| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mehrfacher Befall BKA TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.01.2013, 12:50
| #1 |
 |  Mehrfacher Befall BKA Trojaner Hallo Forumuser, also ich möchte mich schonmal im Voraus für jede Hilfe und tatkräftige Mitarbeit bedanken. Ich werde mir größte mühe geben täglich vorbei zu schauen bis wir vielleicht gemeinsam eine Lösung für das Problem finden. So nun das Problem. Ich hatte jetzt schon ein paarmal den BKA-Trojaner. Ich hatte daraufhin im Internet nachgeschaut und bin immer auf die Lösung gekommen, den PC im Abgesicherten Modus zu starten und unter Eingabe von msconfig, nach etwas verdächtigen ausschau zu halten. Das hatte auch soweit geklappt. Nur es lies sich kein Kaspersky installieren bzw starten  .Wie gesagt der BKA Trojaner ist jetzt schon öfters gekommen und ihn einfach nur immer abstellen ist glaube ich die ungesündeste alternative. Mein Ziel ist es diesen Virus komplett auszuradieren und Das schöne Kaspersky zum laufen kriegen. Ich hoffe das Ihr mir hierbei helfen könnt. Und bitte nicht übel nehmen, aber ich bin nicht der mega PC-Crack  Nochmal vielen Dank im Voraus. Sorry noch vergessen. Ich habe Win7 auf dem PC |
|
03.01.2013, 13:10
| #2 | |
| /// Malwareteam    | Mehrfacher Befall BKA Trojaner Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten. Ist das Win7 32- oder 64bit? Marius war schneller Zitat:
__________________ |
|
03.01.2013, 13:25
| #3 |
| | Mehrfacher Befall BKA Trojaner @Larusso: Habe glaube nicht alles verstanden aber danke.
__________________@Psychotic: wenn ich mit dir zusammen das System neu aufsetzen sollte. Könnte mann vorher einzelne Dateien sichern und hinterher wieder Gefahrlos aufspielen? Falls wir das System neu aufspielen sollten: Es ist ein selbst zusammengestellter PC von Atelco mit deren Betriebssystem. Ob ich dafür eine CD habe müsste ich heute abend dann nach dwer Arbeit erst checken. |
|
03.01.2013, 13:31
| #4 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner Wenn du das System neu aufsetzen willst, kannst du vorher Dateien, welche du behalten willst, sichern und nach erfolgter Prüfung auf das frische System zurückspielen, ja.
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.01.2013, 13:37
| #5 |
| | Mehrfacher Befall BKA Trojaner Kann es denn sein das ich dann eventuell Virenbefallene Dateien wieder aufspiele? Das wäre nämlich genau das was ich nicht möchte. Sonst würde ich auch eine bereinigung mit euch angehen. |
|
03.01.2013, 13:42
| #6 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner Solange du nur nicht ausführbare Dateien (wie z.B. Dokumente, Bilder, Musikstücke, Videos, usw.) sicherst, besteht keine Gefahr. Zudem kann das Sicherungsmedium auf Infektionen geprüft werden. Ausführbare Dateien darfst du nicht sichern, da diese ein hohes Risiko einer Neuinfektion beinhalten. Der bei dir aufgetretene Schädling lässt sich problemlos bereinigen.
__________________ --> Mehrfacher Befall BKA Trojaner |
|
03.01.2013, 13:46
| #7 |
| | Mehrfacher Befall BKA Trojaner Okay wenn dieser sich beseitigen lässt, dann sehr gerne. Was ist denn der erste beziehungsweise die ersten Schritte dich heute Abend schonmal erledigen könnte? |
|
03.01.2013, 13:54
| #8 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner Ist es ein 32- oder 64bit Windows 7?
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.01.2013, 14:06
| #9 |
| | Mehrfacher Befall BKA Trojaner Also ich bin mir zu 99% sicher das es 64 bit windows 7 ist. Aber ich schaue bevor ich etwas machen noch einmal nach  |
|
03.01.2013, 14:09
| #10 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner FRST64 Downloade dir bitte Farbar's Recovery Scan Tool x64 und speichere diese auf einen USB Stick. Schließe den USB Stick an das infizierte System an Du musst das System nun in die System Reparatur Option booten. Über den Boot Manager
Mit Windows CD/DVD
Wähle in den Reparaturoptionen Eingabeaufforderung
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! Geändert von Larusso (03.01.2013 um 14:24 Uhr) |
|
03.01.2013, 15:40
| #11 |
| | Mehrfacher Befall BKA Trojaner Also. Habe es nach der Anleitung oben gemacht. Wenn ich allerdings auf Computer reparieren drücke, fährt er normal ins Windows hoch  Eine Windows CD habe ich leider nicht. Was könnte ich den machen? |
|
03.01.2013, 16:03
| #12 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner DDS Downloade dir bitte DDS ( von sUBs ) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop. dds.com dds.exe
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.01.2013, 16:08
| #13 |
| | Mehrfacher Befall BKA Trojaner So da hab ich es schon einmal der dds.txt DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Robert at 16:05:38 on 2013-01-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8169.6399 [GMT 1:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Google Update] "C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ctfmon.lnk - C:\ProgramData\lsass.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
TCP: NameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{79960DC6-6B23-426B-BE58-1A8023912723} : DHCPNameServer = 192.168.2.1 192.168.2.1
SSODL: WebCheck - <orphaned>
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\793hoo6h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\Robert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-22 21:22; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\793hoo6h.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-12 283200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 218880]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-21 382824]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29528]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-10-28 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-10-28 341832]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-10-28 22408]
R3 LGPBTDD;LGPBTDD.sys Display Driver;C:\Windows\System32\drivers\LGPBTDD.sys [2011-10-28 30728]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-10-28 16008]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-30 24904]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-30 655944]
.
=============== Created Last 30 ================
.
2013-01-01 11:33:23 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A810AB41-C49B-447C-A60E-ED1C56F64E9A}\mpengine.dll
2012-12-27 12:24:17 225280 ----a-w- C:\Users\Robert\wgsdgsdgdsgsd.exe
2012-12-27 09:45:19 -------- d-----w- C:\Users\Robert\AppData\Local\Macromedia
2012-12-27 09:24:34 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-20 20:35:31 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-20 20:35:31 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-20 20:35:30 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-20 20:35:30 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 14:56:55 -------- d-----w- C:\Users\Robert\AppData\Local\My Games
2012-12-14 14:41:54 -------- d-----w- C:\Users\Robert\AppData\Local\Ubisoft Game Launcher
2012-12-13 16:49:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-13 16:48:56 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-13 16:48:56 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-13 16:46:33 -------- d-----w- C:\Users\Robert\AppData\Roaming\GetRightToGo
.
==================== Find3M ====================
.
2012-12-28 17:17:19 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-28 17:17:19 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-27 10:01:35 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-15 09:29:59 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-14 14:32:57 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-12-02 14:41:55 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-11-22 05:17:35 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-11-22 05:17:35 3635277 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-11-22 05:17:34 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-11-22 05:17:34 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-11-22 05:17:34 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-11-22 05:17:06 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-22 05:17:02 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-21 17:27:28 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
.
============= FINISH: 16:06:10,76 ===============
und der attach.txt Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 17.10.2011 15:51:16 System Uptime: 03.01.2013 16:02:45 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P8P67 REV 3.1 Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 244 GiB total, 83,167 GiB free. D: is FIXED (NTFS) - 687 GiB total, 304,702 GiB free. E: is CDROM (UDF) F: is CDROM () H: is FIXED (NTFS) - 298 GiB total, 185,636 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP202: 14.12.2012 15:24:35 - Installiert Far Cry 3 RP203: 16.12.2012 19:00:40 - Windows-Sicherung RP204: 18.12.2012 17:18:14 - Windows Update RP205: 20.12.2012 21:35:21 - Windows Update RP206: 25.12.2012 18:19:43 - Windows Update RP207: 25.12.2012 18:26:09 - Windows-Sicherung RP208: 30.12.2012 19:00:41 - Windows-Sicherung RP209: 01.01.2013 12:32:58 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Apple Application Support Apple Mobile Device Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver Battlefield 3™ Battlelog Web Plugins Bluetooth Win7 Suite (64) Bonjour BurnAware Free 4.6 Call of Duty: Black Ops - Multiplayer Call of Duty: Black Ops II Call of Duty: Black Ops II - Multiplayer Call of Duty: Black Ops II - Zombies Call of Duty: Modern Warfare 2 - Multiplayer Call of Duty: Modern Warfare 3 - Multiplayer CDBurnerXP DAEMON Tools Lite eReg ESN Sonar Far Cry 3 GamersFirst LIVE! Google Chrome Intel(R) Management Engine Components iTunes Java Auto Updater Java(TM) 7 Update 5 JavaFX 2.1.1 Kaspersky Internet Security 2013 Logitech Gaming Software 8.12 Logitech SetPoint 6.32 Malwarebytes Anti-Malware Version 1.62.0.1300 marvell 91xx driver Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Microsoft Office Klick-und-Los 2010 Microsoft Office Starter 2010 - Deutsch Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 8.0.1 (x86 de) NVIDIA 3D Vision Controller-Treiber 310.64 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Treiber 310.64 NVIDIA Grafiktreiber 310.64 NVIDIA HD-Audiotreiber 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX-Systemsoftware 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Systemsteuerung 310.64 NVIDIA Update 1.11.3 NVIDIA Update Components OpenAL Origin Pando Media Booster PDF-XChange Viewer PDFCreator PunkBuster Services Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Spec Ops The Line Steam TeamSpeak 3 Client Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Uplay VLC media player 2.0.3 WinRAR 4.01 (64-Bit) . ==== End Of File =========================== |
|
03.01.2013, 16:15
| #14 |
| /// Malwareteam | Mehrfacher Befall BKA Trojaner Schritt 1: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 2: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.01.2013, 16:35
| #15 |
| | Mehrfacher Befall BKA Trojaner Also bei aswmbr kam raus Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 16:17:41
-----------------------------
16:17:41.799 OS Version: Windows x64 6.1.7601 Service Pack 1
16:17:41.799 Number of processors: 8 586 0x2A07
16:17:41.799 ComputerName: DOWNBOY-PC UserName: Robert
16:17:42.115 Initialize success
16:18:42.116 AVAST engine defs: 13010300
16:18:57.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:18:57.706 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 11
16:18:57.716 Disk 0 MBR read successfully
16:18:57.719 Disk 0 MBR scan
16:18:57.724 Disk 0 Windows 7 default MBR code
16:18:57.730 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:18:57.741 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 249899 MB offset 206848
16:18:57.763 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703868 MB offset 512000000
16:18:57.794 Disk 0 scanning C:\Windows\system32\drivers
16:19:04.602 Service scanning
16:19:17.687 Modules scanning
16:19:17.695 Disk 0 trace - called modules:
16:19:17.710 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:19:18.038 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c80790]
16:19:18.044 3 CLASSPNP.SYS[fffff88001e5143f] -> nt!IofCallDriver -> [0xfffffa80075d0520]
16:19:18.050 5 ACPI.sys[fffff88000f607a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80075c8680]
16:19:18.868 AVAST engine scan C:\Windows
16:19:20.119 AVAST engine scan C:\Windows\system32
16:20:52.008 AVAST engine scan C:\Windows\system32\drivers
16:20:59.012 AVAST engine scan C:\Users\Robert
16:27:18.667 File: C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\331fd5cb-52b85284 **INFECTED** Win32:Rootkit-gen [Rtk]
16:30:02.067 File: C:\Users\Robert\wgsdgsdgdsgsd.exe **INFECTED** Win32:Rootkit-gen [Rtk]
16:30:02.290 AVAST engine scan C:\ProgramData
16:30:26.711 Scan finished successfully
16:30:37.910 Disk 0 MBR has been saved successfully to "C:\Users\Robert\Desktop\MBR.dat"
16:30:37.913 The log file has been saved successfully to "C:\Users\Robert\Desktop\aswMBR.txt"
Code:
ATTFilter 16:31:48.0009 1676 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:31:48.0208 1676 ============================================================
16:31:48.0208 1676 Current date / time: 2013/01/03 16:31:48.0208
16:31:48.0209 1676 SystemInfo:
16:31:48.0209 1676
16:31:48.0209 1676 OS Version: 6.1.7601 ServicePack: 1.0
16:31:48.0209 1676 Product type: Workstation
16:31:48.0209 1676 ComputerName: DOWNBOY-PC
16:31:48.0209 1676 UserName: Robert
16:31:48.0209 1676 Windows directory: C:\Windows
16:31:48.0209 1676 System windows directory: C:\Windows
16:31:48.0209 1676 Running under WOW64
16:31:48.0209 1676 Processor architecture: Intel x64
16:31:48.0209 1676 Number of processors: 8
16:31:48.0209 1676 Page size: 0x1000
16:31:48.0209 1676 Boot type: Normal boot
16:31:48.0209 1676 ============================================================
16:31:49.0022 1676 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:49.0025 1676 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:31:49.0026 1676 ============================================================
16:31:49.0026 1676 \Device\Harddisk0\DR0:
16:31:49.0027 1676 MBR partitions:
16:31:49.0027 1676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:31:49.0027 1676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E815800
16:31:49.0027 1676 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E848000, BlocksNum 0x55EBE000
16:31:49.0027 1676 \Device\Harddisk1\DR1:
16:31:49.0027 1676 MBR partitions:
16:31:49.0027 1676 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
16:31:49.0027 1676 ============================================================
16:31:49.0051 1676 C: <-> \Device\Harddisk0\DR0\Partition2
16:31:49.0083 1676 D: <-> \Device\Harddisk0\DR0\Partition3
16:31:49.0522 1676 H: <-> \Device\Harddisk1\DR1\Partition1
16:31:49.0522 1676 ============================================================
16:31:49.0522 1676 Initialize success
16:31:49.0522 1676 ============================================================
16:31:56.0617 0940 ============================================================
16:31:56.0617 0940 Scan started
16:31:56.0617 0940 Mode: Manual;
16:31:56.0617 0940 ============================================================
16:31:57.0415 0940 ================ Scan system memory ========================
16:31:57.0415 0940 System memory - ok
16:31:57.0416 0940 ================ Scan services =============================
16:31:57.0522 0940 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:31:57.0525 0940 1394ohci - ok
16:31:57.0539 0940 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:31:57.0543 0940 ACPI - ok
16:31:57.0557 0940 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:31:57.0557 0940 AcpiPmi - ok
16:31:57.0651 0940 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:57.0655 0940 AdobeFlashPlayerUpdateSvc - ok
16:31:57.0675 0940 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:31:57.0681 0940 adp94xx - ok
16:31:57.0694 0940 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:31:57.0699 0940 adpahci - ok
16:31:57.0704 0940 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:31:57.0707 0940 adpu320 - ok
16:31:57.0728 0940 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:31:57.0729 0940 AeLookupSvc - ok
16:31:57.0765 0940 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:31:57.0770 0940 AFD - ok
16:31:57.0786 0940 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:31:57.0787 0940 agp440 - ok
16:31:57.0807 0940 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:31:57.0808 0940 ALG - ok
16:31:57.0812 0940 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:31:57.0812 0940 aliide - ok
16:31:57.0816 0940 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:31:57.0816 0940 amdide - ok
16:31:57.0821 0940 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:31:57.0822 0940 AmdK8 - ok
16:31:57.0826 0940 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:31:57.0828 0940 AmdPPM - ok
16:31:57.0860 0940 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:31:57.0861 0940 amdsata - ok
16:31:57.0877 0940 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:31:57.0880 0940 amdsbs - ok
16:31:57.0895 0940 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:31:57.0895 0940 amdxata - ok
16:31:57.0908 0940 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:31:57.0909 0940 AppID - ok
16:31:57.0927 0940 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:31:57.0928 0940 AppIDSvc - ok
16:31:57.0941 0940 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:31:57.0943 0940 Appinfo - ok
16:31:58.0005 0940 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:58.0006 0940 Apple Mobile Device - ok
16:31:58.0011 0940 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:31:58.0012 0940 arc - ok
16:31:58.0028 0940 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:31:58.0030 0940 arcsas - ok
16:31:58.0059 0940 [ E1E75921E9EB025009696D4837F531FB ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
16:31:58.0061 0940 asmthub3 - ok
16:31:58.0075 0940 [ B0CF9AB16006B61634D4F955345CA5D2 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
16:31:58.0078 0940 asmtxhci - ok
16:31:58.0096 0940 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:58.0096 0940 AsyncMac - ok
16:31:58.0105 0940 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:31:58.0105 0940 atapi - ok
16:31:58.0129 0940 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
16:31:58.0130 0940 AthBTPort - ok
16:31:58.0134 0940 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
16:31:58.0135 0940 ATHDFU - ok
16:31:58.0165 0940 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:31:58.0167 0940 AtherosSvc - ok
16:31:58.0187 0940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:31:58.0195 0940 AudioEndpointBuilder - ok
16:31:58.0206 0940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:31:58.0211 0940 AudioSrv - ok
16:31:58.0270 0940 [ F1CA8ED683D6945EFDC4492AB60B1460 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
16:31:58.0272 0940 AVP - ok
16:31:58.0293 0940 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:31:58.0295 0940 AxInstSV - ok
16:31:58.0326 0940 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:31:58.0332 0940 b06bdrv - ok
16:31:58.0351 0940 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:31:58.0355 0940 b57nd60a - ok
16:31:58.0384 0940 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:31:58.0385 0940 BDESVC - ok
16:31:58.0409 0940 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:31:58.0409 0940 Beep - ok
16:31:58.0435 0940 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:31:58.0443 0940 BFE - ok
16:31:58.0471 0940 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:31:58.0482 0940 BITS - ok
16:31:58.0495 0940 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:31:58.0496 0940 blbdrive - ok
16:31:58.0519 0940 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:58.0524 0940 Bonjour Service - ok
16:31:58.0548 0940 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:31:58.0549 0940 bowser - ok
16:31:58.0558 0940 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:31:58.0559 0940 BrFiltLo - ok
16:31:58.0562 0940 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:31:58.0563 0940 BrFiltUp - ok
16:31:58.0595 0940 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:31:58.0597 0940 Browser - ok
16:31:58.0616 0940 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:31:58.0619 0940 Brserid - ok
16:31:58.0623 0940 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:31:58.0624 0940 BrSerWdm - ok
16:31:58.0627 0940 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:31:58.0628 0940 BrUsbMdm - ok
16:31:58.0631 0940 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:31:58.0632 0940 BrUsbSer - ok
16:31:58.0646 0940 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
16:31:58.0649 0940 BTATH_A2DP - ok
16:31:58.0670 0940 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
16:31:58.0671 0940 BTATH_BUS - ok
16:31:58.0685 0940 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
16:31:58.0687 0940 BTATH_HCRP - ok
16:31:58.0695 0940 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:31:58.0696 0940 BTATH_LWFLT - ok
16:31:58.0704 0940 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
16:31:58.0705 0940 BTATH_RCP - ok
16:31:58.0721 0940 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
16:31:58.0723 0940 BtFilter - ok
16:31:58.0766 0940 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:31:58.0768 0940 BthEnum - ok
16:31:58.0772 0940 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:31:58.0773 0940 BTHMODEM - ok
16:31:58.0793 0940 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:31:58.0795 0940 BthPan - ok
16:31:58.0834 0940 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:31:58.0840 0940 BTHPORT - ok
16:31:58.0874 0940 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:31:58.0875 0940 bthserv - ok
16:31:58.0897 0940 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:31:58.0898 0940 BTHUSB - ok
16:31:58.0969 0940 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:31:58.0991 0940 cdfs - ok
16:31:59.0010 0940 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:31:59.0012 0940 cdrom - ok
16:31:59.0041 0940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:31:59.0043 0940 CertPropSvc - ok
16:31:59.0046 0940 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:31:59.0048 0940 circlass - ok
16:31:59.0064 0940 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:31:59.0068 0940 CLFS - ok
16:31:59.0128 0940 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:59.0129 0940 clr_optimization_v2.0.50727_32 - ok
16:31:59.0171 0940 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:31:59.0173 0940 clr_optimization_v2.0.50727_64 - ok
16:31:59.0237 0940 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:59.0239 0940 clr_optimization_v4.0.30319_32 - ok
16:31:59.0260 0940 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:31:59.0262 0940 clr_optimization_v4.0.30319_64 - ok
16:31:59.0281 0940 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:31:59.0282 0940 CmBatt - ok
16:31:59.0286 0940 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:31:59.0287 0940 cmdide - ok
16:31:59.0325 0940 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:31:59.0330 0940 CNG - ok
16:31:59.0339 0940 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:31:59.0340 0940 Compbatt - ok
16:31:59.0375 0940 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:31:59.0376 0940 CompositeBus - ok
16:31:59.0386 0940 COMSysApp - ok
16:31:59.0398 0940 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:31:59.0398 0940 crcdisk - ok
16:31:59.0433 0940 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:31:59.0436 0940 CryptSvc - ok
16:31:59.0525 0940 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:31:59.0531 0940 cvhsvc - ok
16:31:59.0559 0940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:31:59.0588 0940 DcomLaunch - ok
16:31:59.0611 0940 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:31:59.0616 0940 defragsvc - ok
16:31:59.0626 0940 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:31:59.0627 0940 DfsC - ok
16:31:59.0659 0940 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:31:59.0664 0940 Dhcp - ok
16:31:59.0674 0940 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:31:59.0675 0940 discache - ok
16:31:59.0697 0940 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:31:59.0699 0940 Disk - ok
16:31:59.0721 0940 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:31:59.0725 0940 Dnscache - ok
16:31:59.0748 0940 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:31:59.0752 0940 dot3svc - ok
16:31:59.0774 0940 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:31:59.0777 0940 DPS - ok
16:31:59.0801 0940 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:31:59.0801 0940 drmkaud - ok
16:31:59.0818 0940 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:31:59.0820 0940 dtsoftbus01 - ok
16:31:59.0843 0940 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:31:59.0850 0940 DXGKrnl - ok
16:31:59.0870 0940 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:31:59.0872 0940 EapHost - ok
16:31:59.0933 0940 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:31:59.0970 0940 ebdrv - ok
16:32:00.0000 0940 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:32:00.0002 0940 EFS - ok
16:32:00.0046 0940 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:32:00.0055 0940 ehRecvr - ok
16:32:00.0063 0940 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:32:00.0065 0940 ehSched - ok
16:32:00.0093 0940 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:32:00.0099 0940 elxstor - ok
16:32:00.0110 0940 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:32:00.0111 0940 ErrDev - ok
16:32:00.0128 0940 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:32:00.0132 0940 EventSystem - ok
16:32:00.0146 0940 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:32:00.0148 0940 exfat - ok
16:32:00.0164 0940 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:32:00.0167 0940 fastfat - ok
16:32:00.0201 0940 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:32:00.0210 0940 Fax - ok
16:32:00.0214 0940 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:32:00.0215 0940 fdc - ok
16:32:00.0223 0940 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:32:00.0224 0940 fdPHost - ok
16:32:00.0228 0940 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:32:00.0229 0940 FDResPub - ok
16:32:00.0259 0940 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:32:00.0260 0940 FileInfo - ok
16:32:00.0276 0940 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:32:00.0277 0940 Filetrace - ok
16:32:00.0287 0940 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:32:00.0288 0940 flpydisk - ok
16:32:00.0306 0940 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:32:00.0310 0940 FltMgr - ok
16:32:00.0346 0940 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:32:00.0360 0940 FontCache - ok
16:32:00.0399 0940 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:32:00.0401 0940 FontCache3.0.0.0 - ok
16:32:00.0416 0940 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:32:00.0418 0940 FsDepends - ok
16:32:00.0450 0940 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:32:00.0451 0940 Fs_Rec - ok
16:32:00.0475 0940 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:32:00.0478 0940 fvevol - ok
16:32:00.0493 0940 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:32:00.0495 0940 gagp30kx - ok
16:32:00.0534 0940 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:32:00.0535 0940 GEARAspiWDM - ok
16:32:00.0566 0940 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:32:00.0576 0940 gpsvc - ok
16:32:00.0591 0940 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:32:00.0592 0940 hcw85cir - ok
16:32:00.0622 0940 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:32:00.0626 0940 HdAudAddService - ok
16:32:00.0662 0940 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:32:00.0664 0940 HDAudBus - ok
16:32:00.0684 0940 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:32:00.0684 0940 HidBatt - ok
16:32:00.0690 0940 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:32:00.0691 0940 HidBth - ok
16:32:00.0708 0940 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:32:00.0709 0940 HidIr - ok
16:32:00.0732 0940 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:32:00.0734 0940 hidserv - ok
16:32:00.0754 0940 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:32:00.0756 0940 HidUsb - ok
16:32:00.0788 0940 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:32:00.0791 0940 hkmsvc - ok
16:32:00.0807 0940 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:32:00.0811 0940 HomeGroupListener - ok
16:32:00.0830 0940 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:32:00.0834 0940 HomeGroupProvider - ok
16:32:00.0850 0940 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:32:00.0852 0940 HpSAMD - ok
16:32:00.0875 0940 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:32:00.0884 0940 HTTP - ok
16:32:00.0892 0940 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:32:00.0893 0940 hwpolicy - ok
16:32:00.0913 0940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:32:00.0915 0940 i8042prt - ok
16:32:00.0935 0940 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:32:00.0941 0940 iaStorV - ok
16:32:00.0969 0940 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:32:00.0980 0940 idsvc - ok
16:32:00.0992 0940 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:32:00.0994 0940 iirsp - ok
16:32:01.0027 0940 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:32:01.0037 0940 IKEEXT - ok
16:32:01.0107 0940 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:32:01.0124 0940 IntcAzAudAddService - ok
16:32:01.0126 0940 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:32:01.0126 0940 intelide - ok
16:32:01.0131 0940 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:32:01.0132 0940 intelppm - ok
16:32:01.0146 0940 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:32:01.0148 0940 IPBusEnum - ok
16:32:01.0150 0940 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:32:01.0151 0940 IpFilterDriver - ok
16:32:01.0197 0940 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:32:01.0204 0940 iphlpsvc - ok
16:32:01.0208 0940 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:32:01.0210 0940 IPMIDRV - ok
16:32:01.0221 0940 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:32:01.0223 0940 IPNAT - ok
16:32:01.0262 0940 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:32:01.0272 0940 iPod Service - ok
16:32:01.0284 0940 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:32:01.0285 0940 IRENUM - ok
16:32:01.0288 0940 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:32:01.0288 0940 isapnp - ok
16:32:01.0305 0940 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:32:01.0307 0940 iScsiPrt - ok
16:32:01.0319 0940 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:32:01.0320 0940 kbdclass - ok
16:32:01.0336 0940 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:32:01.0337 0940 kbdhid - ok
16:32:01.0350 0940 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:32:01.0351 0940 KeyIso - ok
16:32:01.0407 0940 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
16:32:01.0412 0940 kl1 - ok
16:32:01.0471 0940 [ 8191BB24F61EBCAF84719993C7F7B5C6 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
16:32:01.0476 0940 KLIF - ok
16:32:01.0510 0940 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
16:32:01.0510 0940 KLIM6 - ok
16:32:01.0522 0940 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
16:32:01.0523 0940 klkbdflt - ok
16:32:01.0534 0940 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
16:32:01.0535 0940 klmouflt - ok
16:32:01.0541 0940 [ FFC0501A1EA742406F1904A0CFE3BFE2 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
16:32:01.0542 0940 kltdi - ok
16:32:01.0559 0940 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
16:32:01.0561 0940 kneps - ok
16:32:01.0590 0940 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:32:01.0591 0940 KSecDD - ok
16:32:01.0627 0940 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:32:01.0629 0940 KSecPkg - ok
16:32:01.0642 0940 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:32:01.0643 0940 ksthunk - ok
16:32:01.0663 0940 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:32:01.0669 0940 KtmRm - ok
16:32:01.0690 0940 [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
16:32:01.0694 0940 LADF_CaptureOnly - ok
16:32:01.0709 0940 [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
16:32:01.0712 0940 LADF_RenderOnly - ok
16:32:01.0741 0940 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:32:01.0746 0940 LanmanServer - ok
16:32:01.0755 0940 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:32:01.0758 0940 LanmanWorkstation - ok
16:32:01.0852 0940 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:32:01.0857 0940 LBTServ - ok
16:32:01.0886 0940 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:32:01.0887 0940 LGBusEnum - ok
16:32:01.0914 0940 [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
16:32:01.0915 0940 LGPBTDD - ok
16:32:01.0934 0940 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:32:01.0934 0940 LGVirHid - ok
16:32:01.0968 0940 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:32:01.0969 0940 LHidFilt - ok
16:32:01.0998 0940 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:32:01.0998 0940 lltdio - ok
16:32:02.0024 0940 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:32:02.0029 0940 lltdsvc - ok
16:32:02.0044 0940 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:32:02.0046 0940 lmhosts - ok
16:32:02.0079 0940 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:32:02.0080 0940 LMouFilt - ok
16:32:02.0093 0940 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:32:02.0094 0940 LSI_FC - ok
16:32:02.0097 0940 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:32:02.0098 0940 LSI_SAS - ok
16:32:02.0103 0940 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:32:02.0105 0940 LSI_SAS2 - ok
16:32:02.0113 0940 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:32:02.0114 0940 LSI_SCSI - ok
16:32:02.0129 0940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:32:02.0130 0940 luafv - ok
16:32:02.0183 0940 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:32:02.0184 0940 MBAMProtector - ok
16:32:02.0233 0940 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:32:02.0241 0940 MBAMService - ok
16:32:02.0260 0940 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:32:02.0262 0940 Mcx2Svc - ok
16:32:02.0266 0940 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:32:02.0267 0940 megasas - ok
16:32:02.0295 0940 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:32:02.0299 0940 MegaSR - ok
16:32:02.0323 0940 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:32:02.0324 0940 MEIx64 - ok
16:32:02.0334 0940 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:32:02.0336 0940 MMCSS - ok
16:32:02.0340 0940 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:32:02.0341 0940 Modem - ok
16:32:02.0362 0940 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:32:02.0362 0940 monitor - ok
16:32:02.0375 0940 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:32:02.0376 0940 mouclass - ok
16:32:02.0390 0940 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:32:02.0391 0940 mouhid - ok
16:32:02.0400 0940 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:32:02.0401 0940 mountmgr - ok
16:32:02.0424 0940 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:32:02.0426 0940 mpio - ok
16:32:02.0437 0940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:32:02.0438 0940 mpsdrv - ok
16:32:02.0460 0940 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:32:02.0471 0940 MpsSvc - ok
16:32:02.0476 0940 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:32:02.0478 0940 MRxDAV - ok
16:32:02.0500 0940 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:32:02.0502 0940 mrxsmb - ok
16:32:02.0518 0940 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:32:02.0522 0940 mrxsmb10 - ok
16:32:02.0530 0940 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:32:02.0532 0940 mrxsmb20 - ok
16:32:02.0543 0940 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:32:02.0543 0940 msahci - ok
16:32:02.0557 0940 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:32:02.0559 0940 msdsm - ok
16:32:02.0571 0940 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:32:02.0574 0940 MSDTC - ok
16:32:02.0590 0940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:32:02.0591 0940 Msfs - ok
16:32:02.0604 0940 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:32:02.0604 0940 mshidkmdf - ok
16:32:02.0617 0940 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:32:02.0618 0940 msisadrv - ok
16:32:02.0635 0940 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:32:02.0638 0940 MSiSCSI - ok
16:32:02.0642 0940 msiserver - ok
16:32:02.0657 0940 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:32:02.0657 0940 MSKSSRV - ok
16:32:02.0667 0940 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:02.0668 0940 MSPCLOCK - ok
16:32:02.0676 0940 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:32:02.0677 0940 MSPQM - ok
16:32:02.0708 0940 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:32:02.0712 0940 MsRPC - ok
16:32:02.0721 0940 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:32:02.0722 0940 mssmbios - ok
16:32:02.0744 0940 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:32:02.0745 0940 MSTEE - ok
16:32:02.0759 0940 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:32:02.0760 0940 MTConfig - ok
16:32:02.0770 0940 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:32:02.0771 0940 Mup - ok
16:32:02.0795 0940 [ 38B4C95E821528FB91DF16A78E04450F ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
16:32:02.0799 0940 mv91xx - ok
16:32:02.0825 0940 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:32:02.0832 0940 napagent - ok
16:32:02.0855 0940 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:32:02.0859 0940 NativeWifiP - ok
16:32:02.0899 0940 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:32:02.0910 0940 NDIS - ok
16:32:02.0931 0940 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:02.0932 0940 NdisCap - ok
16:32:02.0945 0940 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:02.0946 0940 NdisTapi - ok
16:32:02.0956 0940 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:02.0957 0940 Ndisuio - ok
16:32:02.0968 0940 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:02.0970 0940 NdisWan - ok
16:32:02.0974 0940 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:32:02.0975 0940 NDProxy - ok
16:32:02.0985 0940 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:32:02.0986 0940 NetBIOS - ok
16:32:02.0997 0940 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:32:03.0001 0940 NetBT - ok
16:32:03.0014 0940 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:32:03.0015 0940 Netlogon - ok
16:32:03.0045 0940 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:32:03.0051 0940 Netman - ok
16:32:03.0060 0940 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:32:03.0067 0940 netprofm - ok
16:32:03.0088 0940 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:03.0090 0940 NetTcpPortSharing - ok
16:32:03.0109 0940 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:32:03.0110 0940 nfrd960 - ok
16:32:03.0132 0940 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:32:03.0138 0940 NlaSvc - ok
16:32:03.0167 0940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:32:03.0168 0940 Npfs - ok
16:32:03.0187 0940 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:32:03.0189 0940 nsi - ok
16:32:03.0198 0940 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:32:03.0198 0940 nsiproxy - ok
16:32:03.0256 0940 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:32:03.0275 0940 Ntfs - ok
16:32:03.0284 0940 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:32:03.0284 0940 Null - ok
16:32:03.0321 0940 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:32:03.0323 0940 NVHDA - ok
16:32:03.0499 0940 [ C9FC4C5A7EBE09A40C7DC37C04542900 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:32:03.0539 0940 nvlddmkm - ok
16:32:03.0571 0940 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:32:03.0572 0940 nvraid - ok
16:32:03.0596 0940 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:32:03.0598 0940 nvstor - ok
16:32:03.0634 0940 [ 7056BD6DE1DBF6B8665038AF35D9E146 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:32:03.0644 0940 nvsvc - ok
16:32:03.0691 0940 [ 1B6FA911436D227B24554C33BC68B774 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:32:03.0704 0940 nvUpdatusService - ok
16:32:03.0727 0940 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:32:03.0729 0940 nv_agp - ok
16:32:03.0740 0940 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:32:03.0741 0940 ohci1394 - ok
16:32:03.0795 0940 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:03.0797 0940 ose - ok
16:32:03.0891 0940 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:32:03.0935 0940 osppsvc - ok
16:32:03.0959 0940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:32:03.0963 0940 p2pimsvc - ok
16:32:03.0975 0940 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:32:03.0982 0940 p2psvc - ok
16:32:04.0008 0940 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:32:04.0009 0940 Parport - ok
16:32:04.0036 0940 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:32:04.0037 0940 partmgr - ok
16:32:04.0049 0940 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:32:04.0053 0940 PcaSvc - ok
16:32:04.0066 0940 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:32:04.0069 0940 pci - ok
16:32:04.0076 0940 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:32:04.0077 0940 pciide - ok
16:32:04.0091 0940 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:32:04.0093 0940 pcmcia - ok
16:32:04.0107 0940 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:32:04.0108 0940 pcw - ok
16:32:04.0129 0940 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:32:04.0137 0940 PEAUTH - ok
16:32:04.0202 0940 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:32:04.0204 0940 PerfHost - ok
16:32:04.0242 0940 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:32:04.0254 0940 pla - ok
16:32:04.0283 0940 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:32:04.0288 0940 PlugPlay - ok
16:32:04.0329 0940 PnkBstrA - ok
16:32:04.0347 0940 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:32:04.0350 0940 PNRPAutoReg - ok
16:32:04.0357 0940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:32:04.0361 0940 PNRPsvc - ok
16:32:04.0395 0940 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:32:04.0402 0940 PolicyAgent - ok
16:32:04.0431 0940 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:32:04.0435 0940 Power - ok
16:32:04.0479 0940 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:32:04.0481 0940 PptpMiniport - ok
16:32:04.0492 0940 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:32:04.0494 0940 Processor - ok
16:32:04.0532 0940 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:32:04.0536 0940 ProfSvc - ok
16:32:04.0545 0940 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:32:04.0547 0940 ProtectedStorage - ok
16:32:04.0568 0940 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:32:04.0569 0940 Psched - ok
16:32:04.0607 0940 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:32:04.0625 0940 ql2300 - ok
16:32:04.0629 0940 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:32:04.0632 0940 ql40xx - ok
16:32:04.0639 0940 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:32:04.0642 0940 QWAVE - ok
16:32:04.0651 0940 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:32:04.0651 0940 QWAVEdrv - ok
16:32:04.0653 0940 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:32:04.0654 0940 RasAcd - ok
16:32:04.0674 0940 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:04.0675 0940 RasAgileVpn - ok
16:32:04.0695 0940 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:32:04.0698 0940 RasAuto - ok
16:32:04.0714 0940 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:04.0716 0940 Rasl2tp - ok
16:32:04.0737 0940 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:32:04.0743 0940 RasMan - ok
16:32:04.0757 0940 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:04.0759 0940 RasPppoe - ok
16:32:04.0768 0940 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:32:04.0770 0940 RasSstp - ok
16:32:04.0779 0940 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:32:04.0783 0940 rdbss - ok
16:32:04.0800 0940 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:32:04.0800 0940 rdpbus - ok
16:32:04.0822 0940 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:04.0822 0940 RDPCDD - ok
16:32:04.0830 0940 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:32:04.0831 0940 RDPENCDD - ok
16:32:04.0837 0940 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:32:04.0837 0940 RDPREFMP - ok
16:32:04.0869 0940 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:32:04.0871 0940 RDPWD - ok
16:32:04.0889 0940 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:32:04.0892 0940 rdyboost - ok
16:32:04.0918 0940 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:32:04.0920 0940 RemoteAccess - ok
16:32:04.0938 0940 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:32:04.0941 0940 RemoteRegistry - ok
16:32:04.0965 0940 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:32:04.0968 0940 RFCOMM - ok
16:32:04.0972 0940 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:32:04.0975 0940 RpcEptMapper - ok
16:32:04.0988 0940 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:32:04.0990 0940 RpcLocator - ok
16:32:05.0006 0940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:32:05.0011 0940 RpcSs - ok
16:32:05.0025 0940 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:32:05.0026 0940 rspndr - ok
16:32:05.0046 0940 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:32:05.0050 0940 RTL8167 - ok
16:32:05.0053 0940 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:32:05.0054 0940 SamSs - ok
16:32:05.0065 0940 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:32:05.0066 0940 sbp2port - ok
16:32:05.0084 0940 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:32:05.0087 0940 SCardSvr - ok
16:32:05.0100 0940 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:32:05.0101 0940 scfilter - ok
16:32:05.0130 0940 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:32:05.0141 0940 Schedule - ok
16:32:05.0167 0940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:32:05.0167 0940 SCPolicySvc - ok
16:32:05.0180 0940 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:32:05.0184 0940 SDRSVC - ok
16:32:05.0194 0940 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:32:05.0195 0940 secdrv - ok
16:32:05.0199 0940 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:32:05.0201 0940 seclogon - ok
16:32:05.0213 0940 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:32:05.0216 0940 SENS - ok
16:32:05.0231 0940 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:32:05.0233 0940 SensrSvc - ok
16:32:05.0256 0940 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:32:05.0257 0940 Serenum - ok
16:32:05.0272 0940 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:32:05.0274 0940 Serial - ok
16:32:05.0286 0940 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:32:05.0287 0940 sermouse - ok
16:32:05.0301 0940 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:32:05.0303 0940 SessionEnv - ok
16:32:05.0317 0940 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:32:05.0318 0940 sffdisk - ok
16:32:05.0320 0940 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:32:05.0321 0940 sffp_mmc - ok
16:32:05.0322 0940 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:32:05.0323 0940 sffp_sd - ok
16:32:05.0325 0940 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:32:05.0325 0940 sfloppy - ok
16:32:05.0368 0940 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:32:05.0371 0940 Sftfs - ok
16:32:05.0410 0940 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:32:05.0415 0940 sftlist - ok
16:32:05.0432 0940 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:32:05.0435 0940 Sftplay - ok
16:32:05.0450 0940 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:32:05.0451 0940 Sftredir - ok
16:32:05.0461 0940 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:32:05.0462 0940 Sftvol - ok
16:32:05.0478 0940 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:32:05.0481 0940 sftvsa - ok
16:32:05.0510 0940 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:32:05.0515 0940 SharedAccess - ok
16:32:05.0534 0940 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:32:05.0541 0940 ShellHWDetection - ok
16:32:05.0553 0940 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:32:05.0554 0940 SiSRaid2 - ok
16:32:05.0558 0940 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:32:05.0560 0940 SiSRaid4 - ok
16:32:05.0578 0940 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:32:05.0580 0940 Smb - ok
16:32:05.0608 0940 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:32:05.0610 0940 SNMPTRAP - ok
16:32:05.0777 0940 [ 37D91C6385BB1104D67925FC43800ED0 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
16:32:05.0856 0940 SNPSTD3 - ok
16:32:05.0870 0940 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:32:05.0871 0940 spldr - ok
16:32:05.0898 0940 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:32:05.0906 0940 Spooler - ok
16:32:05.0959 0940 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:32:05.0990 0940 sppsvc - ok
16:32:05.0998 0940 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:32:06.0000 0940 sppuinotify - ok
16:32:06.0021 0940 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:32:06.0025 0940 srv - ok
16:32:06.0041 0940 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:32:06.0045 0940 srv2 - ok
16:32:06.0054 0940 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:32:06.0056 0940 srvnet - ok
16:32:06.0082 0940 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:32:06.0085 0940 SSDPSRV - ok
16:32:06.0093 0940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:32:06.0095 0940 SstpSvc - ok
16:32:06.0118 0940 Steam Client Service - ok
16:32:06.0208 0940 [ 88BD236A405DBC139E9DE278EF17A322 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:32:06.0212 0940 Stereo Service - ok
16:32:06.0230 0940 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:32:06.0231 0940 stexstor - ok
16:32:06.0270 0940 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:32:06.0279 0940 stisvc - ok
16:32:06.0306 0940 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:32:06.0307 0940 swenum - ok
16:32:06.0334 0940 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:32:06.0342 0940 swprv - ok
16:32:06.0386 0940 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:32:06.0405 0940 SysMain - ok
16:32:06.0419 0940 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:32:06.0421 0940 TabletInputService - ok
16:32:06.0438 0940 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:32:06.0442 0940 TapiSrv - ok
16:32:06.0456 0940 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:32:06.0458 0940 TBS - ok
16:32:06.0515 0940 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:32:06.0536 0940 Tcpip - ok
16:32:06.0569 0940 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:32:06.0582 0940 TCPIP6 - ok
16:32:06.0613 0940 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:32:06.0614 0940 tcpipreg - ok
16:32:06.0624 0940 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:32:06.0625 0940 TDPIPE - ok
16:32:06.0655 0940 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:32:06.0656 0940 TDTCP - ok
16:32:06.0666 0940 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:32:06.0668 0940 tdx - ok
16:32:06.0683 0940 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:32:06.0684 0940 TermDD - ok
16:32:06.0709 0940 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:32:06.0719 0940 TermService - ok
16:32:06.0732 0940 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:32:06.0734 0940 Themes - ok
16:32:06.0738 0940 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:32:06.0739 0940 THREADORDER - ok
16:32:06.0747 0940 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:32:06.0749 0940 TrkWks - ok
16:32:06.0776 0940 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:32:06.0778 0940 TrustedInstaller - ok
16:32:06.0791 0940 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:06.0792 0940 tssecsrv - ok
16:32:06.0811 0940 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:32:06.0812 0940 TsUsbFlt - ok
16:32:06.0826 0940 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:32:06.0827 0940 TsUsbGD - ok
16:32:06.0856 0940 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:32:06.0859 0940 tunnel - ok
16:32:06.0871 0940 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:32:06.0873 0940 uagp35 - ok
16:32:06.0885 0940 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:32:06.0890 0940 udfs - ok
16:32:06.0907 0940 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:32:06.0910 0940 UI0Detect - ok
16:32:06.0926 0940 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:32:06.0927 0940 uliagpkx - ok
16:32:06.0943 0940 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:32:06.0944 0940 umbus - ok
16:32:06.0952 0940 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:32:06.0953 0940 UmPass - ok
16:32:06.0971 0940 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:32:06.0976 0940 upnphost - ok
16:32:07.0009 0940 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:32:07.0010 0940 USBAAPL64 - ok
16:32:07.0036 0940 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:32:07.0037 0940 usbaudio - ok
16:32:07.0065 0940 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:32:07.0066 0940 usbccgp - ok
16:32:07.0088 0940 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:32:07.0089 0940 usbcir - ok
16:32:07.0104 0940 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:32:07.0105 0940 usbehci - ok
16:32:07.0115 0940 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:32:07.0119 0940 usbhub - ok
16:32:07.0130 0940 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:32:07.0131 0940 usbohci - ok
16:32:07.0147 0940 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:32:07.0148 0940 usbprint - ok
16:32:07.0163 0940 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:32:07.0164 0940 USBSTOR - ok
16:32:07.0179 0940 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:32:07.0180 0940 usbuhci - ok
16:32:07.0228 0940 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:32:07.0230 0940 usbvideo - ok
16:32:07.0251 0940 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:32:07.0253 0940 UxSms - ok
16:32:07.0261 0940 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:32:07.0262 0940 VaultSvc - ok
16:32:07.0284 0940 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:32:07.0284 0940 vdrvroot - ok
16:32:07.0301 0940 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:32:07.0307 0940 vds - ok
16:32:07.0319 0940 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:07.0319 0940 vga - ok
16:32:07.0331 0940 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:32:07.0332 0940 VgaSave - ok
16:32:07.0348 0940 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:32:07.0351 0940 vhdmp - ok
16:32:07.0353 0940 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:32:07.0353 0940 viaide - ok
16:32:07.0368 0940 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:32:07.0369 0940 volmgr - ok
16:32:07.0382 0940 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:32:07.0386 0940 volmgrx - ok
16:32:07.0398 0940 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:32:07.0401 0940 volsnap - ok
16:32:07.0421 0940 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:32:07.0424 0940 vsmraid - ok
16:32:07.0455 0940 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:32:07.0469 0940 VSS - ok
16:32:07.0476 0940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:32:07.0476 0940 vwifibus - ok
16:32:07.0501 0940 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:32:07.0505 0940 W32Time - ok
16:32:07.0519 0940 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:32:07.0520 0940 WacomPen - ok
16:32:07.0539 0940 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:32:07.0540 0940 WANARP - ok
16:32:07.0543 0940 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:32:07.0544 0940 Wanarpv6 - ok
16:32:07.0577 0940 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:32:07.0597 0940 wbengine - ok
16:32:07.0616 0940 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:32:07.0619 0940 WbioSrvc - ok
16:32:07.0635 0940 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:32:07.0641 0940 wcncsvc - ok
16:32:07.0652 0940 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:32:07.0655 0940 WcsPlugInService - ok
16:32:07.0669 0940 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:32:07.0670 0940 Wd - ok
16:32:07.0710 0940 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:32:07.0719 0940 Wdf01000 - ok
16:32:07.0728 0940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:32:07.0732 0940 WdiServiceHost - ok
16:32:07.0735 0940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:32:07.0738 0940 WdiSystemHost - ok
16:32:07.0754 0940 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:32:07.0759 0940 WebClient - ok
16:32:07.0772 0940 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:32:07.0777 0940 Wecsvc - ok
16:32:07.0794 0940 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:32:07.0797 0940 wercplsupport - ok
16:32:07.0821 0940 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:32:07.0823 0940 WerSvc - ok
16:32:07.0826 0940 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:32:07.0826 0940 WfpLwf - ok
16:32:07.0834 0940 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:32:07.0834 0940 WIMMount - ok
16:32:07.0843 0940 WinDefend - ok
16:32:07.0846 0940 WinHttpAutoProxySvc - ok
16:32:07.0882 0940 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:32:07.0885 0940 Winmgmt - ok
16:32:07.0932 0940 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:32:07.0951 0940 WinRM - ok
16:32:07.0983 0940 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:32:07.0983 0940 WinUsb - ok
16:32:08.0000 0940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:32:08.0009 0940 Wlansvc - ok
16:32:08.0017 0940 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:32:08.0018 0940 WmiAcpi - ok
16:32:08.0026 0940 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:32:08.0028 0940 wmiApSrv - ok
16:32:08.0042 0940 WMPNetworkSvc - ok
16:32:08.0053 0940 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:32:08.0055 0940 WPCSvc - ok
16:32:08.0067 0940 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:32:08.0070 0940 WPDBusEnum - ok
16:32:08.0091 0940 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:32:08.0092 0940 ws2ifsl - ok
16:32:08.0113 0940 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:32:08.0117 0940 wscsvc - ok
16:32:08.0120 0940 WSearch - ok
16:32:08.0186 0940 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:32:08.0209 0940 wuauserv - ok
16:32:08.0233 0940 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:32:08.0234 0940 WudfPf - ok
16:32:08.0247 0940 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:32:08.0249 0940 WUDFRd - ok
16:32:08.0282 0940 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:32:08.0286 0940 wudfsvc - ok
16:32:08.0312 0940 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:32:08.0317 0940 WwanSvc - ok
16:32:08.0349 0940 ================ Scan global ===============================
16:32:08.0367 0940 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:32:08.0398 0940 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
16:32:08.0407 0940 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
16:32:08.0429 0940 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:32:08.0448 0940 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:32:08.0454 0940 [Global] - ok
16:32:08.0454 0940 ================ Scan MBR ==================================
16:32:08.0462 0940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:32:08.0579 0940 \Device\Harddisk0\DR0 - ok
16:32:08.0583 0940 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:32:08.0587 0940 \Device\Harddisk1\DR1 - ok
16:32:08.0588 0940 ================ Scan VBR ==================================
16:32:08.0590 0940 [ 63D554AA84DCFB8C502C4C6D5AC642A8 ] \Device\Harddisk0\DR0\Partition1
16:32:08.0591 0940 \Device\Harddisk0\DR0\Partition1 - ok
16:32:08.0603 0940 [ 11DAF74E46DDB0CAE3F624EA555779DA ] \Device\Harddisk0\DR0\Partition2
16:32:08.0604 0940 \Device\Harddisk0\DR0\Partition2 - ok
16:32:08.0624 0940 [ F1FC699FCE3CE40C00F7946294EF2A62 ] \Device\Harddisk0\DR0\Partition3
16:32:08.0626 0940 \Device\Harddisk0\DR0\Partition3 - ok
16:32:08.0629 0940 [ D62F7E1F5A71D5E4F39D3E8DBDD0BA15 ] \Device\Harddisk1\DR1\Partition1
16:32:08.0631 0940 \Device\Harddisk1\DR1\Partition1 - ok
16:32:08.0631 0940 ============================================================
16:32:08.0631 0940 Scan finished
16:32:08.0632 0940 ============================================================
16:32:08.0641 4976 Detected object count: 0
16:32:08.0641 4976 Actual detected object count: 0
16:32:41.0195 3736 Deinitialize success
|
|
| Themen zu Mehrfacher Befall BKA Trojaner |
| abgesicherten, alter, arbeit, befall, bka-trojaner, einfach, eingabe, installieren, interne, internet, kaspersky, komplett, kriege, laufen, lösung, modus, msconfig, problem, schonmal, schöne, starten, trojaner, täglich, verdächtige, virus |
