693 4420 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:16:31.0709 4420 usbcir - ok
12:16:31.0740 4420 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:16:31.0771 4420 usbehci - ok
12:16:31.0911 4420 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:16:31.0943 4420 usbhub - ok
12:16:32.0364 4420 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:16:32.0379 4420 usbohci - ok
12:16:32.0395 4420 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:16:32.0411 4420 usbprint - ok
12:16:32.0442 4420 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:16:32.0473 4420 USBSTOR - ok
12:16:32.0489 4420 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:16:32.0504 4420 usbuhci - ok
12:16:32.0520 4420 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:16:32.0535 4420 usbvideo - ok
12:16:32.0551 4420 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:16:32.0582 4420 UxSms - ok
12:16:32.0629 4420 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:16:32.0645 4420 VaultSvc - ok
12:16:32.0645 4420 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:16:32.0660 4420 vdrvroot - ok
12:16:32.0676 4420 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:16:32.0723 4420 vds - ok
12:16:32.0754 4420 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:16:32.0769 4420 vga - ok
12:16:32.0769 4420 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:16:32.0801 4420 VgaSave - ok
12:16:32.0847 4420 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:16:32.0863 4420 vhdmp - ok
12:16:32.0879 4420 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:16:32.0879 4420 viaide - ok
12:16:32.0894 4420 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:16:32.0910 4420 vmbus - ok
12:16:32.0925 4420 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:16:32.0941 4420 VMBusHID - ok
12:16:32.0957 4420 [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:16:32.0972 4420 volmgr - ok
12:16:32.0988 4420 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:16:32.0988 4420 volmgrx - ok
12:16:33.0003 4420 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:16:33.0019 4420 volsnap - ok
12:16:33.0035 4420 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:16:33.0050 4420 vsmraid - ok
12:16:33.0097 4420 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:16:33.0159 4420 VSS - ok
12:16:33.0175 4420 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:16:33.0191 4420 vwifibus - ok
12:16:33.0206 4420 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:16:33.0222 4420 vwififlt - ok
12:16:33.0237 4420 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:16:33.0253 4420 vwifimp - ok
12:16:33.0284 4420 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:16:33.0315 4420 W32Time - ok
12:16:33.0331 4420 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:16:33.0331 4420 WacomPen - ok
12:16:33.0362 4420 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:16:33.0393 4420 WANARP - ok
12:16:33.0393 4420 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:16:33.0409 4420 Wanarpv6 - ok
12:16:33.0487 4420 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:16:33.0534 4420 WatAdminSvc - ok
12:16:33.0581 4420 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:16:33.0674 4420 wbengine - ok
12:16:33.0690 4420 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:16:33.0705 4420 WbioSrvc - ok
12:16:33.0737 4420 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:16:33.0752 4420 WcesComm - ok
12:16:33.0768 4420 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:16:33.0799 4420 wcncsvc - ok
12:16:33.0815 4420 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:16:33.0846 4420 WcsPlugInService - ok
12:16:33.0861 4420 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:16:33.0877 4420 Wd - ok
12:16:33.0893 4420 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:16:33.0924 4420 Wdf01000 - ok
12:16:33.0939 4420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:16:34.0017 4420 WdiServiceHost - ok
12:16:34.0017 4420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:16:34.0033 4420 WdiSystemHost - ok
12:16:34.0049 4420 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:16:34.0064 4420 WebClient - ok
12:16:34.0080 4420 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:16:34.0095 4420 Wecsvc - ok
12:16:34.0142 4420 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:16:34.0189 4420 wercplsupport - ok
12:16:34.0205 4420 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:16:34.0251 4420 WerSvc - ok
12:16:34.0267 4420 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:16:34.0283 4420 WfpLwf - ok
12:16:34.0329 4420 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:16:34.0345 4420 WIMMount - ok
12:16:34.0345 4420 WinHttpAutoProxySvc - ok
12:16:34.0423 4420 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:16:34.0470 4420 Winmgmt - ok
12:16:34.0641 4420 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:16:34.0735 4420 WinRM - ok
12:16:34.0782 4420 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
12:16:34.0797 4420 WinUsb - ok
12:16:34.0813 4420 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:16:34.0844 4420 Wlansvc - ok
12:16:34.0875 4420 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:16:34.0891 4420 wlcrasvc - ok
12:16:34.0969 4420 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:16:35.0063 4420 wlidsvc - ok
12:16:35.0063 4420 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:16:35.0078 4420 WmiAcpi - ok
12:16:35.0109 4420 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:16:35.0125 4420 wmiApSrv - ok
12:16:35.0156 4420 WMPNetworkSvc - ok
12:16:35.0156 4420 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:16:35.0187 4420 WPCSvc - ok
12:16:35.0203 4420 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:16:35.0250 4420 WPDBusEnum - ok
12:16:35.0265 4420 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:16:35.0281 4420 ws2ifsl - ok
12:16:35.0702 4420 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:16:35.0733 4420 WSDPrintDevice - ok
12:16:35.0765 4420 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:16:35.0780 4420 WSDScan - ok
12:16:35.0780 4420 WSearch - ok
12:16:35.0796 4420 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:16:35.0827 4420 WudfPf - ok
12:16:35.0858 4420 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:16:35.0889 4420 WUDFRd - ok
12:16:35.0921 4420 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:16:35.0936 4420 wudfsvc - ok
12:16:35.0967 4420 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:16:35.0999 4420 WwanSvc - ok
12:16:36.0045 4420 [ 7C5522028410A4A34BB8021F026733AF ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
12:16:36.0061 4420 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - warning
12:16:36.0061 4420 XMouseButton Launcher - detected UnsignedFile.Multi.Generic (1)
12:16:36.0092 4420 [ 8886B900CF97E1FF25BA8BD05B555C24 ] XobniService C:\Program Files (x86)\Xobni\XobniService.exe
12:16:36.0092 4420 XobniService - ok
12:16:36.0123 4420 ================ Scan global ===============================
12:16:36.0139 4420 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:16:36.0155 4420 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:16:36.0170 4420 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:16:36.0186 4420 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:16:36.0201 4420 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
12:16:36.0201 4420 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
12:16:36.0201 4420 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
12:16:36.0217 4420 ================ Scan MBR ==================================
12:16:36.0217 4420 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:16:36.0794 4420 \Device\Harddisk0\DR0 - ok
12:16:36.0794 4420 ================ Scan VBR ==================================
12:16:36.0825 4420 [ 41FFB6FC3354B6C1AE87CF5D82B896D6 ] \Device\Harddisk0\DR0\Partition1
12:16:36.0841 4420 \Device\Harddisk0\DR0\Partition1 - ok
12:16:36.0841 4420 [ 5A1411CB058626E0D2488E1CCB002386 ] \Device\Harddisk0\DR0\Partition2
12:16:36.0841 4420 \Device\Harddisk0\DR0\Partition2 - ok
12:16:36.0857 4420 [ E1221B9A5C3A8BF3C8B47BDF58DC9B2D ] \Device\Harddisk0\DR0\Partition3
12:16:36.0857 4420 \Device\Harddisk0\DR0\Partition3 - ok
12:16:36.0857 4420 ============================================================
12:16:36.0857 4420 Scan finished
12:16:36.0857 4420 ============================================================
12:16:36.0872 5416 Detected object count: 5
12:16:36.0872 5416 Actual detected object count: 5
12:20:15.0444 5416 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:15.0444 5416 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:20:15.0444 5416 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:15.0444 5416 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:20:15.0444 5416 PJDrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:15.0444 5416 PJDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:20:15.0444 5416 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:15.0444 5416 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:20:15.0616 5416 C:\Windows\system32\services.exe - copied to quarantine
12:20:29.0141 5416 Backup copy found, using it..
12:20:29.0203 5416 C:\Windows\system32\services.exe - will be cured on reboot
12:20:29.0203 5416 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
Geändert von LutzSchnalke (31.08.2012 um 11:30 Uhr) Grund: Ergänzung |
|
31.08.2012, 11:29
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Du hast aber nicht neu gestartet....das solltest du aber machen und dann auch ein neues Log mit dem tdsskiller
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 11:31
| #25 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Log nach dem Reboot, der vor dem Reboot (nach dem Entfernen ist in der vorigen Antwort) Code:
ATTFilter 12:25:01.0743 3092 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:25:01.0977 3092 ============================================================
12:25:01.0977 3092 Current date / time: 2012/08/31 12:25:01.0977
12:25:01.0977 3092 SystemInfo:
12:25:01.0977 3092
12:25:01.0977 3092 OS Version: 6.1.7601 ServicePack: 1.0
12:25:01.0977 3092 Product type: Workstation
12:25:01.0977 3092 ComputerName: NBLS
12:25:01.0977 3092 UserName: ls
12:25:01.0977 3092 Windows directory: C:\Windows
12:25:01.0977 3092 System windows directory: C:\Windows
12:25:01.0977 3092 Running under WOW64
12:25:01.0977 3092 Processor architecture: Intel x64
12:25:01.0977 3092 Number of processors: 4
12:25:01.0977 3092 Page size: 0x1000
12:25:01.0977 3092 Boot type: Normal boot
12:25:01.0977 3092 ============================================================
12:25:04.0099 3092 BG loaded
12:25:04.0707 3092 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:25:04.0707 3092 ============================================================
12:25:04.0707 3092 \Device\Harddisk0\DR0:
12:25:04.0707 3092 MBR partitions:
12:25:04.0723 3092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x41C800, BlocksNum 0x4E20000
12:25:04.0738 3092 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x523D000, BlocksNum 0x1388000
12:25:04.0738 3092 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x65C6A72, BlocksNum 0x318A2BD9
12:25:04.0769 3092 ============================================================
12:25:04.0801 3092 C: <-> \Device\Harddisk0\DR0\Partition1
12:25:04.0863 3092 D: <-> \Device\Harddisk0\DR0\Partition3
12:25:04.0863 3092 ============================================================
12:25:04.0863 3092 Initialize success
12:25:04.0863 3092 ============================================================
12:26:13.0137 5244 ============================================================
12:26:13.0137 5244 Scan started
12:26:13.0137 5244 Mode: Manual; SigCheck; TDLFS;
12:26:13.0137 5244 ============================================================
12:26:15.0196 5244 ================ Scan services =============================
12:26:15.0742 5244 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:26:15.0882 5244 1394ohci - ok
12:26:15.0991 5244 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:26:16.0038 5244 ACPI - ok
12:26:16.0069 5244 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:26:16.0116 5244 AcpiPmi - ok
12:26:16.0147 5244 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:26:16.0163 5244 adp94xx - ok
12:26:16.0194 5244 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:26:16.0225 5244 adpahci - ok
12:26:16.0225 5244 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:26:16.0241 5244 adpu320 - ok
12:26:16.0272 5244 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:26:16.0381 5244 AeLookupSvc - ok
12:26:16.0491 5244 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:26:16.0553 5244 AFD - ok
12:26:16.0615 5244 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
12:26:16.0693 5244 AgereSoftModem - ok
12:26:16.0740 5244 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:26:16.0771 5244 agp440 - ok
12:26:16.0865 5244 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:26:17.0099 5244 ALG - ok
12:26:17.0146 5244 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:26:17.0161 5244 aliide - ok
12:26:17.0193 5244 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:26:17.0208 5244 amdide - ok
12:26:17.0224 5244 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:26:17.0255 5244 AmdK8 - ok
12:26:17.0271 5244 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:26:17.0333 5244 AmdPPM - ok
12:26:17.0349 5244 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:26:17.0395 5244 amdsata - ok
12:26:17.0411 5244 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:26:17.0473 5244 amdsbs - ok
12:26:17.0505 5244 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:26:17.0520 5244 amdxata - ok
12:26:17.0707 5244 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
12:26:17.0723 5244 AntiVirMailService - ok
12:26:18.0160 5244 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:26:18.0160 5244 AntiVirSchedulerService - ok
12:26:18.0175 5244 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:26:18.0191 5244 AntiVirService - ok
12:26:18.0222 5244 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:26:18.0238 5244 AntiVirWebService - ok
12:26:18.0316 5244 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:26:18.0472 5244 AppID - ok
12:26:18.0487 5244 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:26:18.0534 5244 AppIDSvc - ok
12:26:18.0597 5244 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:26:18.0643 5244 Appinfo - ok
12:26:18.0690 5244 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:26:18.0737 5244 AppMgmt - ok
12:26:18.0768 5244 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:26:18.0768 5244 arc - ok
12:26:18.0784 5244 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:26:18.0815 5244 arcsas - ok
12:26:19.0345 5244 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:26:19.0423 5244 aspnet_state - ok
12:26:19.0455 5244 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:19.0501 5244 AsyncMac - ok
12:26:19.0517 5244 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:26:19.0533 5244 atapi - ok
12:26:19.0704 5244 [ FA47E65AA0C1DBC6DFEB7E9C6F12A5EA ] ATService C:\Program Files\Fingerprint Sensor\ATService.exe
12:26:19.0767 5244 ATService - ok
12:26:19.0860 5244 [ 4131DABB573D70FDA332A55F206F6CFF ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
12:26:19.0876 5244 ATSwpWDF - ok
12:26:19.0923 5244 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:26:20.0047 5244 AudioEndpointBuilder - ok
12:26:20.0250 5244 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:26:20.0281 5244 AudioSrv - ok
12:26:20.0375 5244 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:26:20.0375 5244 avgntflt - ok
12:26:20.0406 5244 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:26:20.0406 5244 avipbb - ok
12:26:20.0469 5244 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:26:20.0469 5244 avkmgr - ok
12:26:20.0547 5244 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:26:20.0718 5244 AxInstSV - ok
12:26:20.0781 5244 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:26:20.0859 5244 b06bdrv - ok
12:26:20.0937 5244 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:26:20.0999 5244 b57nd60a - ok
12:26:21.0217 5244 [ 6F29CA4EA1DB1888016EB22ADAE4227D ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
12:26:21.0233 5244 bcbtums - ok
12:26:21.0342 5244 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:26:21.0389 5244 BDESVC - ok
12:26:21.0451 5244 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:26:21.0483 5244 Beep - ok
12:26:21.0498 5244 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:26:21.0529 5244 blbdrive - ok
12:26:21.0576 5244 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:26:21.0732 5244 bowser - ok
12:26:21.0888 5244 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:26:21.0951 5244 BrFiltLo - ok
12:26:21.0966 5244 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:26:21.0982 5244 BrFiltUp - ok
12:26:22.0060 5244 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
12:26:22.0107 5244 Browser - ok
12:26:22.0153 5244 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:26:22.0247 5244 Brserid - ok
12:26:22.0263 5244 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:26:22.0341 5244 BrSerWdm - ok
12:26:22.0965 5244 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:26:23.0105 5244 BrUsbMdm - ok
12:26:23.0121 5244 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:26:24.0649 5244 BrUsbSer - ok
12:26:24.0805 5244 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
12:26:24.0899 5244 BthEnum - ok
12:26:24.0930 5244 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:26:24.0977 5244 BTHMODEM - ok
12:26:25.0055 5244 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:26:25.0071 5244 BthPan - ok
12:26:25.0258 5244 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:26:25.0273 5244 BTHPORT - ok
12:26:25.0336 5244 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:26:25.0367 5244 bthserv - ok
12:26:25.0383 5244 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:26:25.0429 5244 BTHUSB - ok
12:26:25.0554 5244 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
12:26:25.0554 5244 BTWAMPFL - ok
12:26:25.0617 5244 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:26:25.0632 5244 btwaudio - ok
12:26:25.0710 5244 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:26:25.0726 5244 btwavdt - ok
12:26:26.0116 5244 [ 36E3016BEDC45274E00E2943B591AEEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:26:26.0131 5244 btwdins - ok
12:26:26.0178 5244 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:26:26.0178 5244 btwl2cap - ok
12:26:26.0194 5244 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:26:26.0209 5244 btwrchid - ok
12:26:26.0241 5244 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:26:26.0287 5244 cdfs - ok
12:26:26.0319 5244 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:26:26.0350 5244 cdrom - ok
12:26:26.0381 5244 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:26:26.0443 5244 CertPropSvc - ok
12:26:26.0802 5244 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:26:26.0911 5244 circlass - ok
12:26:27.0114 5244 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:26:27.0177 5244 CLFS - ok
12:26:27.0333 5244 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:27.0395 5244 clr_optimization_v2.0.50727_32 - ok
12:26:27.0473 5244 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:26:27.0613 5244 clr_optimization_v2.0.50727_64 - ok
12:26:27.0769 5244 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:28.0253 5244 clr_optimization_v4.0.30319_32 - ok
12:26:28.0300 5244 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:26:28.0362 5244 clr_optimization_v4.0.30319_64 - ok
12:26:28.0378 5244 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:26:28.0409 5244 CmBatt - ok
12:26:28.0425 5244 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:26:28.0440 5244 cmdide - ok
12:26:28.0518 5244 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:26:28.0549 5244 CNG - ok
12:26:28.0612 5244 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:26:28.0659 5244 Compbatt - ok
12:26:28.0705 5244 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:26:28.0721 5244 CompositeBus - ok
12:26:28.0737 5244 COMSysApp - ok
12:26:28.0783 5244 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:26:28.0783 5244 crcdisk - ok
12:26:28.0846 5244 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:26:28.0924 5244 CryptSvc - ok
12:26:29.0064 5244 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
12:26:29.0095 5244 CSC - ok
12:26:29.0205 5244 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
12:26:29.0251 5244 CscService - ok
12:26:29.0298 5244 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:26:29.0345 5244 DcomLaunch - ok
12:26:29.0392 5244 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:26:29.0563 5244 defragsvc - ok
12:26:29.0610 5244 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:26:29.0673 5244 DfsC - ok
12:26:29.0735 5244 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:26:29.0782 5244 Dhcp - ok
12:26:29.0813 5244 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:26:29.0860 5244 discache - ok
12:26:29.0860 5244 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:26:29.0875 5244 Disk - ok
12:26:29.0907 5244 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:26:29.0922 5244 dmvsc - ok
12:26:29.0953 5244 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:26:29.0985 5244 Dnscache - ok
12:26:30.0031 5244 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:26:30.0063 5244 dot3svc - ok
12:26:30.0094 5244 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:26:30.0141 5244 DPS - ok
12:26:30.0172 5244 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:26:30.0187 5244 drmkaud - ok
12:26:30.0375 5244 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:26:30.0390 5244 DXGKrnl - ok
12:26:30.0484 5244 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
12:26:30.0499 5244 e1cexpress - ok
12:26:30.0531 5244 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:26:30.0562 5244 EapHost - ok
12:26:30.0733 5244 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:26:30.0843 5244 ebdrv - ok
12:26:30.0874 5244 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:26:30.0905 5244 EFS - ok
12:26:30.0967 5244 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:26:31.0045 5244 ehRecvr - ok
12:26:31.0077 5244 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:26:31.0092 5244 ehSched - ok
12:26:31.0139 5244 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:26:31.0186 5244 elxstor - ok
12:26:31.0201 5244 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:26:31.0217 5244 ErrDev - ok
12:26:31.0264 5244 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:26:31.0295 5244 EventSystem - ok
12:26:31.0513 5244 [ 7A526761229C10B0D8508B905F0FEE4C ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:26:31.0529 5244 EvtEng - ok
12:26:31.0576 5244 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:26:31.0654 5244 exfat - ok
12:26:31.0701 5244 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:26:31.0747 5244 fastfat - ok
12:26:31.0997 5244 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:26:32.0137 5244 Fax - ok
12:26:32.0169 5244 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
12:26:32.0169 5244 FBIOSDRV - ok
12:26:32.0184 5244 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:26:32.0231 5244 fdc - ok
12:26:32.0293 5244 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:26:32.0356 5244 fdPHost - ok
12:26:32.0387 5244 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:26:32.0418 5244 FDResPub - ok
12:26:32.0481 5244 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:26:32.0512 5244 FileInfo - ok
12:26:32.0543 5244 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:26:32.0621 5244 Filetrace - ok
12:26:32.0683 5244 [ 2FA407147F273D7852FEB7BDA71E54E1 ] FJGSDisk C:\Windows\system32\DRIVERS\FJGSDisk.sys
12:26:32.0699 5244 FJGSDisk - ok
12:26:32.0715 5244 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:26:32.0730 5244 flpydisk - ok
12:26:32.0761 5244 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:26:32.0777 5244 FltMgr - ok
12:26:32.0917 5244 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:26:32.0995 5244 FontCache - ok
12:26:33.0042 5244 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:26:33.0058 5244 FontCache3.0.0.0 - ok
12:26:33.0058 5244 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:26:33.0073 5244 FsDepends - ok
12:26:33.0089 5244 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:26:33.0105 5244 Fs_Rec - ok
12:26:33.0136 5244 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\drivers\FUJ02B1.sys
12:26:33.0198 5244 FUJ02B1 - ok
12:26:33.0417 5244 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
12:26:33.0448 5244 FUJ02E3 - ok
12:26:33.0495 5244 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:26:33.0526 5244 fvevol - ok
12:26:33.0557 5244 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:26:33.0588 5244 gagp30kx - ok
12:26:33.0822 5244 [ DCBFA8269D243A855344E846049CBDAE ] GoogleDesktopManager-060409-093314 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
12:26:33.0838 5244 GoogleDesktopManager-060409-093314 - ok
12:26:34.0025 5244 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:26:34.0087 5244 gpsvc - ok
12:26:34.0228 5244 [ FB9AD1E93E445AB84594931B8552501A ] guardian2 C:\Windows\system32\Drivers\oz776x64.sys
12:26:34.0290 5244 guardian2 - ok
12:26:34.0368 5244 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:26:34.0462 5244 hcw85cir - ok
12:26:34.0509 5244 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:26:34.0618 5244 HdAudAddService - ok
12:26:34.0665 5244 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:26:34.0711 5244 HDAudBus - ok
12:26:34.0758 5244 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:26:34.0789 5244 HidBatt - ok
12:26:34.0821 5244 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:26:34.0867 5244 HidBth - ok
12:26:34.0945 5244 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:26:34.0977 5244 HidIr - ok
12:26:34.0992 5244 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:26:35.0086 5244 hidserv - ok
12:26:35.0226 5244 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:26:35.0242 5244 HidUsb - ok
12:26:35.0320 5244 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:26:35.0460 5244 hkmsvc - ok
12:26:35.0538 5244 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:26:35.0710 5244 HomeGroupListener - ok
12:26:35.0772 5244 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:26:35.0819 5244 HomeGroupProvider - ok
12:26:35.0850 5244 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:26:35.0897 5244 HpSAMD - ok
12:26:36.0053 5244 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:26:36.0131 5244 HTTP - ok
12:26:36.0178 5244 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:26:36.0193 5244 hwpolicy - ok
12:26:36.0240 5244 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:26:36.0256 5244 i8042prt - ok
12:26:36.0334 5244 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:26:36.0459 5244 iaStor - ok
12:26:36.0552 5244 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:26:36.0615 5244 iaStorV - ok
12:26:36.0755 5244 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:26:37.0005 5244 idsvc - ok
12:26:37.0863 5244 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:26:38.0019 5244 igfx - ok
12:26:38.0065 5244 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:26:38.0097 5244 iirsp - ok
12:26:38.0143 5244 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:26:38.0206 5244 IKEEXT - ok
12:26:38.0299 5244 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:26:38.0299 5244 intaud_WaveExtensible - ok
12:26:38.0455 5244 [ D492D3B5A8DDDE1D6621A8C53855EABF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:26:38.0502 5244 IntcAzAudAddService - ok
12:26:38.0596 5244 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:26:38.0627 5244 IntcDAud - ok
12:26:38.0690 5244 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:26:38.0721 5244 intelide - ok
12:26:38.0768 5244 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:26:38.0814 5244 intelppm - ok
12:26:38.0861 5244 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:26:38.0924 5244 IPBusEnum - ok
12:26:38.0939 5244 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:26:39.0002 5244 IpFilterDriver - ok
12:26:39.0033 5244 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:26:39.0080 5244 IPMIDRV - ok
12:26:39.0095 5244 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:26:39.0126 5244 IPNAT - ok
12:26:39.0158 5244 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:26:39.0158 5244 IRENUM - ok
12:26:39.0173 5244 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:26:39.0189 5244 isapnp - ok
12:26:39.0204 5244 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:26:39.0220 5244 iScsiPrt - ok
12:26:39.0251 5244 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
12:26:39.0251 5244 iwdbus - ok
12:26:39.0282 5244 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:26:39.0282 5244 kbdclass - ok
12:26:39.0298 5244 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:26:39.0329 5244 kbdhid - ok
12:26:39.0345 5244 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:26:39.0360 5244 KeyIso - ok
12:26:39.0392 5244 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:26:39.0407 5244 KSecDD - ok
12:26:39.0423 5244 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:26:39.0438 5244 KSecPkg - ok
12:26:39.0454 5244 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:26:39.0485 5244 ksthunk - ok
12:26:39.0626 5244 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:26:39.0735 5244 KtmRm - ok
12:26:39.0782 5244 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:26:39.0828 5244 LanmanServer - ok
12:26:39.0860 5244 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:26:39.0922 5244 LanmanWorkstation - ok
12:26:39.0953 5244 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:26:39.0969 5244 LHidFilt - ok
12:26:40.0062 5244 [ F3CA8234F60EBA24604B5A9390D2FED5 ] LIDIS 3 Service C:\Program Files (x86)\LIDIS 3\Bin\srvany.exe
12:26:40.0062 5244 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - warning
12:26:40.0062 5244 LIDIS 3 Service - detected UnsignedFile.Multi.Generic (1)
12:26:40.0094 5244 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:26:40.0125 5244 lltdio - ok
12:26:40.0156 5244 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:26:40.0203 5244 lltdsvc - ok
12:26:40.0218 5244 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:26:40.0234 5244 lmhosts - ok
12:26:40.0265 5244 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:26:40.0281 5244 LMouFilt - ok
12:26:40.0343 5244 [ A63B719F4F8657F3FCD84436D09378C8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:26:40.0359 5244 LMS - ok
12:26:40.0390 5244 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:26:40.0406 5244 LSI_FC - ok
12:26:40.0421 5244 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:26:40.0437 5244 LSI_SAS - ok
12:26:40.0452 5244 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:26:40.0468 5244 LSI_SAS2 - ok
12:26:40.0484 5244 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:26:40.0484 5244 LSI_SCSI - ok
12:26:40.0499 5244 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:26:40.0562 5244 luafv - ok
12:26:40.0658 5244 [ 11DDB1D900078FBE3691DF7B878AEC28 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
12:26:40.0668 5244 LUsbFilt - ok
12:26:40.0738 5244 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:26:40.0788 5244 MBAMProtector - ok
12:26:40.0888 5244 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:26:40.0924 5244 MBAMService - ok
12:26:40.0971 5244 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:26:41.0018 5244 Mcx2Svc - ok
12:26:41.0033 5244 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:26:41.0064 5244 megasas - ok
12:26:41.0096 5244 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:26:41.0111 5244 MegaSR - ok
12:26:41.0142 5244 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:26:41.0158 5244 MEIx64 - ok
12:26:41.0205 5244 [ 3048A72A85B31BA3980499B93B93CD30 ] mircap C:\Windows\system32\DRIVERS\mircap.sys
12:26:41.0236 5244 mircap - ok
12:26:41.0252 5244 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:26:41.0283 5244 MMCSS - ok
12:26:41.0314 5244 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:26:41.0376 5244 Modem - ok
12:26:41.0408 5244 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:26:41.0439 5244 monitor - ok
12:26:41.0454 5244 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:26:41.0470 5244 mouclass - ok
12:26:41.0486 5244 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:26:41.0501 5244 mouhid - ok
12:26:41.0517 5244 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:26:41.0517 5244 mountmgr - ok
12:26:41.0595 5244 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:26:41.0610 5244 mpio - ok
12:26:41.0642 5244 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:26:41.0688 5244 mpsdrv - ok
12:26:41.0704 5244 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:26:41.0782 5244 MRxDAV - ok
12:26:41.0813 5244 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:26:41.0907 5244 mrxsmb - ok
12:26:41.0938 5244 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:26:41.0985 5244 mrxsmb10 - ok
12:26:42.0016 5244 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:26:42.0063 5244 mrxsmb20 - ok
12:26:42.0078 5244 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:26:42.0094 5244 msahci - ok
12:26:42.0110 5244 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:26:42.0125 5244 msdsm - ok
12:26:42.0141 5244 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:26:42.0156 5244 MSDTC - ok
12:26:42.0188 5244 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:26:42.0219 5244 Msfs - ok
12:26:42.0234 5244 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:26:42.0266 5244 mshidkmdf - ok
12:26:42.0297 5244 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:26:42.0297 5244 msisadrv - ok
12:26:42.0328 5244 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:26:42.0375 5244 MSiSCSI - ok
12:26:42.0375 5244 msiserver - ok
12:26:42.0406 5244 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:26:42.0437 5244 MSKSSRV - ok
12:26:42.0468 5244 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:26:42.0531 5244 MSPCLOCK - ok
12:26:42.0593 5244 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:26:42.0687 5244 MSPQM - ok
12:26:42.0734 5244 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:26:42.0780 5244 MsRPC - ok
12:26:42.0812 5244 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:26:42.0827 5244 mssmbios - ok
12:26:42.0858 5244 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:26:42.0905 5244 MSTEE - ok
12:26:42.0936 5244 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:26:42.0968 5244 MTConfig - ok
12:26:42.0999 5244 [ 258779453979AE1A89CB466C8B61176F ] mtpaudio C:\Windows\system32\DRIVERS\mtpaudio.sys
12:26:43.0030 5244 mtpaudio - ok
12:26:43.0046 5244 [ 985CAACFFC429E0719D08E550B4F0982 ] mtvpbus C:\Windows\system32\DRIVERS\mtvpbus.sys
12:26:43.0077 5244 mtvpbus - ok
12:26:43.0092 5244 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:26:43.0108 5244 Mup - ok
12:26:43.0186 5244 [ 95D193CAE3C4D575D88B6D93DDCD60D3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:26:43.0233 5244 MyWiFiDHCPDNS - ok
12:26:43.0264 5244 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:26:43.0311 5244 napagent - ok
12:26:43.0358 5244 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:26:43.0389 5244 NativeWifiP - ok
12:26:43.0404 5244 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:26:43.0467 5244 NDIS - ok
12:26:43.0467 5244 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:26:43.0498 5244 NdisCap - ok
12:26:43.0545 5244 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:26:43.0576 5244 NdisTapi - ok
12:26:43.0623 5244 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:26:43.0670 5244 Ndisuio - ok
12:26:43.0685 5244 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:26:43.0748 5244 NdisWan - ok
12:26:43.0779 5244 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:26:43.0810 5244 NDProxy - ok
12:26:44.0068 5244 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:26:44.0108 5244 Nero BackItUp Scheduler 4.0 - ok
12:26:44.0148 5244 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:26:44.0178 5244 NetBIOS - ok
12:26:44.0218 5244 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:26:44.0268 5244 NetBT - ok
12:26:44.0278 5244 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:26:44.0288 5244 Netlogon - ok
12:26:44.0318 5244 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:26:44.0348 5244 Netman - ok
12:26:44.0403 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:44.0466 5244 NetMsmqActivator - ok
12:26:44.0466 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:44.0466 5244 NetPipeActivator - ok
12:26:44.0497 5244 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:26:44.0528 5244 netprofm - ok
12:26:44.0528 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:44.0528 5244 NetTcpActivator - ok
12:26:44.0544 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:44.0544 5244 NetTcpPortSharing - ok
12:26:44.0996 5244 [ 8ADAA4CC125EC1A1CB66E363DF531CC4 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:26:45.0090 5244 NETwNs64 - ok
12:26:45.0121 5244 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:26:45.0121 5244 nfrd960 - ok
12:26:45.0168 5244 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:26:45.0214 5244 NlaSvc - ok
12:26:45.0261 5244 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:26:45.0292 5244 Npfs - ok
12:26:45.0324 5244 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:26:45.0339 5244 nsi - ok
12:26:45.0355 5244 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:26:45.0386 5244 nsiproxy - ok
12:26:45.0448 5244 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:26:45.0511 5244 Ntfs - ok
12:26:45.0526 5244 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:26:45.0542 5244 Null - ok
12:26:45.0589 5244 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:26:45.0604 5244 nusb3hub - ok
12:26:45.0620 5244 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:26:45.0651 5244 nusb3xhc - ok
12:26:45.0698 5244 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:26:45.0745 5244 nvraid - ok
12:26:45.0807 5244 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:26:45.0838 5244 nvstor - ok
12:26:45.0854 5244 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:26:45.0870 5244 nv_agp - ok
12:26:45.0901 5244 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:26:45.0948 5244 ohci1394 - ok
12:26:46.0026 5244 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:26:46.0041 5244 ose - ok
12:26:46.0057 5244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:26:46.0104 5244 p2pimsvc - ok
12:26:46.0119 5244 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:26:46.0166 5244 p2psvc - ok
12:26:46.0197 5244 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:26:46.0197 5244 Parport - ok
12:26:46.0260 5244 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:26:46.0291 5244 partmgr - ok
12:26:46.0322 5244 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:26:46.0338 5244 PcaSvc - ok
12:26:46.0353 5244 [ B26E102E0F54773119B162F56C9DD994 ] pci C:\Windows\system32\drivers\pci.sys
12:26:46.0369 5244 pci - ok
12:26:46.0384 5244 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:26:46.0400 5244 pciide - ok
12:26:46.0416 5244 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:26:46.0431 5244 pcmcia - ok
12:26:46.0462 5244 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:26:46.0478 5244 pcw - ok
12:26:46.0494 5244 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:26:46.0540 5244 PEAUTH - ok
12:26:46.0603 5244 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:26:46.0712 5244 PeerDistSvc - ok
12:26:47.0071 5244 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:26:47.0118 5244 PerfHost - ok
12:26:47.0211 5244 [ 6CE8BB00A615A4F3FA2F36FDB2EF4EFA ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
12:26:47.0227 5244 PFNService ( UnsignedFile.Multi.Generic ) - warning
12:26:47.0227 5244 PFNService - detected UnsignedFile.Multi.Generic (1)
12:26:47.0305 5244 [ 9FEAB474189E6FE97CFF1195C09CD1B3 ] PJDrv C:\Program Files (x86)\Panasonic\Wireless Manager ME4.5\PJDrv.sys
12:26:47.0320 5244 PJDrv ( UnsignedFile.Multi.Generic ) - warning
12:26:47.0320 5244 PJDrv - detected UnsignedFile.Multi.Generic (1)
12:26:47.0352 5244 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:26:47.0430 5244 pla - ok
12:26:47.0461 5244 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:26:47.0492 5244 PlugPlay - ok
12:26:47.0508 5244 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:26:47.0523 5244 PNRPAutoReg - ok
12:26:47.0554 5244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:26:47.0554 5244 PNRPsvc - ok
12:26:47.0601 5244 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:26:47.0601 5244 Point64 - ok
12:26:47.0632 5244 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:26:47.0710 5244 PolicyAgent - ok
12:26:47.0742 5244 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
12:26:47.0788 5244 Power - ok
12:26:47.0913 5244 [ 76FF4836EFA78DBF3F39F612D88CA7E7 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
12:26:47.0913 5244 PowerSavingUtilityService - ok
12:26:48.0007 5244 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:26:48.0054 5244 PptpMiniport - ok
12:26:48.0069 5244 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:26:48.0132 5244 Processor - ok
12:26:48.0163 5244 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:26:48.0194 5244 ProfSvc - ok
12:26:48.0241 5244 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:26:48.0241 5244 ProtectedStorage - ok
12:26:48.0256 5244 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:26:48.0288 5244 Psched - ok
12:26:48.0350 5244 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:26:48.0366 5244 PSI_SVC_2 - ok
12:26:48.0615 5244 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:26:48.0678 5244 ql2300 - ok
12:26:48.0756 5244 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:26:48.0787 5244 ql40xx - ok
12:26:48.0849 5244 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:26:48.0912 5244 QWAVE - ok
12:26:48.0943 5244 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:26:48.0990 5244 QWAVEdrv - ok
12:26:49.0146 5244 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:26:49.0161 5244 RapiMgr - ok
12:26:49.0177 5244 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:26:49.0255 5244 RasAcd - ok
12:26:49.0270 5244 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:26:49.0302 5244 RasAgileVpn - ok
12:26:49.0364 5244 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:26:49.0411 5244 RasAuto - ok
12:26:49.0426 5244 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:26:49.0473 5244 Rasl2tp - ok
12:26:49.0473 5244 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:26:49.0520 5244 RasMan - ok
12:26:49.0520 5244 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:26:49.0551 5244 RasPppoe - ok
12:26:49.0567 5244 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:26:49.0598 5244 RasSstp - ok
12:26:49.0614 5244 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:26:49.0660 5244 rdbss - ok
12:26:49.0692 5244 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:26:49.0707 5244 rdpbus - ok
12:26:49.0738 5244 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:26:49.0770 5244 RDPCDD - ok
12:26:49.0816 5244 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:26:49.0863 5244 RDPDR - ok
12:26:49.0910 5244 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:26:49.0957 5244 RDPENCDD - ok
12:26:49.0988 5244 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:26:50.0035 5244 RDPREFMP - ok
12:26:50.0097 5244 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:26:50.0128 5244 RDPWD - ok
12:26:50.0238 5244 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:26:50.0269 5244 rdyboost - ok
12:26:50.0362 5244 [ 2EC95080FAD2621C5E3034DE4C39A2A3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:26:50.0378 5244 RegSrvc - ok
12:26:50.0409 5244 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:26:50.0456 5244 RemoteAccess - ok
12:26:50.0518 5244 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:26:50.0565 5244 RemoteRegistry - ok
12:26:50.0596 5244 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:26:50.0612 5244 RFCOMM - ok
12:26:50.0643 5244 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:26:50.0674 5244 RpcEptMapper - ok
12:26:50.0706 5244 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:26:50.0721 5244 RpcLocator - ok
12:26:50.0737 5244 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:26:50.0768 5244 RpcSs - ok
12:26:50.0877 5244 [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:26:50.0893 5244 RSPCIESTOR - ok
12:26:50.0924 5244 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:26:50.0986 5244 rspndr - ok
12:26:51.0018 5244 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:26:51.0064 5244 s3cap - ok
12:26:51.0096 5244 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:26:51.0111 5244 SamSs - ok
12:26:51.0142 5244 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:26:51.0158 5244 sbp2port - ok
12:26:51.0189 5244 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:26:51.0220 5244 SCardSvr - ok
12:26:51.0236 5244 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:26:51.0267 5244 scfilter - ok
12:26:51.0283 5244 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:26:51.0330 5244 Schedule - ok
12:26:51.0361 5244 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:26:51.0392 5244 SCPolicySvc - ok
12:26:51.0423 5244 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:26:51.0470 5244 sdbus - ok
12:26:51.0486 5244 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:26:51.0517 5244 SDRSVC - ok
12:26:51.0532 5244 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:26:51.0548 5244 secdrv - ok
12:26:51.0579 5244 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:26:51.0673 5244 seclogon - ok
12:26:51.0688 5244 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:26:51.0735 5244 SENS - ok
12:26:51.0798 5244 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:26:51.0876 5244 SensrSvc - ok
12:26:51.0922 5244 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:26:51.0938 5244 Serenum - ok
12:26:51.0985 5244 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:26:52.0032 5244 Serial - ok
12:26:52.0063 5244 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:26:52.0110 5244 sermouse - ok
12:26:52.0141 5244 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:26:52.0188 5244 SessionEnv - ok
12:26:52.0219 5244 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:26:52.0266 5244 sffdisk - ok
12:26:52.0281 5244 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:26:52.0297 5244 sffp_mmc - ok
12:26:52.0312 5244 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:26:52.0328 5244 sffp_sd - ok
12:26:52.0344 5244 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:26:52.0359 5244 sfloppy - ok
12:26:52.0375 5244 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:26:52.0406 5244 ShellHWDetection - ok
12:26:52.0468 5244 [ F16269F0A47CBBF4578204283AC0D6B3 ] Sierra Wireless QDL Service C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
12:26:52.0468 5244 Sierra Wireless QDL Service - ok
12:26:52.0484 5244 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:26:52.0500 5244 SiSRaid2 - ok
12:26:52.0515 5244 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:26:52.0531 5244 SiSRaid4 - ok
12:26:52.0671 5244 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:26:52.0718 5244 Skype C2C Service - ok
12:26:52.0780 5244 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:26:52.0812 5244 SkypeUpdate - ok
12:26:52.0843 5244 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:26:52.0874 5244 Smb - ok
12:26:52.0921 5244 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:26:52.0936 5244 SNMPTRAP - ok
12:26:52.0983 5244 [ 9CD1C53490EB5601870A69A8E40F7B12 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
12:26:53.0030 5244 SNP2UVC - ok
12:26:53.0046 5244 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:26:53.0061 5244 spldr - ok
12:26:53.0077 5244 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
12:26:53.0108 5244 Spooler - ok
12:26:53.0233 5244 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:26:53.0311 5244 sppsvc - ok
12:26:53.0342 5244 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:26:53.0389 5244 sppuinotify - ok
12:26:53.0451 5244 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:26:53.0498 5244 srv - ok
12:26:53.0576 5244 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:26:53.0607 5244 srv2 - ok
12:26:53.0654 5244 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:26:53.0701 5244 srvnet - ok
12:26:53.0732 5244 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:26:53.0779 5244 SSDPSRV - ok
12:26:53.0826 5244 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:26:53.0872 5244 SstpSvc - ok
12:26:53.0919 5244 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:26:53.0950 5244 stexstor - ok
12:26:54.0013 5244 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:26:54.0060 5244 stisvc - ok
12:26:54.0091 5244 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:26:54.0122 5244 storflt - ok
12:26:54.0153 5244 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
12:26:54.0184 5244 StorSvc - ok
12:26:54.0200 5244 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:26:54.0216 5244 storvsc - ok
12:26:54.0231 5244 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:26:54.0231 5244 swenum - ok
12:26:54.0294 5244 [ 27FA8EBC9A28B57658F6747473CB5C8E ] swg3kflt00 C:\Windows\system32\DRIVERS\swg3kflt00.sys
12:26:54.0309 5244 swg3kflt00 - ok
12:26:54.0340 5244 [ D74305444436E41BEB59FF2260A6394A ] swg3kmbb00 C:\Windows\system32\DRIVERS\swg3kmbb00.sys
12:26:54.0372 5244 swg3kmbb00 - ok
12:26:54.0387 5244 [ 143B763E71DF2ED586C278541F89432D ] swg3knmea00 C:\Windows\system32\DRIVERS\swg3knmea00.sys
12:26:54.0418 5244 swg3knmea00 - ok
12:26:54.0434 5244 [ 143B763E71DF2ED586C278541F89432D ] swg3kser00 C:\Windows\system32\DRIVERS\swg3kser00.sys
12:26:54.0450 5244 swg3kser00 - ok
12:26:54.0465 5244 [ B49E9DB5401ECC28A104E64F5434A38E ] swibus00 C:\Windows\system32\DRIVERS\swibus00.sys
12:26:54.0496 5244 swibus00 - ok
12:26:54.0496 5244 [ B49E9DB5401ECC28A104E64F5434A38E ] swibusflt00 C:\Windows\system32\DRIVERS\swibusflt00.sys
12:26:54.0512 5244 swibusflt00 - ok
12:26:54.0528 5244 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:26:54.0590 5244 swprv - ok
12:26:54.0621 5244 [ 3C08FB2829A5304825F974B1631DEDFA ] SynTP C:\Windows\system32\drivers\SynTP.sys
12:26:54.0637 5244 SynTP - ok
12:26:54.0715 5244 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:26:54.0777 5244 SysMain - ok
12:26:54.0793 5244 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:26:54.0808 5244 TabletInputService - ok
12:26:54.0871 5244 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:26:54.0918 5244 TapiSrv - ok
12:26:54.0949 5244 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:26:54.0980 5244 TBS - ok
12:26:55.0152 5244 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:26:55.0464 5244 Tcpip - ok
12:26:55.0635 5244 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:26:55.0666 5244 TCPIP6 - ok
12:26:55.0698 5244 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:26:55.0760 5244 tcpipreg - ok
12:26:55.0776 5244 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:26:55.0854 5244 TDPIPE - ok
12:26:55.0916 5244 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:26:55.0963 5244 TDTCP - ok
12:26:55.0994 5244 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:26:56.0025 5244 tdx - ok
12:26:56.0415 5244 [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
12:26:56.0446 5244 TeamViewer6 - ok
12:26:56.0883 5244 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:26:56.0914 5244 TeamViewer7 - ok
12:26:56.0992 5244 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:26:56.0992 5244 TermDD - ok
12:26:57.0117 5244 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:26:57.0304 5244 TermService - ok
12:26:57.0320 5244 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:26:57.0367 5244 Themes - ok
12:26:57.0429 5244 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:26:57.0445 5244 THREADORDER - ok
12:26:57.0492 5244 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
12:26:57.0523 5244 TPM - ok
12:26:57.0554 5244 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:26:57.0616 5244 TrkWks - ok
12:26:57.0710 5244 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:26:57.0757 5244 TrustedInstaller - ok
12:26:57.0788 5244 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:26:57.0835 5244 tssecsrv - ok
12:26:57.0897 5244 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:26:57.0960 5244 TsUsbFlt - ok
12:26:58.0006 5244 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:26:58.0053 5244 TsUsbGD - ok
12:26:58.0147 5244 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:26:58.0178 5244 tunnel - ok
12:26:58.0194 5244 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:26:58.0209 5244 uagp35 - ok
12:26:58.0225 5244 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:26:58.0287 5244 udfs - ok
12:26:58.0350 5244 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:26:58.0350 5244 UI0Detect - ok
12:26:58.0365 5244 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:26:58.0365 5244 uliagpkx - ok
12:26:58.0412 5244 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:26:58.0412 5244 umbus - ok
12:26:58.0428 5244 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:26:58.0459 5244 UmPass - ok
12:26:58.0490 5244 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
12:26:58.0521 5244 UmRdpService - ok
12:26:58.0662 5244 [ E419566C7918A4C8E9497AFBD502FB2A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:26:58.0708 5244 UNS - ok
12:26:58.0786 5244 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:26:58.0833 5244 upnphost - ok
12:26:58.0880 5244 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:26:58.0911 5244 usbaudio - ok
12:26:58.0927 5244 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:26:58.0958 5244 usbccgp - ok
12:26:58.0989 5244 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:26:59.0020 5244 usbcir - ok
12:26:59.0036 5244 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:26:59.0067 5244 usbehci - ok
12:26:59.0098 5244 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:26:59.0114 5244 usbhub - ok
12:26:59.0130 5244 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:26:59.0145 5244 usbohci - ok
12:26:59.0161 5244 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:26:59.0176 5244 usbprint - ok
12:26:59.0208 5244 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:26:59.0239 5244 USBSTOR - ok
12:26:59.0254 5244 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:26:59.0270 5244 usbuhci - ok
12:26:59.0379 5244 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:26:59.0442 5244 usbvideo - ok
12:26:59.0520 5244 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:26:59.0566 5244 UxSms - ok
12:26:59.0582 5244 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:26:59.0598 5244 VaultSvc - ok
12:26:59.0629 5244 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:26:59.0644 5244 vdrvroot - ok
12:26:59.0754 5244 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:26:59.0863 5244 vds - ok
12:26:59.0941 5244 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:26:59.0956 5244 vga - ok
12:27:00.0003 5244 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:27:00.0034 5244 VgaSave - ok
12:27:00.0066 5244 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:27:00.0144 5244 vhdmp - ok
12:27:00.0159 5244 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:27:00.0190 5244 viaide - ok
12:27:00.0222 5244 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:27:00.0268 5244 vmbus - ok
12:27:00.0315 5244 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:27:00.0362 5244 VMBusHID - ok
12:27:00.0378 5244 [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:27:00.0409 5244 volmgr - ok
12:27:00.0487 5244 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:27:00.0518 5244 volmgrx - ok
12:27:00.0580 5244 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:27:00.0627 5244 volsnap - ok
12:27:00.0690 5244 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:27:00.0721 5244 vsmraid - ok
12:27:00.0939 5244 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:27:01.0111 5244 VSS - ok
12:27:01.0126 5244 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:27:01.0173 5244 vwifibus - ok
12:27:01.0204 5244 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:27:01.0251 5244 vwififlt - ok
12:27:01.0298 5244 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:27:01.0298 5244 vwifimp - ok
12:27:01.0423 5244 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:27:01.0641 5244 W32Time - ok
12:27:01.0672 5244 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:27:01.0719 5244 WacomPen - ok
12:27:01.0813 5244 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:27:01.0875 5244 WANARP - ok
12:27:01.0891 5244 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:27:01.0906 5244 Wanarpv6 - ok
12:27:02.0218 5244 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:27:02.0343 5244 WatAdminSvc - ok
12:27:02.0390 5244 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:27:02.0437 5244 wbengine - ok
12:27:02.0452 5244 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:27:02.0468 5244 WbioSrvc - ok
12:27:02.0515 5244 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:27:02.0530 5244 WcesComm - ok
12:27:02.0562 5244 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:27:02.0593 5244 wcncsvc - ok
12:27:02.0608 5244 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:27:02.0640 5244 WcsPlugInService - ok
12:27:02.0671 5244 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:27:02.0686 5244 Wd - ok
12:27:02.0702 5244 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:27:02.0733 5244 Wdf01000 - ok
12:27:02.0749 5244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:27:02.0858 5244 WdiServiceHost - ok
12:27:02.0874 5244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:27:02.0874 5244 WdiSystemHost - ok
12:27:02.0889 5244 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:27:02.0905 5244 WebClient - ok
12:27:02.0936 5244 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:27:02.0967 5244 Wecsvc - ok
12:27:02.0983 5244 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:27:03.0045 5244 wercplsupport - ok
12:27:03.0123 5244 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:27:03.0154 5244 WerSvc - ok
12:27:03.0170 5244 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:03.0201 5244 WfpLwf - ok
12:27:03.0232 5244 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:27:03.0264 5244 WIMMount - ok
12:27:03.0264 5244 WinHttpAutoProxySvc - ok
12:27:03.0544 5244 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:27:03.0591 5244 Winmgmt - ok
12:27:03.0685 5244 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:27:03.0841 5244 WinRM - ok
12:27:03.0950 5244 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
12:27:03.0997 5244 WinUsb - ok
12:27:04.0137 5244 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:27:04.0153 5244 Wlansvc - ok
12:27:04.0262 5244 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:27:04.0293 5244 wlcrasvc - ok
12:27:04.0543 5244 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:27:04.0590 5244 wlidsvc - ok
12:27:04.0605 5244 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:27:04.0605 5244 WmiAcpi - ok
12:27:04.0652 5244 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:27:04.0730 5244 wmiApSrv - ok
12:27:04.0808 5244 WMPNetworkSvc - ok
12:27:04.0855 5244 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:27:04.0902 5244 WPCSvc - ok
12:27:04.0948 5244 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:27:04.0948 5244 WPDBusEnum - ok
12:27:04.0995 5244 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:27:05.0058 5244 ws2ifsl - ok
12:27:05.0136 5244 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:27:05.0198 5244 WSDPrintDevice - ok
12:27:05.0260 5244 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:27:05.0323 5244 WSDScan - ok
12:27:05.0323 5244 WSearch - ok
12:27:05.0354 5244 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:27:05.0370 5244 WudfPf - ok
12:27:05.0416 5244 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:05.0463 5244 WUDFRd - ok
12:27:05.0494 5244 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:27:05.0526 5244 wudfsvc - ok
12:27:05.0557 5244 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:27:05.0604 5244 WwanSvc - ok
12:27:05.0744 5244 [ 7C5522028410A4A34BB8021F026733AF ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
12:27:05.0775 5244 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - warning
12:27:05.0775 5244 XMouseButton Launcher - detected UnsignedFile.Multi.Generic (1)
12:27:05.0869 5244 [ 8886B900CF97E1FF25BA8BD05B555C24 ] XobniService C:\Program Files (x86)\Xobni\XobniService.exe
12:27:05.0869 5244 XobniService - ok
12:27:05.0931 5244 ================ Scan global ===============================
12:27:06.0009 5244 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:06.0072 5244 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:27:06.0087 5244 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:27:06.0134 5244 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:06.0196 5244 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:06.0196 5244 [Global] - ok
12:27:06.0196 5244 ================ Scan MBR ==================================
12:27:06.0212 5244 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:08.0302 5244 \Device\Harddisk0\DR0 - ok
12:27:08.0302 5244 ================ Scan VBR ==================================
12:27:08.0334 5244 [ 41FFB6FC3354B6C1AE87CF5D82B896D6 ] \Device\Harddisk0\DR0\Partition1
12:27:08.0380 5244 \Device\Harddisk0\DR0\Partition1 - ok
12:27:08.0412 5244 [ 5A1411CB058626E0D2488E1CCB002386 ] \Device\Harddisk0\DR0\Partition2
12:27:08.0474 5244 \Device\Harddisk0\DR0\Partition2 - ok
12:27:08.0505 5244 [ E1221B9A5C3A8BF3C8B47BDF58DC9B2D ] \Device\Harddisk0\DR0\Partition3
12:27:08.0552 5244 \Device\Harddisk0\DR0\Partition3 - ok
12:27:08.0552 5244 ============================================================
12:27:08.0552 5244 Scan finished
12:27:08.0552 5244 ============================================================
12:27:08.0552 5236 Detected object count: 4
12:27:08.0552 5236 Actual detected object count: 4
12:27:18.0474 5236 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:27:18.0474 5236 LIDIS 3 Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:27:18.0474 5236 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
12:27:18.0474 5236 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:27:18.0474 5236 PJDrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:27:18.0474 5236 PJDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:27:18.0474 5236 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - skipped by user
12:27:18.0474 5236 XMouseButton Launcher ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
31.08.2012, 11:36
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 13:17
| #27 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Hallo cosinus, sieht aus meiner Sicht jetzt ganz gut aus, die Desktop-Icons werden nicht wieder zurückgestellt auf groß. Word 2003 wird von Outlook noch nicht als die gleiche Version erkannt (verwendete ich immer als Editor). Viele Grüße, Lutz Code:
ATTFilter ComboFix 12-08-30.05 - ls 31.08.2012 13:15:51.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3983.2062 [GMT 2:00]
ausgeführt von:: c:\users\ls\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\ls\AppData\Roaming\AcroIEHelpe.txt
c:\users\ls\AppData\Roaming\srvblck5.tmp
c:\users\ls1\AppData\Roaming\srvblck5.tmp
c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-28 bis 2012-08-31 ))))))))))))))))))))))))))))))
.
.
2012-08-31 11:20 . 2012-08-31 11:20 -------- d-----w- c:\users\ls1\AppData\Local\temp
2012-08-31 11:20 . 2012-08-31 11:20 -------- d-----w- c:\users\ls\AppData\Local\temp
2012-08-31 11:20 . 2012-08-31 11:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-31 10:20 . 2012-08-31 10:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-21 13:16 . 2012-08-21 13:16 -------- d-----w- C:\_OTL
2012-08-14 21:45 . 2012-08-14 21:45 -------- d-----w- c:\program files (x86)\ESET
2012-08-13 11:35 . 2012-08-13 11:35 5115584 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-08-09 08:01 . 2012-08-09 08:01 -------- d-----w- c:\users\ls1\AppData\Local\VirtualStore
2012-08-07 08:10 . 2012-08-07 08:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-08-06 11:32 . 2012-08-06 11:32 -------- d-----w- c:\program files (x86)\7-Zip
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-31 10:22 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-07-10 23:07 . 2011-10-19 09:27 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 11:46 . 2012-06-01 18:32 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 10:04 . 2012-07-31 08:01 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B33609D7-AFE0-4B4E-A166-BF77ADC3B94F}\mpengine.dll
2012-06-15 07:40 . 2012-04-02 22:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-15 07:40 . 2011-10-16 23:29 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 03:08 . 2012-07-11 10:28 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-10 11:22 . 2003-03-18 18:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-06-10 11:22 . 2003-02-21 02:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-06-09 05:43 . 2012-07-10 22:02 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-10 22:02 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-10 22:02 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-10 21:56 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-10 22:02 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-10 22:02 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-10 21:56 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 06:52 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:52 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:52 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:52 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:52 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:52 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:52 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:51 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:51 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 11:58 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 11:58 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 11:58 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 11:58 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 11:58 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 11:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 11:58 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 11:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 11:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 11:58 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 11:58 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 11:58 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 11:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 11:58 248320 ----a-w- c:\windows\system32\ieui.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeskSave"="c:\program files\DeskSave\DeskSave.exe" [2011-10-17 82944]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-02-01 112152]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"Sonork"="c:\program files (x86)\Sonork\SONORK.EXE" [2011-10-17 761856]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-18 30192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-10 296056]
.
c:\users\ls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
todo.txt [2012-8-30 1967]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-15 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GoogleDesktopManager-060409-093314;Google Desktop Manager 5.9.906.4286;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-18 30192]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 mtpaudio;Panasonic Projector Audio Device Driver;c:\windows\system32\DRIVERS\mtpaudio.sys [2007-05-11 16384]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-03-30 340240]
R3 PJDrv;PJDrv;c:\program files (x86)\Panasonic\Wireless Manager ME4.5\PJDrv.sys [2006-10-06 8607]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-08 1255736]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys [2009-06-24 21104]
S0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\DRIVERS\FJGSDisk.sys [2010-09-28 15208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe [2010-06-03 2734400]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
S2 Sierra Wireless QDL Service;Sierra Wireless QDL Service;c:\program files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [2011-02-16 308592]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 XMouseButton Launcher;XMouseButton Launcher;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-03-04 87040]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2010-03-19 55016]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-06-02 770152]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-12-25 131112]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-12-25 348712]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-12-25 39464]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-20 316080]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys [2006-11-01 7296]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 mircap;mircap;c:\windows\system32\DRIVERS\mircap.sys [2007-05-11 6656]
S3 mtvpbus;Panasonic Projector Virtual Bus Enumerator;c:\windows\system32\DRIVERS\mtvpbus.sys [2007-05-11 13824]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-03-16 8590336]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-12-08 329832]
S3 swg3kflt00;Sierra Wireless USB Composite Device Filter Driver 00;c:\windows\system32\DRIVERS\swg3kflt00.sys [2011-02-03 34304]
S3 swg3kmbb00;Sierra Wireless QMI USB-NDIS 6.20 miniport;c:\windows\system32\DRIVERS\swg3kmbb00.sys [2011-02-03 424448]
S3 swg3knmea00;Sierra Wireless QMI NMEA Serial Communication;c:\windows\system32\DRIVERS\swg3knmea00.sys [2011-02-03 256384]
S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\swg3kser00.sys [2011-02-03 256384]
S3 swibus00;Sierra Wireless Bus Enumerator 00;c:\windows\system32\DRIVERS\swibus00.sys [2011-02-03 73216]
S3 swibusflt00;Sierra Wireless Bus Enumerator Filter 00;c:\windows\system32\DRIVERS\swibusflt00.sys [2011-02-03 73216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-07 11663464]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2010-06-08 45680]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-01-12 200552]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-10-07 6311424]
"FJBATAID2"="c:\program files\Fujitsu\BatteryAid2\BatteryDaemon.exe" [2010-10-29 124776]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-03-30 1935120]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"SSUtility"="c:\program files\Fujitsu\SSUtility\FJSSDMN.exe" [2010-08-16 273256]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2010-07-16 162416]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2010-07-09 21616]
"pdfFactory Pro Dispatcher v3"="c:\windows\system32\spool\DRIVERS\x64\3\fppdis3a.exe" [2009-09-20 743936]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: >Search in Linkman - file://c:\users\ls\Documents\Linkman\iescript_search.htm
IE: Add to Linkman - file://c:\users\ls\Documents\Linkman\iescript_add.htm
IE: Add to Linkman (all tabs) - file://c:\users\ls\Documents\Linkman\iescript_addall.htm
IE: Add to Linkman and Edit - file://c:\users\ls\Documents\Linkman\iescript_edit.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\ls\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Show Linkman - file://c:\users\ls\Documents\Linkman\iescript_show.htm
Trusted Zone: ahrens-sieberz.de\www
Trusted Zone: alpstours.net\www
Trusted Zone: bmw.de\ecom
Trusted Zone: bmw.de\www
Trusted Zone: burg-hotel-anholt.de\www
Trusted Zone: cadandrean.it\www
Trusted Zone: conrad.de\www1
Trusted Zone: dr-staedtler.de\easytour
Trusted Zone: endurasport.de\www
Trusted Zone: fujitsu.com\support.ts
Trusted Zone: fujitsu.com\ts
Trusted Zone: gerardo.de\www
Trusted Zone: gfk.de\ftp
Trusted Zone: goertz-shop.de\www
Trusted Zone: google.de\maps
Trusted Zone: heissner.com\www
Trusted Zone: hohenwart.com\www
Trusted Zone: ingrammicro.de\ec
Trusted Zone: italianheels.com\www
Trusted Zone: italien.com\www
Trusted Zone: jpc.de\www
Trusted Zone: krumpholz.de\www
Trusted Zone: kyoceramita.de\www
Trusted Zone: lapalma-urlaubsdomizil.de\www
Trusted Zone: lidis.de\www
Trusted Zone: luoghispeciali.it\www
Trusted Zone: mountainbike-magazin.de\www
Trusted Zone: mountainbike-page.de\www
Trusted Zone: myphotos.cc\patriciaschaefer
Trusted Zone: nokia.de\www
Trusted Zone: obereggen.com\www
Trusted Zone: owad.de
Trusted Zone: ownersdirect.co.uk\www
Trusted Zone: posthotel-erlerwirt.at\www
Trusted Zone: reiseplanung.de\www
Trusted Zone: schweizer-portal.ch\www
Trusted Zone: scouttech.com\www
Trusted Zone: stockxpert.com\de
Trusted Zone: zoo-am-meer.net\www
TCP: DhcpNameServer = 192.168.30.254
TCP: Interfaces\{1236533D-333E-4790-A5E9-54F378695788}: NameServer = 193.189.244.206 193.189.244.225
FF - ProfilePath - c:\users\ls\AppData\Roaming\Mozilla\Firefox\Profiles\zm93q3uw.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-36162656.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-DeskUpdate_is1 - c:\fujitsu\Programs\DeskUpdate\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\P/4*]
@=multi:"\00\00\00\00\00@\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00ð\00\00\00\0e\1fº\0e\00´\09Í!¸\01LÍ!This program cannot be run in DOS mode.\0d\0d\0a$\00\00\00\00\00\00\00Q\"ô”\15CšÇ\15CšÇ\15CšÇz51Ç#CšÇz50ÇjCšÇz5\04Ç\19CšÇr51Ç\10CšÇ\1c;\09Ç\18CšÇ\15C›Ç²CšÇr55Ç\06CšÇr5\00\00"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-31 13:33:42 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-31 11:33
.
Vor Suchlauf: 5.903.024.128 Bytes frei
Nach Suchlauf: 6.004.981.760 Bytes frei
.
- - End Of File - - CD68FE2BC1A7C1FFA23E1BE442955B65
|
|
31.08.2012, 14:18
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 15:38
| #29 |
| | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner GMER-Log (Rest folgt) Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-31 16:37:51
Windows 6.1.7601 Service Pack 1
Running: d5db78jj.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ????????????????? ???????????????????????????????????????????????8???z?~???? ?H???????????2????????????n&???Avira mini-filter driver????????\? ?????P???????????????????Dienst zur Steuerung von Avira Antivirus Premium 2012 Pr?fauftr?gen und Updates.?????????????????????????????y???x??????????????????????????????????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|???v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\system32\svchost.exe|Svc=PNRPSvc|Name=@FirewallAPI.dll,-34005|Desc=@FirewallAPI.dll,-34006|EmbedCtxt=@FirewallAPI.dll,-34002|???v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-34007|Desc=@FirewallAPI.dll,
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\3859f9f6821d
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\3859f9f6821d@c88447035e8d 0x59 0x52 0x78 0xE8 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\3859f9f6821d (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\3859f9f6821d@c88447035e8d 0x59 0x52 0x78 0xE8 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:47:39 on 31.08.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [Control Panel Objects] -----( %SystemRoot%\system32 )----- "BatterySetCpl.cpl" - "FUJITSU LIMITED" - C:\Windows\system32\BatterySetCpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BurnRights" - "Nero AG" - C:\Program Files (x86)\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "btwampfl" (BTWAMPFL) - "Broadcom Corporation." - C:\Windows\System32\DRIVERS\btwampfl.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Logitech SetPoint KMDF HID Filter Driver" (LHidFilt) - "Logitech, Inc." - C:\Windows\System32\DRIVERS\LHidFilt.Sys "Logitech SetPoint KMDF Mouse Filter Driver" (LMouFilt) - "Logitech, Inc." - C:\Windows\System32\DRIVERS\LMouFilt.Sys "Logitech SetPoint KMDF USB Filter" (LUsbFilt) - "Logitech, Inc." - C:\Windows\System32\Drivers\LUsbFilt.Sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "Microsoft IntelliPoint Filter Driver" (Point64) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\point64.sys "PJDrv" (PJDrv) - "Panasonic Corporation" - C:\Program Files (x86)\Panasonic\Wireless Manager ME4.5\PJDrv.sys [Explorer] -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll {7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll {1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll {1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll {DA042FDF-102F-48B3-89C0-C1AB683873EF} "DeskSave" - "Thorsten Blauhut hxxp://www.desksave.de" - C:\Program Files\DeskSave\DeskSaveShellEx.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~3\OFFICE11\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~3\OFFICE11\OLKFSTUB.DLL {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files (x86)\real\realplayer\rpshell.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files (x86)\WinRAR\rarext.dll {B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found) {E0D79304-84BE-11CE-9641-444553540000} "WinZip" - ? - (File not found | COM-object registry key not found) {E0D79305-84BE-11CE-9641-444553540000} "WinZip" - ? - (File not found | COM-object registry key not found) {E0D79306-84BE-11CE-9641-444553540000} "WinZip" - ? - (File not found | COM-object registry key not found) {E0D79307-84BE-11CE-9641-444553540000} "WinZip" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {0067DBFC-A752-458C-AE6E-B9C7E63D4824} "Geräteerkennung" - "Logitech, Inc." - C:\Windows\DOWNLO~1\LOGITE~1.OCX / hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_257.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "@C:\Windows\WindowsMobile\INetRepl.dll,-222" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL "Senden an Bluetooth" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {5C9DCA26-CEC4-4280-A831-D622D4DBF113} "&Linkman" - "Outertech" - C:\PROGRA~2\Linkman\LINKMA~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\ls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "todo.txt" - ? - C:\Users\ls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\todo.txt -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File not found) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "DeskSave" - "Thorsten Blauhut hxxp://www.desksave.de" - C:\Program Files\DeskSave\DeskSave.exe "ShowBatteryBar" - ? - "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "Google Desktop Search" - "Google" - "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup "IMSS" - "Intel Corporation" - "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "IndicatorUtility" - "FUJITSU LIMITED" - "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" "NUSB3MON" - "Renesas Electronics Corporation" - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "Sonork" - "GTV Solutions, Incorporated." - "C:\Program Files (x86)\Sonork\SONORK.EXE" -auto "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TkBellExe" - "RealNetworks, Inc." - "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot "UCam_Menu" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" "YouCam Mirror Tray icon" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "FPP3:" - "FinePrint Software, LLC" - C:\Windows\system32\fppmon3.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "AuthenTec Fingerprint Service" (ATService) - "AuthenTec, Inc." - C:\Program Files\Fingerprint Sensor\ATService.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Email Schutz" (AntiVirMailService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "Google Desktop Manager 5.9.906.4286" (GoogleDesktopManager-060409-093314) - "Google" - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "LIDIS 3 Service" (LIDIS 3 Service) - ? - C:\Program Files (x86)\LIDIS 3\Bin\srvany.exe (File found, but it contains no detailed information) "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PFNService" (PFNService) - "FUJITSU LIMITED" - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe "PowerSavingUtilityService" (PowerSavingUtilityService) - "FUJITSU LIMITED" - C:\Program Files\Fujitsu\PSUtility\PSUService.exe "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "Sierra Wireless QDL Service" (Sierra Wireless QDL Service) - "Sierra Wireless, Inc." - C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe "Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe "TeamViewer 7" (TeamViewer7) - "TeamViewer GmbH" - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Wireless PAN DHCP Server" (MyWiFiDHCPDNS) - ? - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe "XMouseButton Launcher" (XMouseButton Launcher) - "Highresolution Enterprises" - C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe "XobniService" (XobniService) - "Xobni Corporation" - C:\Program Files (x86)\Xobni\XobniService.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru ASWMBR-Log Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-31 16:49:00
-----------------------------
16:49:00.278 OS Version: Windows x64 6.1.7601 Service Pack 1
16:49:00.278 Number of processors: 4 586 0x2A07
16:49:00.278 ComputerName: NBLS UserName: ls
16:49:01.682 Initialize success
16:50:22.746 AVAST engine defs: 12083100
16:59:29.995 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:59:29.995 Disk 0 Vendor: ST9500420AS 0002SDM1 Size: 476940MB BusType: 3
16:59:30.011 Disk 0 MBR read successfully
16:59:30.011 Disk 0 MBR scan
16:59:30.042 Disk 0 Windows 7 default MBR code
16:59:30.057 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 2102 MB offset 2048
16:59:30.073 Disk 0 Partition - 00 0F Extended LBA 474835 MB offset 4308992
16:59:30.089 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 40000 MB offset 4311040
16:59:30.104 Disk 0 Partition - 00 05 Extended 10001 MB offset 86231040
16:59:30.120 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 86233088
16:59:30.135 Disk 0 Partition - 00 05 Extended 405829 MB offset 188641843
16:59:30.135 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 405829 MB offset 106719858
16:59:30.151 Disk 0 Partition - 00 05 Extended 410831 MB offset 209123891
16:59:30.697 Disk 0 Partition 5 00 27 Hidden NTFS WinRE NTFS 5000 MB offset 937854976
16:59:30.744 Disk 0 Partition - 00 05 Extended 14001 MB offset 1050501120
16:59:30.775 Disk 0 Partition 6 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 948099072
16:59:30.837 Disk 0 scanning C:\Windows\system32\drivers
16:59:41.648 Service scanning
16:59:59.807 Modules scanning
16:59:59.807 Disk 0 trace - called modules:
16:59:59.822 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:59:59.838 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049f7060]
16:59:59.838 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004374520]
16:59:59.838 5 ACPI.sys[fffff88000d5a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004370680]
17:00:00.056 AVAST engine scan C:\Windows
17:00:02.505 AVAST engine scan C:\Windows\system32
17:04:10.842 AVAST engine scan C:\Windows\system32\drivers
17:04:23.260 AVAST engine scan C:\Users\ls
17:10:15.306 AVAST engine scan C:\ProgramData
17:11:07.987 Scan finished successfully
17:15:37.633 Disk 0 MBR has been saved successfully to "C:\Users\ls\Desktop\MBR.dat"
17:15:37.649 The log file has been saved successfully to "C:\Users\ls\Desktop\aswMBR.txt"
Geändert von LutzSchnalke (31.08.2012 um 16:18 Uhr) Grund: Ergänzung |
|
31.08.2012, 16:12
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner Was ist mit aswMBR?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner |
| 2 infizierte dateien, antivir, application/pdf:, avira, beseitigung, bho, browser, checkliste, conduit, converter, entfernen, excel, firefox, format, geld, google, helper, infizierte dateien, intranet, logfile, malware, mp3, nicht sicher, plug-in, problem, realtek, registry, sierra, software, system, usb, usb 3.0, virus, warnung, windows |
Linear-Darstellung
