| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.agent + trojan.midhosWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.09.2012, 12:01
| #16 |
 |  Trojan.agent + trojan.midhos sorry das ich erst jetzt schreibe, war die Tage nicht da  also, hier das löschen über adwcleaner: Code:
ATTFilter # AdwCleaner v2.000 - Datei am 09/08/2012 um 12:42:20 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzer : Lina - MAVEL
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Lina\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Lina\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Lina\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Lina\AppData\LocalLow\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2801937
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0 (de)
Profilname : Mavel [Profil par défaut]
Datei : C:\Users\Lina\AppData\Roaming\Mozilla\Firefox\Profiles\cnyroiz2.Mavel\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1960 octets] - [08/09/2012 12:42:20]
########## EOF - C:\AdwCleaner[S1].txt - [2020 octets] ##########
Für den Betrieb mit windows 7 ist das service pack 1 erforderlich kann ich das umgehen oder was soll ich machen? |
|
09.09.2012, 02:07
| #17 |
| /// Helfer-Team  | Trojan.agent + trojan.midhos Alles Windows Updates einspielen, inkl. Service Pack!
__________________
__________________ |
|
09.09.2012, 12:27
| #18 |
| | Trojan.agent + trojan.midhos ah super, hab ich gemacht, hat geklappt, hab emsisoft ausgeführt, hier kommt das log:
__________________Code:
ATTFilter Emsisoft Anti-Malware - Version 6.6
Letztes Update: 09.09.2012 11:44:34
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 09.09.2012 11:45:18
\\.\PhysicalDrive0 gefunden: Trojan.DOS.Shetwirl!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7643fbf8-1240a440 -> Kioa\Kiob.class gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d -> a\a.class gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7643fbf8-1240a440 -> Kioa\Kioa.class gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d -> a\b.class gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\579e1822-3b10fbb0 -> a\d.class gefunden: Java.CVE!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> Effect.class gefunden: Java.Exploit.CVE-2010!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> Field.class gefunden: Java.Exploit.CVE-2010!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> first.class gefunden: Java.Exploit.CVE-2010!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> Matrix.class gefunden: Java.Exploit.CVE-2010!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d -> a\p.class gefunden: Exploit.Java.CVE-2011!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7643fbf8-1240a440 -> Kioa\Kioc.class gefunden: Trojan.Java.Exploit!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d -> a\J.class gefunden: JAVA.Agent!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> Photo.class gefunden: Exploit.Java.CVE-2011!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\Local\{792e06c0-54ef-9686-37d2-0c3b39447e4e}\U\00000001.@ gefunden: Trojan.Crypt.EFC!E2
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir gefunden: Virus.Win64!E2
Gescannt 631907
Gefunden 16
Scan Ende: 09.09.2012 13:07:28
Scan Zeit: 1:22:10
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir Quarantäne Virus.Win64!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\Local\{792e06c0-54ef-9686-37d2-0c3b39447e4e}\U\00000001.@ Quarantäne Trojan.Crypt.EFC!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d -> a\J.class Quarantäne JAVA.Agent!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7643fbf8-1240a440 -> Kioa\Kioc.class Quarantäne Trojan.Java.Exploit!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 -> Photo.class Quarantäne Exploit.Java.CVE-2011!E2
C:\_OTL\MovedFiles\09022012_135106\C_Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\579e1822-3b10fbb0 -> a\d.class Quarantäne Java.CVE!E2
Quarantäne 6
|
|
09.09.2012, 23:18
| #19 |
| /// Helfer-Team | Trojan.agent + trojan.midhos 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. dann: TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung. |
|
12.09.2012, 20:54
| #20 |
| | Trojan.agent + trojan.midhos hier das malwarebytes-log: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.11.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Lina :: MAVEL [Administrator] 11.09.2012 08:37:09 mbam-log-2012-09-11 (08-37-09).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 389806 Laufzeit: 1 Stunde(n), 12 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) also die c:\tdsskiller.txt gibt es nicht, aber hab 2 logs gefunden: Code:
ATTFilter 21:55:24.0541 3480 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:55:24.0822 3480 ============================================================
21:55:24.0822 3480 Current date / time: 2012/09/12 21:55:24.0822
21:55:24.0822 3480 SystemInfo:
21:55:24.0822 3480
21:55:24.0822 3480 OS Version: 6.1.7601 ServicePack: 1.0
21:55:24.0822 3480 Product type: Workstation
21:55:24.0822 3480 ComputerName: MAVEL
21:55:24.0822 3480 UserName: Lina
21:55:24.0822 3480 Windows directory: C:\Windows
21:55:24.0822 3480 System windows directory: C:\Windows
21:55:24.0822 3480 Running under WOW64
21:55:24.0822 3480 Processor architecture: Intel x64
21:55:24.0822 3480 Number of processors: 2
21:55:24.0822 3480 Page size: 0x1000
21:55:24.0822 3480 Boot type: Normal boot
21:55:24.0822 3480 ============================================================
21:55:25.0368 3480 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:25.0368 3480 ============================================================
21:55:25.0368 3480 \Device\Harddisk0\DR0:
21:55:25.0368 3480 MBR partitions:
21:55:25.0368 3480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:55:25.0368 3480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
21:55:25.0368 3480 ============================================================
21:55:25.0399 3480 C: <-> \Device\Harddisk0\DR0\Partition2
21:55:25.0399 3480 ============================================================
21:55:25.0399 3480 Initialize success
21:55:25.0399 3480 ============================================================
21:55:43.0324 4596 ============================================================
21:55:43.0324 4596 Scan started
21:55:43.0324 4596 Mode: Manual;
21:55:43.0324 4596 ============================================================
21:55:44.0213 4596 ================ Scan system memory ========================
21:55:44.0213 4596 System memory - ok
21:55:44.0213 4596 ================ Scan services =============================
21:55:44.0463 4596 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:55:44.0463 4596 1394ohci - ok
21:55:44.0541 4596 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
21:55:44.0541 4596 a2acc - ok
21:55:44.0665 4596 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
21:55:44.0743 4596 a2AntiMalware - ok
21:55:44.0806 4596 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
21:55:44.0806 4596 A2DDA - ok
21:55:44.0853 4596 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:55:44.0853 4596 ACPI - ok
21:55:44.0915 4596 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:55:44.0915 4596 AcpiPmi - ok
21:55:44.0977 4596 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:55:44.0993 4596 adp94xx - ok
21:55:45.0055 4596 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:55:45.0071 4596 adpahci - ok
21:55:45.0118 4596 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:55:45.0118 4596 adpu320 - ok
21:55:45.0165 4596 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:55:45.0165 4596 AeLookupSvc - ok
21:55:45.0211 4596 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:55:45.0227 4596 AFD - ok
21:55:45.0289 4596 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
21:55:45.0289 4596 AgereModemAudio - ok
21:55:45.0352 4596 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:55:45.0383 4596 AgereSoftModem - ok
21:55:45.0430 4596 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:55:45.0430 4596 agp440 - ok
21:55:45.0461 4596 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:55:45.0461 4596 ALG - ok
21:55:45.0492 4596 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:55:45.0492 4596 aliide - ok
21:55:45.0539 4596 [ D0D8877969011D1B0ED9C3C55A9A9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:55:45.0555 4596 AMD External Events Utility - ok
21:55:45.0586 4596 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:55:45.0586 4596 amdide - ok
21:55:45.0633 4596 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:55:45.0633 4596 AmdK8 - ok
21:55:45.0664 4596 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:55:45.0664 4596 AmdPPM - ok
21:55:45.0711 4596 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:55:45.0711 4596 amdsata - ok
21:55:45.0742 4596 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:55:45.0757 4596 amdsbs - ok
21:55:45.0773 4596 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:55:45.0773 4596 amdxata - ok
21:55:45.0851 4596 [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:55:45.0851 4596 ApfiltrService - ok
21:55:45.0913 4596 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:55:45.0913 4596 AppID - ok
21:55:45.0945 4596 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:55:45.0945 4596 AppIDSvc - ok
21:55:45.0991 4596 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:55:45.0991 4596 Appinfo - ok
21:55:46.0085 4596 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:55:46.0085 4596 Apple Mobile Device - ok
21:55:46.0147 4596 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:55:46.0147 4596 arc - ok
21:55:46.0194 4596 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:55:46.0194 4596 arcsas - ok
21:55:46.0210 4596 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:55:46.0210 4596 AsyncMac - ok
21:55:46.0257 4596 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:55:46.0257 4596 atapi - ok
21:55:46.0475 4596 [ C5758BF1DFD762A5B17041FF061B7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:55:46.0756 4596 atikmdag - ok
21:55:46.0818 4596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:55:46.0834 4596 AudioEndpointBuilder - ok
21:55:46.0850 4596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:55:46.0865 4596 AudioSrv - ok
21:55:46.0912 4596 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:55:46.0912 4596 AxInstSV - ok
21:55:46.0959 4596 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:55:46.0974 4596 b06bdrv - ok
21:55:47.0006 4596 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:55:47.0021 4596 b57nd60a - ok
21:55:47.0084 4596 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:55:47.0115 4596 BCM43XX - ok
21:55:47.0162 4596 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:55:47.0162 4596 BDESVC - ok
21:55:47.0177 4596 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:55:47.0177 4596 Beep - ok
21:55:47.0255 4596 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:55:47.0271 4596 BFE - ok
21:55:47.0318 4596 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:55:47.0318 4596 blbdrive - ok
21:55:47.0396 4596 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:55:47.0396 4596 Bonjour Service - ok
21:55:47.0427 4596 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:55:47.0442 4596 bowser - ok
21:55:47.0458 4596 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:55:47.0458 4596 BrFiltLo - ok
21:55:47.0489 4596 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:55:47.0489 4596 BrFiltUp - ok
21:55:47.0536 4596 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:55:47.0536 4596 BridgeMP - ok
21:55:47.0567 4596 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
21:55:47.0567 4596 Browser - ok
21:55:47.0598 4596 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:55:47.0598 4596 Brserid - ok
21:55:47.0630 4596 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:55:47.0630 4596 BrSerWdm - ok
21:55:47.0661 4596 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:55:47.0661 4596 BrUsbMdm - ok
21:55:47.0692 4596 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:55:47.0692 4596 BrUsbSer - ok
21:55:47.0754 4596 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:55:47.0754 4596 BthEnum - ok
21:55:47.0786 4596 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:55:47.0786 4596 BTHMODEM - ok
21:55:47.0817 4596 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:55:47.0832 4596 BthPan - ok
21:55:47.0879 4596 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:55:47.0895 4596 BTHPORT - ok
21:55:47.0926 4596 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:55:47.0942 4596 bthserv - ok
21:55:47.0973 4596 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:55:47.0973 4596 BTHUSB - ok
21:55:48.0004 4596 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:55:48.0004 4596 btwaudio - ok
21:55:48.0051 4596 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:55:48.0051 4596 btwavdt - ok
21:55:48.0144 4596 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:55:48.0160 4596 btwdins - ok
21:55:48.0207 4596 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:55:48.0207 4596 btwl2cap - ok
21:55:48.0222 4596 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:55:48.0222 4596 btwrchid - ok
21:55:48.0269 4596 catchme - ok
21:55:48.0285 4596 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:55:48.0285 4596 cdfs - ok
21:55:48.0347 4596 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:55:48.0347 4596 cdrom - ok
21:55:48.0394 4596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:55:48.0394 4596 CertPropSvc - ok
21:55:48.0425 4596 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:55:48.0425 4596 circlass - ok
21:55:48.0472 4596 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:55:48.0488 4596 CLFS - ok
21:55:48.0550 4596 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:55:48.0566 4596 clr_optimization_v2.0.50727_32 - ok
21:55:48.0612 4596 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:55:48.0612 4596 clr_optimization_v2.0.50727_64 - ok
21:55:48.0722 4596 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:55:48.0737 4596 clr_optimization_v4.0.30319_32 - ok
21:55:48.0768 4596 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:55:48.0768 4596 clr_optimization_v4.0.30319_64 - ok
21:55:48.0815 4596 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:55:48.0815 4596 CmBatt - ok
21:55:48.0831 4596 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:55:48.0831 4596 cmdide - ok
21:55:48.0878 4596 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:55:48.0893 4596 CNG - ok
21:55:48.0909 4596 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:55:48.0909 4596 Compbatt - ok
21:55:48.0940 4596 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:55:48.0940 4596 CompositeBus - ok
21:55:48.0956 4596 COMSysApp - ok
21:55:48.0987 4596 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:55:48.0987 4596 crcdisk - ok
21:55:49.0049 4596 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:55:49.0049 4596 CryptSvc - ok
21:55:49.0080 4596 [ 23D4B856725F5FC3C4F410C150AB107B ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:55:49.0080 4596 dc3d - ok
21:55:49.0127 4596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:55:49.0143 4596 DcomLaunch - ok
21:55:49.0190 4596 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:55:49.0190 4596 defragsvc - ok
21:55:49.0236 4596 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:55:49.0236 4596 DfsC - ok
21:55:49.0283 4596 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:55:49.0283 4596 Dhcp - ok
21:55:49.0330 4596 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:55:49.0330 4596 discache - ok
21:55:49.0361 4596 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:55:49.0361 4596 Disk - ok
21:55:49.0470 4596 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:55:49.0470 4596 DKbFltr - ok
21:55:49.0502 4596 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:55:49.0502 4596 Dnscache - ok
21:55:49.0548 4596 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:55:49.0564 4596 dot3svc - ok
21:55:49.0595 4596 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:55:49.0595 4596 DPS - ok
21:55:49.0642 4596 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:55:49.0642 4596 drmkaud - ok
21:55:49.0704 4596 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:55:49.0720 4596 DXGKrnl - ok
21:55:49.0751 4596 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:55:49.0751 4596 EapHost - ok
21:55:49.0860 4596 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:55:49.0954 4596 ebdrv - ok
21:55:49.0985 4596 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:55:49.0985 4596 EFS - ok
21:55:50.0063 4596 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:55:50.0079 4596 ehRecvr - ok
21:55:50.0126 4596 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:55:50.0126 4596 ehSched - ok
21:55:50.0172 4596 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:55:50.0188 4596 elxstor - ok
21:55:50.0235 4596 [ 2B8FE9090E08F491020EA67C6876249D ] emaudsv C:\Windows\system32\emaudsv.exe
21:55:50.0235 4596 emaudsv - ok
21:55:50.0266 4596 [ 5AB2749B29B34369E9170328AB39A3CA ] emusba10 C:\Windows\system32\DRIVERS\emusba10.sys
21:55:50.0266 4596 emusba10 - ok
21:55:50.0360 4596 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:55:50.0375 4596 ePowerSvc - ok
21:55:50.0438 4596 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
21:55:50.0438 4596 EPSON_EB_RPCV4_04 - ok
21:55:50.0453 4596 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
21:55:50.0469 4596 EPSON_PM_RPCV4_04 - ok
21:55:50.0500 4596 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:55:50.0500 4596 ErrDev - ok
21:55:50.0547 4596 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:55:50.0562 4596 EventSystem - ok
21:55:50.0594 4596 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:55:50.0594 4596 exfat - ok
21:55:50.0609 4596 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:55:50.0625 4596 fastfat - ok
21:55:50.0703 4596 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:55:50.0718 4596 Fax - ok
21:55:50.0750 4596 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:55:50.0765 4596 fdc - ok
21:55:50.0781 4596 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:55:50.0781 4596 fdPHost - ok
21:55:50.0812 4596 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:55:50.0812 4596 FDResPub - ok
21:55:50.0828 4596 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:55:50.0828 4596 FileInfo - ok
21:55:50.0843 4596 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:55:50.0843 4596 Filetrace - ok
21:55:50.0843 4596 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:50.0843 4596 flpydisk - ok
21:55:50.0906 4596 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:55:50.0921 4596 FltMgr - ok
21:55:50.0968 4596 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:55:50.0984 4596 FontCache - ok
21:55:51.0046 4596 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:51.0046 4596 FontCache3.0.0.0 - ok
21:55:51.0077 4596 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:55:51.0093 4596 FsDepends - ok
21:55:51.0108 4596 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:55:51.0108 4596 Fs_Rec - ok
21:55:51.0155 4596 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:55:51.0155 4596 fvevol - ok
21:55:51.0171 4596 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:55:51.0171 4596 gagp30kx - ok
21:55:51.0218 4596 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:55:51.0218 4596 GEARAspiWDM - ok
21:55:51.0280 4596 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:55:51.0296 4596 gpsvc - ok
21:55:51.0420 4596 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:55:51.0436 4596 Greg_Service - ok
21:55:51.0514 4596 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:51.0530 4596 gupdate - ok
21:55:51.0561 4596 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:51.0561 4596 gupdatem - ok
21:55:51.0623 4596 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:55:51.0623 4596 gusvc - ok
21:55:51.0670 4596 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:55:51.0670 4596 hcw85cir - ok
21:55:51.0732 4596 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:55:51.0732 4596 HdAudAddService - ok
21:55:51.0779 4596 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:55:51.0795 4596 HDAudBus - ok
21:55:51.0826 4596 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:55:51.0826 4596 HidBatt - ok
21:55:51.0857 4596 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:55:51.0857 4596 HidBth - ok
21:55:51.0904 4596 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:55:51.0904 4596 HidIr - ok
21:55:51.0935 4596 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:55:51.0935 4596 hidserv - ok
21:55:51.0982 4596 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:55:51.0982 4596 HidUsb - ok
21:55:52.0029 4596 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:55:52.0044 4596 hkmsvc - ok
21:55:52.0076 4596 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:55:52.0091 4596 HomeGroupListener - ok
21:55:52.0138 4596 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:55:52.0138 4596 HomeGroupProvider - ok
21:55:52.0169 4596 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:55:52.0169 4596 HpSAMD - ok
21:55:52.0247 4596 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:55:52.0263 4596 HTTP - ok
21:55:52.0310 4596 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:55:52.0310 4596 hwpolicy - ok
21:55:52.0356 4596 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:55:52.0356 4596 i8042prt - ok
21:55:52.0434 4596 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:55:52.0450 4596 IAANTMON - ok
21:55:52.0481 4596 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:55:52.0481 4596 iaStor - ok
21:55:52.0528 4596 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:55:52.0544 4596 iaStorV - ok
21:55:52.0606 4596 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:55:52.0622 4596 idsvc - ok
21:55:52.0809 4596 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:55:52.0980 4596 igfx - ok
21:55:52.0996 4596 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:55:53.0012 4596 iirsp - ok
21:55:53.0058 4596 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:55:53.0058 4596 IKEEXT - ok
21:55:53.0136 4596 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:55:53.0152 4596 IntcAzAudAddService - ok
21:55:53.0199 4596 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:55:53.0199 4596 intelide - ok
21:55:53.0230 4596 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:55:53.0230 4596 intelppm - ok
21:55:53.0277 4596 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:55:53.0277 4596 IPBusEnum - ok
21:55:53.0324 4596 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:55:53.0324 4596 IpFilterDriver - ok
21:55:53.0433 4596 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:55:53.0448 4596 iphlpsvc - ok
21:55:53.0480 4596 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:55:53.0480 4596 IPMIDRV - ok
21:55:53.0526 4596 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:55:53.0526 4596 IPNAT - ok
21:55:53.0589 4596 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:55:53.0604 4596 iPod Service - ok
21:55:53.0636 4596 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:55:53.0636 4596 IRENUM - ok
21:55:53.0682 4596 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:55:53.0682 4596 isapnp - ok
21:55:53.0714 4596 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:55:53.0714 4596 iScsiPrt - ok
21:55:53.0776 4596 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:55:53.0776 4596 k57nd60a - ok
21:55:53.0807 4596 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:55:53.0807 4596 kbdclass - ok
21:55:53.0838 4596 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:55:53.0854 4596 kbdhid - ok
21:55:53.0854 4596 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:55:53.0854 4596 KeyIso - ok
21:55:53.0901 4596 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:55:53.0901 4596 KSecDD - ok
21:55:53.0916 4596 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:55:53.0916 4596 KSecPkg - ok
21:55:53.0948 4596 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:55:53.0948 4596 ksthunk - ok
21:55:53.0994 4596 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:55:54.0010 4596 KtmRm - ok
21:55:54.0057 4596 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
21:55:54.0057 4596 L1E - ok
21:55:54.0104 4596 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:55:54.0104 4596 LanmanServer - ok
21:55:54.0150 4596 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:55:54.0150 4596 LanmanWorkstation - ok
21:55:54.0197 4596 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:55:54.0197 4596 lltdio - ok
21:55:54.0228 4596 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:55:54.0244 4596 lltdsvc - ok
21:55:54.0260 4596 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:55:54.0260 4596 lmhosts - ok
21:55:54.0306 4596 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:55:54.0322 4596 LSI_FC - ok
21:55:54.0338 4596 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:55:54.0338 4596 LSI_SAS - ok
21:55:54.0353 4596 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:55:54.0353 4596 LSI_SAS2 - ok
21:55:54.0369 4596 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:55:54.0369 4596 LSI_SCSI - ok
21:55:54.0400 4596 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:55:54.0416 4596 luafv - ok
21:55:54.0462 4596 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:55:54.0462 4596 Mcx2Svc - ok
21:55:54.0478 4596 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:55:54.0478 4596 megasas - ok
21:55:54.0509 4596 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:55:54.0509 4596 MegaSR - ok
21:55:54.0587 4596 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:55:54.0603 4596 Microsoft Office Groove Audit Service - ok
21:55:54.0634 4596 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:55:54.0634 4596 MMCSS - ok
21:55:54.0650 4596 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:55:54.0650 4596 Modem - ok
21:55:54.0681 4596 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:55:54.0681 4596 monitor - ok
21:55:54.0728 4596 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:55:54.0728 4596 mouclass - ok
21:55:54.0759 4596 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:55:54.0774 4596 mouhid - ok
21:55:54.0806 4596 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:55:54.0806 4596 mountmgr - ok
21:55:54.0868 4596 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:55:54.0868 4596 MozillaMaintenance - ok
21:55:54.0915 4596 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:55:54.0915 4596 mpio - ok
21:55:54.0946 4596 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:55:54.0946 4596 mpsdrv - ok
21:55:55.0008 4596 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:55:55.0024 4596 MpsSvc - ok
21:55:55.0055 4596 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:55:55.0071 4596 MRxDAV - ok
21:55:55.0086 4596 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:55:55.0102 4596 mrxsmb - ok
21:55:55.0133 4596 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:55:55.0149 4596 mrxsmb10 - ok
21:55:55.0164 4596 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:55:55.0164 4596 mrxsmb20 - ok
21:55:55.0211 4596 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:55:55.0211 4596 msahci - ok
21:55:55.0242 4596 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:55:55.0242 4596 msdsm - ok
21:55:55.0258 4596 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:55:55.0274 4596 MSDTC - ok
21:55:55.0305 4596 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:55:55.0305 4596 Msfs - ok
21:55:55.0320 4596 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:55:55.0320 4596 mshidkmdf - ok
21:55:55.0367 4596 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:55:55.0367 4596 msisadrv - ok
21:55:55.0414 4596 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:55:55.0414 4596 MSiSCSI - ok
21:55:55.0414 4596 msiserver - ok
21:55:55.0461 4596 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:55:55.0461 4596 MSKSSRV - ok
21:55:55.0461 4596 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:55:55.0461 4596 MSPCLOCK - ok
21:55:55.0476 4596 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:55:55.0492 4596 MSPQM - ok
21:55:55.0539 4596 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:55:55.0539 4596 MsRPC - ok
21:55:55.0570 4596 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:55:55.0570 4596 mssmbios - ok
21:55:55.0586 4596 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:55:55.0601 4596 MSTEE - ok
21:55:55.0617 4596 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:55:55.0617 4596 MTConfig - ok
21:55:55.0632 4596 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:55:55.0632 4596 Mup - ok
21:55:55.0664 4596 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:55:55.0664 4596 mwlPSDFilter - ok
21:55:55.0679 4596 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:55:55.0679 4596 mwlPSDNServ - ok
21:55:55.0679 4596 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:55:55.0679 4596 mwlPSDVDisk - ok
21:55:55.0757 4596 [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
21:55:55.0757 4596 MWLService - ok
21:55:55.0804 4596 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:55:55.0820 4596 napagent - ok
21:55:55.0851 4596 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:55:55.0866 4596 NativeWifiP - ok
21:55:55.0929 4596 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:55:55.0944 4596 NDIS - ok
21:55:55.0976 4596 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:55:55.0976 4596 NdisCap - ok
21:55:55.0991 4596 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:55:55.0991 4596 NdisTapi - ok
21:55:56.0054 4596 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:55:56.0054 4596 Ndisuio - ok
21:55:56.0100 4596 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:55:56.0100 4596 NdisWan - ok
21:55:56.0147 4596 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:55:56.0147 4596 NDProxy - ok
21:55:56.0178 4596 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:55:56.0178 4596 NetBIOS - ok
21:55:56.0210 4596 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:55:56.0210 4596 NetBT - ok
21:55:56.0241 4596 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:55:56.0241 4596 Netlogon - ok
21:55:56.0272 4596 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:55:56.0288 4596 Netman - ok
21:55:56.0303 4596 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:55:56.0319 4596 netprofm - ok
21:55:56.0350 4596 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:55:56.0350 4596 NetTcpPortSharing - ok
21:55:56.0522 4596 [ 705283C02177809CA9FA7CC58A4F1E77 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
21:55:56.0678 4596 netw5v64 - ok
21:55:56.0709 4596 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:55:56.0709 4596 nfrd960 - ok
21:55:56.0771 4596 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:55:56.0771 4596 NlaSvc - ok
21:55:56.0787 4596 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:55:56.0787 4596 Npfs - ok
21:55:56.0818 4596 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:55:56.0818 4596 nsi - ok
21:55:56.0834 4596 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:55:56.0834 4596 nsiproxy - ok
21:55:56.0912 4596 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:55:56.0927 4596 Ntfs - ok
21:55:57.0005 4596 [ 70E3EB0CEF795D348F05E5A9B115F491 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:55:57.0005 4596 NTI IScheduleSvc - ok
21:55:57.0068 4596 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:55:57.0068 4596 NTIBackupSvc - ok
21:55:57.0099 4596 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:55:57.0099 4596 NTIDrvr - ok
21:55:57.0130 4596 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:55:57.0130 4596 NTISchedulerSvc - ok
21:55:57.0161 4596 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:55:57.0161 4596 Null - ok
21:55:57.0208 4596 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:55:57.0208 4596 nvraid - ok
21:55:57.0239 4596 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:55:57.0255 4596 nvstor - ok
21:55:57.0286 4596 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:55:57.0286 4596 nv_agp - ok
21:55:57.0395 4596 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:57.0395 4596 odserv - ok
21:55:57.0442 4596 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:55:57.0442 4596 ohci1394 - ok
21:55:57.0489 4596 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:57.0489 4596 ose - ok
21:55:57.0536 4596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:55:57.0536 4596 p2pimsvc - ok
21:55:57.0567 4596 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:55:57.0567 4596 p2psvc - ok
21:55:57.0614 4596 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:55:57.0614 4596 Parport - ok
21:55:57.0645 4596 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:55:57.0645 4596 partmgr - ok
21:55:57.0660 4596 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:55:57.0676 4596 PcaSvc - ok
21:55:57.0692 4596 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:55:57.0692 4596 pci - ok
21:55:57.0723 4596 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:55:57.0723 4596 pciide - ok
21:55:57.0738 4596 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:55:57.0738 4596 pcmcia - ok
21:55:57.0770 4596 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:55:57.0770 4596 pcw - ok
21:55:57.0801 4596 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:55:57.0801 4596 PEAUTH - ok
21:55:57.0879 4596 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:55:57.0879 4596 PerfHost - ok
21:55:57.0941 4596 pfc - ok
21:55:58.0004 4596 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:55:58.0035 4596 pla - ok
21:55:58.0097 4596 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:55:58.0097 4596 PlugPlay - ok
21:55:58.0113 4596 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:55:58.0128 4596 PNRPAutoReg - ok
21:55:58.0160 4596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:55:58.0160 4596 PNRPsvc - ok
21:55:58.0206 4596 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:55:58.0222 4596 PolicyAgent - ok
21:55:58.0253 4596 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:55:58.0269 4596 Power - ok
21:55:58.0300 4596 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:55:58.0300 4596 PptpMiniport - ok
21:55:58.0331 4596 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:55:58.0331 4596 Processor - ok
21:55:58.0362 4596 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:55:58.0378 4596 ProfSvc - ok
21:55:58.0394 4596 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:55:58.0394 4596 ProtectedStorage - ok
21:55:58.0425 4596 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:55:58.0440 4596 Psched - ok
21:55:58.0503 4596 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:55:58.0534 4596 ql2300 - ok
21:55:58.0565 4596 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:55:58.0565 4596 ql40xx - ok
21:55:58.0612 4596 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:55:58.0628 4596 QWAVE - ok
21:55:58.0659 4596 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:55:58.0659 4596 QWAVEdrv - ok
21:55:58.0674 4596 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:55:58.0674 4596 RasAcd - ok
21:55:58.0706 4596 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:55:58.0721 4596 RasAgileVpn - ok
21:55:58.0737 4596 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:55:58.0752 4596 RasAuto - ok
21:55:58.0799 4596 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:55:58.0799 4596 Rasl2tp - ok
21:55:58.0846 4596 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:55:58.0862 4596 RasMan - ok
21:55:58.0893 4596 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:55:58.0893 4596 RasPppoe - ok
21:55:58.0924 4596 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:55:58.0924 4596 RasSstp - ok
21:55:58.0940 4596 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:55:58.0955 4596 rdbss - ok
21:55:58.0971 4596 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:55:58.0971 4596 rdpbus - ok
21:55:58.0986 4596 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:55:58.0986 4596 RDPCDD - ok
21:55:59.0018 4596 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:55:59.0018 4596 RDPENCDD - ok
21:55:59.0033 4596 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:55:59.0033 4596 RDPREFMP - ok
21:55:59.0064 4596 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:55:59.0064 4596 RDPWD - ok
21:55:59.0111 4596 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:55:59.0127 4596 rdyboost - ok
21:55:59.0158 4596 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:55:59.0158 4596 RemoteAccess - ok
21:55:59.0189 4596 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:55:59.0205 4596 RemoteRegistry - ok
21:55:59.0252 4596 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:55:59.0252 4596 RFCOMM - ok
21:55:59.0283 4596 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:55:59.0283 4596 RpcEptMapper - ok
21:55:59.0314 4596 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:55:59.0314 4596 RpcLocator - ok
21:55:59.0361 4596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:55:59.0361 4596 RpcSs - ok
21:55:59.0408 4596 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:55:59.0408 4596 rspndr - ok
21:55:59.0439 4596 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
21:55:59.0439 4596 RSUSBSTOR - ok
21:55:59.0470 4596 RtsUIR - ok
21:55:59.0486 4596 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:55:59.0486 4596 SamSs - ok
21:55:59.0517 4596 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:55:59.0517 4596 sbp2port - ok
21:55:59.0610 4596 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:55:59.0626 4596 SBSDWSCService - ok
21:55:59.0657 4596 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:55:59.0657 4596 SCardSvr - ok
21:55:59.0688 4596 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:55:59.0688 4596 scfilter - ok
21:55:59.0766 4596 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:55:59.0782 4596 Schedule - ok
21:55:59.0829 4596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:55:59.0829 4596 SCPolicySvc - ok
21:55:59.0860 4596 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:55:59.0860 4596 SDRSVC - ok
21:55:59.0891 4596 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:55:59.0891 4596 secdrv - ok
21:55:59.0938 4596 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:55:59.0938 4596 seclogon - ok
21:55:59.0969 4596 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:55:59.0969 4596 SENS - ok
21:56:00.0000 4596 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:56:00.0000 4596 SensrSvc - ok
21:56:00.0032 4596 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:56:00.0032 4596 Serenum - ok
21:56:00.0078 4596 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:56:00.0078 4596 Serial - ok
21:56:00.0094 4596 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:56:00.0094 4596 sermouse - ok
21:56:00.0141 4596 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:56:00.0156 4596 SessionEnv - ok
21:56:00.0188 4596 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:56:00.0188 4596 sffdisk - ok
21:56:00.0203 4596 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:56:00.0203 4596 sffp_mmc - ok
21:56:00.0219 4596 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:56:00.0219 4596 sffp_sd - ok
21:56:00.0250 4596 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:56:00.0250 4596 sfloppy - ok
21:56:00.0297 4596 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:56:00.0312 4596 SharedAccess - ok
21:56:00.0359 4596 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:00.0359 4596 ShellHWDetection - ok
21:56:00.0390 4596 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:56:00.0390 4596 SiSRaid2 - ok
21:56:00.0422 4596 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:56:00.0422 4596 SiSRaid4 - ok
21:56:00.0484 4596 [ 8C5477EB1C03CA76CD8EB66A610A9E90 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:00.0484 4596 SkypeUpdate - ok
21:56:00.0500 4596 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:56:00.0515 4596 Smb - ok
21:56:00.0562 4596 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:56:00.0562 4596 SNMPTRAP - ok
21:56:00.0578 4596 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:56:00.0578 4596 spldr - ok
21:56:00.0624 4596 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
21:56:00.0640 4596 Spooler - ok
21:56:00.0765 4596 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:56:00.0858 4596 sppsvc - ok
21:56:00.0890 4596 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:56:00.0890 4596 sppuinotify - ok
21:56:00.0921 4596 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:56:00.0936 4596 srv - ok
21:56:00.0952 4596 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:56:00.0968 4596 srv2 - ok
21:56:00.0983 4596 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:56:00.0983 4596 srvnet - ok
21:56:01.0030 4596 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:56:01.0030 4596 SSDPSRV - ok
21:56:01.0046 4596 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:56:01.0046 4596 SstpSvc - ok
21:56:01.0077 4596 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:56:01.0077 4596 stexstor - ok
21:56:01.0139 4596 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:56:01.0155 4596 stisvc - ok
21:56:01.0186 4596 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:56:01.0186 4596 swenum - ok
21:56:01.0233 4596 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:56:01.0233 4596 swprv - ok
21:56:01.0326 4596 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:56:01.0358 4596 SysMain - ok
21:56:01.0389 4596 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:01.0404 4596 TabletInputService - ok
21:56:01.0436 4596 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:56:01.0436 4596 TapiSrv - ok
21:56:01.0467 4596 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:56:01.0482 4596 TBS - ok
21:56:01.0576 4596 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:56:01.0607 4596 Tcpip - ok
21:56:01.0638 4596 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:56:01.0654 4596 TCPIP6 - ok
21:56:01.0685 4596 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:56:01.0685 4596 tcpipreg - ok
21:56:01.0732 4596 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:56:01.0732 4596 TDPIPE - ok
21:56:01.0748 4596 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:56:01.0748 4596 TDTCP - ok
21:56:01.0779 4596 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:56:01.0779 4596 tdx - ok
21:56:01.0810 4596 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:56:01.0810 4596 TermDD - ok
21:56:01.0872 4596 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:56:01.0888 4596 TermService - ok
21:56:01.0919 4596 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:56:01.0919 4596 Themes - ok
21:56:01.0950 4596 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:56:01.0950 4596 THREADORDER - ok
21:56:01.0982 4596 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:56:01.0982 4596 TrkWks - ok
21:56:02.0028 4596 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:02.0028 4596 TrustedInstaller - ok
21:56:02.0075 4596 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:56:02.0075 4596 tssecsrv - ok
21:56:02.0122 4596 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:56:02.0122 4596 TsUsbFlt - ok
21:56:02.0169 4596 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:56:02.0169 4596 tunnel - ok
21:56:02.0200 4596 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:56:02.0200 4596 uagp35 - ok
21:56:02.0247 4596 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:56:02.0247 4596 UBHelper - ok
21:56:02.0294 4596 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:56:02.0309 4596 udfs - ok
21:56:02.0356 4596 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:56:02.0356 4596 UI0Detect - ok
21:56:02.0387 4596 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:56:02.0387 4596 uliagpkx - ok
21:56:02.0434 4596 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:56:02.0434 4596 umbus - ok
21:56:02.0450 4596 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:56:02.0450 4596 UmPass - ok
21:56:02.0543 4596 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:56:02.0543 4596 Updater Service - ok
21:56:02.0574 4596 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:56:02.0574 4596 upnphost - ok
21:56:02.0637 4596 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:56:02.0637 4596 USBAAPL64 - ok
21:56:02.0684 4596 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:56:02.0684 4596 usbccgp - ok
21:56:02.0684 4596 USBCCID - ok
21:56:02.0746 4596 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:56:02.0746 4596 usbcir - ok
21:56:02.0777 4596 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:56:02.0777 4596 usbehci - ok
21:56:02.0808 4596 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:56:02.0808 4596 usbhub - ok
21:56:02.0840 4596 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:56:02.0840 4596 usbohci - ok
21:56:02.0871 4596 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:56:02.0871 4596 usbprint - ok
21:56:02.0886 4596 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
21:56:02.0886 4596 USBSTOR - ok
21:56:02.0933 4596 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:56:02.0933 4596 usbuhci - ok
21:56:02.0980 4596 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:56:02.0980 4596 usbvideo - ok
21:56:03.0011 4596 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:56:03.0011 4596 UxSms - ok
21:56:03.0027 4596 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:56:03.0027 4596 VaultSvc - ok
21:56:03.0042 4596 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:56:03.0042 4596 vdrvroot - ok
21:56:03.0105 4596 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:56:03.0120 4596 vds - ok
21:56:03.0152 4596 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:56:03.0152 4596 vga - ok
21:56:03.0167 4596 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:56:03.0183 4596 VgaSave - ok
21:56:03.0214 4596 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:56:03.0230 4596 vhdmp - ok
21:56:03.0261 4596 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:56:03.0261 4596 viaide - ok
21:56:03.0292 4596 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:56:03.0292 4596 volmgr - ok
21:56:03.0323 4596 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:56:03.0339 4596 volmgrx - ok
21:56:03.0370 4596 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:56:03.0370 4596 volsnap - ok
21:56:03.0417 4596 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:56:03.0417 4596 vsmraid - ok
21:56:03.0479 4596 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:56:03.0510 4596 VSS - ok
21:56:03.0542 4596 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:56:03.0542 4596 vwifibus - ok
21:56:03.0557 4596 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:56:03.0557 4596 vwififlt - ok
21:56:03.0588 4596 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:56:03.0588 4596 W32Time - ok
21:56:03.0620 4596 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:56:03.0635 4596 WacomPen - ok
21:56:03.0682 4596 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:56:03.0682 4596 WANARP - ok
21:56:03.0682 4596 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:56:03.0682 4596 Wanarpv6 - ok
21:56:03.0760 4596 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:56:03.0776 4596 wbengine - ok
21:56:03.0807 4596 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:56:03.0807 4596 WbioSrvc - ok
21:56:03.0838 4596 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:56:03.0854 4596 wcncsvc - ok
21:56:03.0869 4596 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:03.0869 4596 WcsPlugInService - ok
21:56:03.0900 4596 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:56:03.0900 4596 Wd - ok
21:56:03.0947 4596 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:56:03.0947 4596 Wdf01000 - ok
21:56:03.0963 4596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:56:03.0963 4596 WdiServiceHost - ok
21:56:03.0963 4596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:56:03.0978 4596 WdiSystemHost - ok
21:56:04.0010 4596 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:56:04.0010 4596 WebClient - ok
21:56:04.0041 4596 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:56:04.0056 4596 Wecsvc - ok
21:56:04.0072 4596 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:56:04.0072 4596 wercplsupport - ok
21:56:04.0103 4596 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:56:04.0103 4596 WerSvc - ok
21:56:04.0134 4596 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:56:04.0134 4596 WfpLwf - ok
21:56:04.0166 4596 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:56:04.0166 4596 WIMMount - ok
21:56:04.0212 4596 WinDefend - ok
21:56:04.0212 4596 WinHttpAutoProxySvc - ok
21:56:04.0275 4596 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:56:04.0290 4596 Winmgmt - ok
21:56:04.0368 4596 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:56:04.0415 4596 WinRM - ok
21:56:04.0478 4596 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:56:04.0478 4596 WinUsb - ok
21:56:04.0540 4596 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:56:04.0556 4596 Wlansvc - ok
21:56:04.0602 4596 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:56:04.0602 4596 WmiAcpi - ok
21:56:04.0649 4596 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:56:04.0649 4596 wmiApSrv - ok
21:56:04.0680 4596 WMPNetworkSvc - ok
21:56:04.0712 4596 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:56:04.0727 4596 WPCSvc - ok
21:56:04.0774 4596 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:56:04.0774 4596 WPDBusEnum - ok
21:56:04.0805 4596 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:56:04.0805 4596 ws2ifsl - ok
21:56:04.0821 4596 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:56:04.0821 4596 wscsvc - ok
21:56:04.0821 4596 WSearch - ok
21:56:04.0961 4596 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:56:05.0039 4596 wuauserv - ok
21:56:05.0070 4596 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:56:05.0070 4596 WudfPf - ok
21:56:05.0117 4596 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:05.0117 4596 WUDFRd - ok
21:56:05.0164 4596 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:56:05.0164 4596 wudfsvc - ok
21:56:05.0211 4596 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:56:05.0211 4596 WwanSvc - ok
21:56:05.0273 4596 ================ Scan global ===============================
21:56:05.0289 4596 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:56:05.0336 4596 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:56:05.0336 4596 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:56:05.0367 4596 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:56:05.0398 4596 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:56:05.0414 4596 [Global] - ok
21:56:05.0414 4596 ================ Scan MBR ==================================
21:56:05.0414 4596 [ E24810EE950B6F5F27CB02111DF934E3 ] \Device\Harddisk0\DR0
21:56:05.0445 4596 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
21:56:05.0445 4596 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
21:56:05.0445 4596 ================ Scan VBR ==================================
21:56:05.0476 4596 [ F6DB4357816CB62E20C12650128FA49F ] \Device\Harddisk0\DR0\Partition1
21:56:05.0492 4596 \Device\Harddisk0\DR0\Partition1 - ok
21:56:05.0492 4596 [ C7DE972E279364FA5798B61DDB20FFFE ] \Device\Harddisk0\DR0\Partition2
21:56:05.0492 4596 \Device\Harddisk0\DR0\Partition2 - ok
21:56:05.0492 4596 ============================================================
21:56:05.0492 4596 Scan finished
21:56:05.0492 4596 ============================================================
21:56:05.0523 2644 Detected object count: 1
21:56:05.0523 2644 Actual detected object count: 1
21:56:25.0148 2644 \Device\Harddisk0\DR0\# - copied to quarantine
21:56:25.0148 2644 \Device\Harddisk0\DR0 - copied to quarantine
21:56:25.0179 2644 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot
21:56:25.0179 2644 \Device\Harddisk0\DR0 - ok
21:56:25.0179 2644 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
21:56:31.0653 1104 Deinitialize success
Code:
ATTFilter 21:58:09.0746 3256 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:58:10.0058 3256 ============================================================
21:58:10.0058 3256 Current date / time: 2012/09/12 21:58:10.0058
21:58:10.0058 3256 SystemInfo:
21:58:10.0058 3256
21:58:10.0058 3256 OS Version: 6.1.7601 ServicePack: 1.0
21:58:10.0058 3256 Product type: Workstation
21:58:10.0058 3256 ComputerName: MAVEL
21:58:10.0058 3256 UserName: Lina
21:58:10.0058 3256 Windows directory: C:\Windows
21:58:10.0058 3256 System windows directory: C:\Windows
21:58:10.0058 3256 Running under WOW64
21:58:10.0058 3256 Processor architecture: Intel x64
21:58:10.0058 3256 Number of processors: 2
21:58:10.0058 3256 Page size: 0x1000
21:58:10.0058 3256 Boot type: Normal boot
21:58:10.0058 3256 ============================================================
21:58:10.0604 3256 BG loaded
21:58:12.0710 3256 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:58:12.0757 3256 ============================================================
21:58:12.0757 3256 \Device\Harddisk0\DR0:
21:58:12.0773 3256 MBR partitions:
21:58:12.0773 3256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:58:12.0773 3256 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
21:58:12.0773 3256 ============================================================
21:58:13.0693 3256 C: <-> \Device\Harddisk0\DR0\Partition2
21:58:13.0693 3256 ============================================================
21:58:13.0693 3256 Initialize success
21:58:13.0693 3256 ============================================================
 |
|
15.09.2012, 10:40
| #21 |
| /// Helfer-Team | Trojan.agent + trojan.midhos Sehr gut!  ESET Online Scanner Vorbereitung
__________________ --> Trojan.agent + trojan.midhos |
|
15.09.2012, 20:26
| #22 |
| | Trojan.agent + trojan.midhos hab ich gemacht, hier das log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=f31ebf2facb7304ba353dd68c4647056
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-07 11:04:58
# local_time=2012-08-07 01:04:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776574 66 94 1970032 95961178 0 0
# compatibility_mode=8192 67108863 100 0 136 136 0 0
# scanned=193015
# found=11
# cleaned=0
# scan_time=6171
C:\$Recycle.Bin\S-1-5-21-4000174466-4024148849-1512776477-1001\$RIBI5KN.exe a variant of Win32/SlowPCfighter application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\Local\Temp\jar_cache6746455204203686438.tmp multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\Local\Temp\is357113909\ezLookerSilent_DDD_FTT_BG_BD_BVD.exe probably a variant of Win32/Adware.HLQFYSH application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\Local\Temp\is357113909\MyBabylonTB.exe Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\Local\{792e06c0-54ef-9686-37d2-0c3b39447e4e}\n Win64/Sirefef.W trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\Local\{792e06c0-54ef-9686-37d2-0c3b39447e4e}\U\80000000.@ Win64/Sirefef.AL trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\31261c02-2e3c2635 Java/Exploit.CVE-2011-3544.AU trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\579e1822-3b10fbb0 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3702a532-37b8fc5d Java/Exploit.Agent.NBC trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7643fbf8-1240a440 Java/Exploit.CVE-2012-0507.DH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Installer\{792e06c0-54ef-9686-37d2-0c3b39447e4e}\U\80000000.@ Win64/Sirefef.AL trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=f31ebf2facb7304ba353dd68c4647056
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-15 02:30:53
# local_time=2012-09-15 04:30:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 99344466 0 0
# compatibility_mode=8192 67108863 100 0 3383424 3383424 0 0
# scanned=193160
# found=3
# cleaned=3
# scan_time=4836
C:\Users\Lina\AppData\Local\Mozilla\Firefox\Profiles\cnyroiz2.Mavel\Cache\5\20\B980Ad01 JS/Kryptik.VT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Users\Lina\AppData\Local\Mozilla\Firefox\Profiles\cnyroiz2.Mavel\Cache\5\8D\5421Cd01 HTML/Fraud.BG Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Users\Lina\AppData\Local\Mozilla\Firefox\Profiles\cnyroiz2.Mavel\Cache\5\A2\53FB9d01 JS/Exploit.Pdfka.PRC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
|
|
16.09.2012, 17:22
| #23 |
| /// Helfer-Team | Trojan.agent + trojan.midhos Bin erstaunt was du wieder fuer Zeugs auf dem Rechner gesammelt hast. Auf was fuer Warez oder Sreaming Seiten surfst du? |
|
17.09.2012, 13:46
| #24 |
| | Trojan.agent + trojan.midhos warez gar nicht, wenn dann mal kinox oder movie2k, sind die übel? bräuchte wohl mal n antivirenprog -.- |
|
18.09.2012, 02:25
| #25 |
| /// Helfer-Team | Trojan.agent + trojan.midhos ja, die sind uebel. du hast dein Windows jetzt auch vollstaedig damit erledigt. Du hast mehr als eine schwere Infektion auf Deinem Rechner. http://www.trojaner-board.de/56634-rootkits.html Er ist kompromittiert und ist nicht mehr vertrauenswuerdig. Du solletest von einem sauberen System aus alle deine Passwoerter aendern. Ich empfehle dir dringendst den PC vom Netz zu trennen und neu aufzusetzen. Anleitungen zum Neuaufsetzen (bebildert) > Windows 7 neu aufsetzen > Vista > XP 1. Datenrettung:
2. Formatieren, Windows neu instalieren:
3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. |
|
18.09.2012, 20:39
| #26 |
| | Trojan.agent + trojan.midhos oh man, das wollt ich vermeiden, aber ok acer aspire 5738G heisst der Laptop, wenn ich richtig gelesen habe, ist n fertiglappi, hab keine windows cd mitbekommen. kennwörter ändern? also liest da schon irgendn virus aus? was ist mit meinem onlinebanking? |
|
19.09.2012, 18:00
| #27 | ||
| /// Helfer-Team | Trojan.agent + trojan.midhos Lade dir die ISO von Windws 7 runter. http://www.trojaner-board.de/51262-a...sicherung.html Lizenz ist unter deinem Laptop (geklebt) Zitat:
Zitat:
Online-PIN aendern. |
|
| Themen zu Trojan.agent + trojan.midhos |
| 7-zip, 800000cb.@, autostart, conduit, desktop, icreinstall, install.exe, kinox.to, launch, löschen, malwarebytes, midhos, movie2k.to, mozilla, msimg32.dll, ntdll.dll, office 2007, plug-in, recycle.bin, richtlinie, rootkit.0access, rootkit.0access.64, rootkit.0access.h, rundll, rundll32.exe, safer networking, schädlinge, security, slowpc, software, trojan.agent, trojan.midhos, trojaner, usb 2.0, win64/sirefef.al, windows-firewall |
Linear-Darstellung
