| |
| |||||||
Log-Analyse und Auswertung: Auf Paypal Phishing reingefallen, Trojaner Gefahr?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
28.01.2013, 18:58
| #1 |
 |  Auf Paypal Phishing reingefallen, Trojaner Gefahr? Hallo zusammen, in der Hoffnung, dass ich die Schritte für ein korrektes Posten in diesem Forum erfolgreich durchgeführt habe, wende ich mich mit meinen Log Files an euch. Habe heute eine Paypal Phishing Mail erhalten. Inhalt war wie folgt: "Bitte helfen Sie uns dabei, Ihr PayPal-Kundenkonto wieder in Ordnung zu bringen. Bis dahin haben wir den Zugang zu Ihrem PayPal-Konto vorübergehend eingeschränkt. Wo liegt das Problem? Bei Ihrer letzten Zahlung sind uns ungewöhnliche Aktivitäten aufgefallen. Was mache ich jetzt? Bitte verifizieren Sie sich über folgenden Button durch einen Abgleich Ihrer Daten als rechtmäßigen Besitzer des Kontos. Im Anschluss können Sie Ihr Paypal-Kundenkonto wieder uneingeschränkt nutzen: Hier klicken" Ich Trottel hab natürlich auf den Link geklickt. Dann kam eine Seite, die identisch mit der Paypal Seite war, aber halt ne andere URL hatte. Da bin ich zum Glück stutzig geworden und habe mich nicht angemeldet. D.h. ich war "nur" auf der Seite, hab aber keine Daten eingegeben. Paypal Passwort habe ich mittlerweile von nem anderen PC aus geändert. Jetzt hab ich Angst, dass ich mir durch den Besuch auf der Seite einen Trojaner oder irgendeinen anderen Müll eingefangen habe. Ich habe die beschriebenen Schritte durchgeführt und hier sind die Log Files. Für eure Hilfe bedanke ich mich im Voraus. Wäre echt froh, wenn ich mein System nicht platt machen müsste... :-/ Besten Dank und beste Grüße, Philipp. defogger_disable: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:49 on 28/01/2013 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 28.01.2013 17:34:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,85 Gb Total Physical Memory | 5,38 Gb Available Physical Memory | 68,47% Memory free 15,70 Gb Paging File | 13,32 Gb Available in Paging File | 84,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 316,15 Gb Total Space | 246,65 Gb Free Space | 78,02% Space Free | Partition Type: NTFS Drive D: | 148,44 Gb Total Space | 119,63 Gb Free Space | 80,59% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 321,09 Gb Free Space | 68,94% Space Free | Partition Type: NTFS Drive H: | 465,65 Gb Total Space | 101,27 Gb Free Space | 21,75% Space Free | Partition Type: FAT32 Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.28 17:29:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.08.13 10:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 10:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin ========== Modules (No Company Name) ========== MOD - [2012.08.10 15:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.01.19 18:18:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.10.12 10:55:12 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.21 01:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.30 03:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SRV - [2009.03.30 03:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SRV - [2008.07.10 04:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.05.13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011.05.13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011.05.13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011.05.13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011.04.11 14:06:04 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sessavs.sys -- (sessavs) DRV:64bit: - [2011.04.11 14:06:04 | 000,097,360 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sessusb.sys -- (sessusb_svc) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.07 10:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.12.28 20:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.12.01 09:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.08.31 12:23:30 | 000,254,976 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6) DRV:64bit: - [2009.10.05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2006.11.16 15:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F5 C1 B7 76 D9 8D CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130116 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 18:18:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.09 20:15:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 18:18:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.09 20:15:52 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.09.08 16:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.01.28 15:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\2vrazlut.default\extensions [2013.01.28 15:40:00 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\2vrazlut.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.11.24 17:13:36 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\2vrazlut.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.01.19 18:18:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.19 18:18:42 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.08.25 03:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.25 03:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.08.25 03:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.08.25 03:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.25 03:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.25 03:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B6C5FA4-5A8C-4731-A5D0-9CFF20E701C5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36CEC1FF-ECC9-424F-A88B-4DE2F2B06D46}: DhcpNameServer = 192.168.1.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.28 17:31:55 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner Board [2013.01.28 17:29:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.01.22 21:13:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\g200kg [2013.01.19 18:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.09 20:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.01.07 22:26:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit [2013.01.07 22:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit [2013.01.07 22:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64) [2013.01.07 22:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x64) [2013.01.07 22:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier [2013.01.07 22:25:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier [2013.01.07 22:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier (x64) [2013.01.07 22:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier (x64) [2013.01.07 22:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1 [2013.01.07 22:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs ========== Files - Modified Within 30 Days ========== [2013.01.28 17:32:59 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.01.28 17:31:37 | 000,365,568 | ---- | M] () -- C:\Users\***\Desktop\gmer-2.0.18444.exe [2013.01.28 17:29:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.01.28 17:29:47 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2013.01.28 14:53:05 | 000,004,620 | ---- | M] () -- C:\Users\***\Desktop\INFO *** Bulling Ihr Konto ist vorübergehend eingeschränkt.zip [2013.01.28 14:11:52 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.28 14:11:52 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.28 14:08:47 | 001,798,798 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.28 14:08:47 | 000,762,690 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.28 14:08:47 | 000,718,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.28 14:08:47 | 000,173,076 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.28 14:08:47 | 000,146,030 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.28 14:04:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.28 14:04:24 | 2028,253,183 | -HS- | M] () -- C:\hiberfil.sys [2013.01.27 10:16:47 | 000,001,013 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.01.24 20:49:49 | 000,009,141 | ---- | M] () -- C:\Users\***\AppData\Local\recently-used.xbel [2013.01.10 15:46:22 | 000,294,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.09 22:11:00 | 001,775,756 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== Files Created - No Company Name ========== [2013.01.28 17:32:59 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.01.28 17:31:35 | 000,365,568 | ---- | C] () -- C:\Users\***\Desktop\gmer-2.0.18444.exe [2013.01.28 17:29:45 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2013.01.28 14:53:05 | 000,004,620 | ---- | C] () -- C:\Users\***\Desktop\INFO *** Bulling Ihr Konto ist vorübergehend eingeschränkt.zip [2013.01.24 20:49:49 | 000,009,141 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel [2012.09.11 17:09:33 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2012.09.10 22:00:59 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2012.09.10 21:34:24 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2012.09.10 16:33:40 | 001,775,756 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.09.07 18:29:59 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.09.07 18:29:59 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.09.07 18:29:59 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.18 14:56:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atmel [2012.11.13 15:59:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CadSoft [2013.01.07 22:44:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.juce.introjucer [2013.01.28 14:05:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox [2013.01.22 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\g200kg [2013.01.07 22:58:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Introjucer [2013.01.07 23:01:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Juce Audio Plugin Host [2012.12.23 12:01:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jucer [2012.09.10 16:06:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LyX2.0 [2012.09.08 17:27:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.12.14 17:42:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\phi-T Effect S [2012.09.10 10:24:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Scilab [2012.09.19 19:20:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Steinberg [2012.09.08 17:00:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2013.01.06 13:00:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VisualAssist ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.01.2013 17:34:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,85 Gb Total Physical Memory | 5,38 Gb Available Physical Memory | 68,47% Memory free
15,70 Gb Paging File | 13,32 Gb Available in Paging File | 84,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 316,15 Gb Total Space | 246,65 Gb Free Space | 78,02% Space Free | Partition Type: NTFS
Drive D: | 148,44 Gb Total Space | 119,63 Gb Free Space | 80,59% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 321,09 Gb Free Space | 68,94% Space Free | Partition Type: NTFS
Drive H: | 465,65 Gb Total Space | 101,27 Gb Free Space | 21,75% Space Free | Partition Type: FAT32
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4D30FC87-C7A6-4E15-B276-7E5FBA085202}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{D5D92BCF-4F96-4E1D-BCE9-75E8C3CD27A6}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{0FC8AC02-65F3-4429-8591-507C05A91030}C:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe |
"TCP Query User{34073B7D-9285-4899-9C9F-A1E3847756A9}C:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe |
"TCP Query User{8756D699-DF39-4F25-83CE-7605C2AF9786}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{3BD0B1A3-2CF8-4637-954F-114261EA1D8D}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{826E250A-6E87-4214-8DD4-CE6608A0A177}C:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe |
"UDP Query User{D5C94111-157F-4149-AF93-DB6E2C5010B1}C:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atmel\atmel studio 6.0\atmelstudio.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{110C673D-E8C1-44C6-85D3-4BD29513FC88}" = Native Instruments Acoustic Refractions
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{14C1DD2C-D54E-464A-9588-C109E3E39EEF}" = Native Instruments Vintage Organs
"{183C740A-0406-380F-A235-2EC2F8A28D13}" = Microsoft Windows SDK MSHelp (30514)
"{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}" = Microsoft SQL Server System CLR Types (x64)
"{199c6b63-fcb2-49f4-9859-ff78ddd0bb90}" = Native Instruments Scarbee Clavinet Pianet
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{35DE6B98-31C9-4A01-AB64-20A3C71BE1D0}" = Native Instruments Reflektor
"{36ccb7d4-42c7-473e-b293-72e41a8ec766}" = Native Instruments Berlin Concert Grand
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{45da1e94-82eb-4778-be0d-47c8d9e8451b}" = Native Instruments Scarbee Mark I
"{47BA3A3A-6B4E-307F-A43B-724079FE90C6}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{52931732-892F-4D54-A84A-3EDE25F9BCA2}" = Native Instruments Komplete 7
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{5B841301-3649-4891-BC10-7A66820397C9}" = Native Instruments Reaktor Prism
"{5cd7e481-59d1-4961-a964-019f162b1f27}" = Native Instruments Scarbee A-200
"{5D03CB59-6F91-4097-922C-9DCA057D2A76}" = Native Instruments The Finger R2
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit)
"{65B7E38D-10F8-4B1A-8EE3-BF2362CF12AE}" = Native Instruments Kontakt 4 Factory Content
"{68570626-1BF6-310B-AF69-6CD686C04AEA}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6C8D7973-31F9-32E1-A820-8DD857910323}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{84042B7C-F238-11DF-9960-356CDFD72085}" = Native Instruments Berlin Concert Grand
"{84452C2C-BDCC-36F3-A189-CE15F02A47FB}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{84E30D73-E30F-3A02-BAA0-5353C04DD18A}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{8583E7E3-2237-4981-B957-E28E5E9AB678}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{88387B3B-B110-392F-B919-1A15B48F21D4}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{89026002-A893-42D9-9E20-6829B844735E}" = Application Verifier (x64)
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951E6223-AC28-345E-BCF4-B55C1267E321}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{9be187da-7d1c-4e8b-8b66-6132ca7697d8}" = Native Instruments New York Concert Grand
"{A0B0F02C-410B-3DE3-9740-EC4C3D902532}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{A2C55034-8DAF-3755-BA85-CC321707FE99}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{a63e8179-0381-4b59-8876-0755be48eb6a}" = Native Instruments Scarbee MM-Bass
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C9BCE8B9-2510-48D4-B93A-EA7BEA81D6E7}" = Native Instruments Traktors 12
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CD0E9FFE-70DD-47E3-A7A5-750E9DE6F40B}" = JLink OB CDC Driver Package
"{D597935A-5F0E-44F8-A028-A0EF9C647D95}" = Native Instruments Rammfire
"{d8650fdb-9422-4a07-9f57-585c06d9d760}" = Native Instruments Upright Piano
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}" = Debugging Tools for Windows (x64)
"{dc8b9571-8363-44c2-85e0-ea13ab89d032}" = Native Instruments Vienna Concert Grand
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E802A021-0F24-3484-97F7-D74D74CB93A0}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EF728EC1-799C-4570-9AE0-8A9A54E4670A}" = Native Instruments Driver
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{F1C4B89A-8BF0-3D7C-8095-BAE412FBEA3F}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"6D4C34D12E9233ABADF9D04ADF9E288A7ECF3B5B" = Windows-Treiberpaket - Segger (jlink_ob_x64) USB (03/13/2012 2.6.6.2)
"BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1" = Windows-Treiberpaket - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4)
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"scilab-5.3.3 (64-bit)_is1" = scilab-5.3.3 (64-bit)
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D423733-FCBC-4E27-B026-D6D973C6496F}" = Atmel Software Framework
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{51CC3953-2D06-47FA-832A-B7FD24D01322}" = Atmel Studio 6.0
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{CAD6AA29-9CA1-384D-8034-566261CFCC9B}" = Microsoft Visual Studio 2010 Professional - DEU
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = Atmel USB
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"Avira AntiVir Desktop" = Avira Free Antivirus
"EAGLE 6.3.0" = EAGLE 6.3.0
"eLicenser Control" = eLicenser Control
"LyX20" = LyX 2.0.4
"Maxima-5.28.0-2_is1" = Maxima 5.28.0-2
"Microsoft Visual Studio 2010 Professional - DEU" = Microsoft Visual Studio 2010 Professional - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Acoustic Refractions" = Native Instruments Acoustic Refractions
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Berlin Concert Grand" = Native Instruments Berlin Concert Grand
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Driver" = Native Instruments Driver
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments Komplete 7" = Native Instruments Komplete 7
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kontakt 4 Factory Content" = Native Instruments Kontakt 4 Factory Content
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments New York Concert Grand" = Native Instruments New York Concert Grand
"Native Instruments Rammfire" = Native Instruments Rammfire
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Prism" = Native Instruments Reaktor Prism
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Reflektor" = Native Instruments Reflektor
"Native Instruments Scarbee A-200" = Native Instruments Scarbee A-200
"Native Instruments Scarbee Clavinet Pianet" = Native Instruments Scarbee Clavinet Pianet
"Native Instruments Scarbee Mark I" = Native Instruments Scarbee Mark I
"Native Instruments Scarbee MM-Bass" = Native Instruments Scarbee MM-Bass
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments The Finger R2" = Native Instruments The Finger R2
"Native Instruments Traktors 12" = Native Instruments Traktors 12
"Native Instruments Upright Piano" = Native Instruments Upright Piano
"Native Instruments Vienna Concert Grand" = Native Instruments Vienna Concert Grand
"Native Instruments Vintage Organs" = Native Instruments Vintage Organs
"VLC media player" = VLC media player 2.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.01.2013 09:11:24 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.01.2013 06:36:34 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.01.2013 16:09:56 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.01.2013 11:33:03 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2013 04:38:23 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.01.2013 10:58:48 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.01.2013 11:26:33 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.01.2013 05:15:50 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.01.2013 12:54:11 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.01.2013 09:06:19 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 15.01.2013 05:31:29 | Computer Name = ***-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error - 15.01.2013 05:38:22 | Computer Name = ***-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error - 15.01.2013 08:34:35 | Computer Name = ***-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error - 15.01.2013 09:19:40 | Computer Name = ***-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error - 18.01.2013 13:39:35 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 18.01.2013 13:39:36 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 18.01.2013 13:39:36 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 26.01.2013 16:37:32 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error - 26.01.2013 16:37:33 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error - 26.01.2013 16:37:33 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
< End of report >
Code:
ATTFilter GMER 2.0.18444 - hxxp://www.gmer.net
Rootkit scan 2013-01-28 18:19:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721050CLA360 rev.JP2OA50E 465,76GB
Running: gmer-2.0.18444.exe; Driver: C:\Users\***\AppData\Local\Temp\pxliyfod.sys
---- User code sections - GMER 2.0 ----
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17 0000000076281401 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17 0000000076281419 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17 0000000076281431 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42 000000007628144a 2 bytes [28, 76]
.text ... * 9
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17 00000000762814dd 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17 00000000762814f5 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17 000000007628150d 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076281525 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17 000000007628153d 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17 0000000076281555 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17 000000007628156d 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17 0000000076281585 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17 000000007628159d 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17 00000000762815b5 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17 00000000762815cd 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20 00000000762816b2 2 bytes [28, 76]
.text C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe[2820] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31 00000000762816bd 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076281401 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076281419 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076281431 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007628144a 2 bytes [28, 76]
.text ... * 9
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000762814dd 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000762814f5 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007628150d 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076281525 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007628153d 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076281555 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007628156d 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076281585 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007628159d 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000762815b5 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000762815cd 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000762816b2 2 bytes [28, 76]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000762816bd 2 bytes [28, 76]
---- EOF - GMER 2.0 ----
|
|
28.01.2013, 20:25
| #2 |
| /// Malware-holic   | Auf Paypal Phishing reingefallen, Trojaner Gefahr? hi
__________________kannst du die Mail, wie in meiner Signatur angegeben an mich weiterleiten?
__________________ |
|
28.01.2013, 20:54
| #3 |
| /// Malware-holic | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Danke für die Mail.
__________________An Mitleser, gerne auch eure Exemplare an uns senden. Die mail sieht erst mal ungefährlich aus, auch der Link. download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________ |
|
28.01.2013, 22:37
| #4 |
| | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Danke für die schnelle Antwort. Hier der Inhalt des Log Files vom TDSSKiller: Code:
ATTFilter 22:32:47.0101 2292 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:32:47.0242 2292 ============================================================
22:32:47.0242 2292 Current date / time: 2013/01/28 22:32:47.0242
22:32:47.0242 2292 SystemInfo:
22:32:47.0242 2292
22:32:47.0242 2292 OS Version: 6.1.7601 ServicePack: 1.0
22:32:47.0242 2292 Product type: Workstation
22:32:47.0242 2292 ComputerName: ***-PC
22:32:47.0242 2292 UserName: ***
22:32:47.0242 2292 Windows directory: C:\Windows
22:32:47.0242 2292 System windows directory: C:\Windows
22:32:47.0242 2292 Running under WOW64
22:32:47.0242 2292 Processor architecture: Intel x64
22:32:47.0242 2292 Number of processors: 4
22:32:47.0242 2292 Page size: 0x1000
22:32:47.0242 2292 Boot type: Normal boot
22:32:47.0242 2292 ============================================================
22:32:48.0427 2292 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:48.0443 2292 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:48.0537 2292 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:32:48.0942 2292 ============================================================
22:32:48.0942 2292 \Device\Harddisk0\DR0:
22:32:48.0942 2292 MBR partitions:
22:32:48.0942 2292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
22:32:48.0942 2292 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x2784D000
22:32:48.0942 2292 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27AA5800, BlocksNum 0x128DF800
22:32:48.0942 2292 \Device\Harddisk1\DR1:
22:32:48.0942 2292 MBR partitions:
22:32:48.0942 2292 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
22:32:48.0942 2292 \Device\Harddisk2\DR2:
22:32:48.0942 2292 MBR partitions:
22:32:48.0942 2292 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
22:32:48.0942 2292 ============================================================
22:32:48.0958 2292 C: <-> \Device\Harddisk0\DR0\Partition2
22:32:49.0005 2292 D: <-> \Device\Harddisk0\DR0\Partition3
22:32:49.0036 2292 H: <-> \Device\Harddisk2\DR2\Partition1
22:32:49.0051 2292 F: <-> \Device\Harddisk1\DR1\Partition1
22:32:49.0067 2292 ============================================================
22:32:49.0067 2292 Initialize success
22:32:49.0067 2292 ============================================================
22:33:34.0487 2364 ============================================================
22:33:34.0487 2364 Scan started
22:33:34.0487 2364 Mode: Manual; SigCheck; TDLFS;
22:33:34.0487 2364 ============================================================
22:33:36.0047 2364 ================ Scan system memory ========================
22:33:36.0047 2364 System memory - ok
22:33:36.0047 2364 ================ Scan services =============================
22:33:36.0156 2364 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:33:36.0422 2364 1394ohci - ok
22:33:36.0437 2364 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:33:36.0468 2364 ACPI - ok
22:33:36.0500 2364 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:33:36.0562 2364 AcpiPmi - ok
22:33:36.0624 2364 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:33:36.0640 2364 AdobeARMservice - ok
22:33:36.0687 2364 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:33:36.0718 2364 adp94xx - ok
22:33:36.0749 2364 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:33:36.0780 2364 adpahci - ok
22:33:36.0796 2364 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:33:36.0827 2364 adpu320 - ok
22:33:36.0843 2364 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:33:36.0983 2364 AeLookupSvc - ok
22:33:37.0014 2364 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:33:37.0092 2364 AFD - ok
22:33:37.0124 2364 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:33:37.0155 2364 agp440 - ok
22:33:37.0170 2364 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:33:37.0233 2364 ALG - ok
22:33:37.0264 2364 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:33:37.0280 2364 aliide - ok
22:33:37.0280 2364 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:33:37.0295 2364 amdide - ok
22:33:37.0311 2364 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:33:37.0342 2364 AmdK8 - ok
22:33:37.0358 2364 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:33:37.0389 2364 AmdPPM - ok
22:33:37.0404 2364 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:33:37.0436 2364 amdsata - ok
22:33:37.0451 2364 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:33:37.0482 2364 amdsbs - ok
22:33:37.0482 2364 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:33:37.0514 2364 amdxata - ok
22:33:37.0545 2364 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:33:37.0592 2364 androidusb - ok
22:33:37.0670 2364 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:33:37.0685 2364 AntiVirSchedulerService - ok
22:33:37.0701 2364 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:33:37.0716 2364 AntiVirService - ok
22:33:37.0748 2364 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:33:37.0857 2364 AppID - ok
22:33:37.0872 2364 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:33:37.0935 2364 AppIDSvc - ok
22:33:37.0950 2364 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:33:38.0013 2364 Appinfo - ok
22:33:38.0060 2364 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:33:38.0106 2364 AppMgmt - ok
22:33:38.0122 2364 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:33:38.0153 2364 arc - ok
22:33:38.0169 2364 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:33:38.0184 2364 arcsas - ok
22:33:38.0309 2364 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:33:38.0325 2364 aspnet_state - ok
22:33:38.0356 2364 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:33:38.0403 2364 AsyncMac - ok
22:33:38.0418 2364 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:33:38.0418 2364 atapi - ok
22:33:38.0465 2364 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:33:38.0512 2364 athr - ok
22:33:38.0543 2364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:33:38.0606 2364 AudioEndpointBuilder - ok
22:33:38.0606 2364 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:33:38.0637 2364 AudioSrv - ok
22:33:38.0684 2364 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:33:38.0699 2364 avgntflt - ok
22:33:38.0730 2364 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:33:38.0762 2364 avipbb - ok
22:33:38.0777 2364 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:33:38.0793 2364 avkmgr - ok
22:33:38.0824 2364 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:33:38.0902 2364 AxInstSV - ok
22:33:38.0918 2364 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:33:38.0980 2364 b06bdrv - ok
22:33:38.0996 2364 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:33:39.0027 2364 b57nd60a - ok
22:33:39.0074 2364 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:33:39.0120 2364 BDESVC - ok
22:33:39.0136 2364 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:33:39.0183 2364 Beep - ok
22:33:39.0230 2364 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:33:39.0292 2364 BFE - ok
22:33:39.0323 2364 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:33:39.0401 2364 BITS - ok
22:33:39.0417 2364 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:33:39.0448 2364 blbdrive - ok
22:33:39.0479 2364 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:33:39.0526 2364 bowser - ok
22:33:39.0542 2364 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:33:39.0573 2364 BrFiltLo - ok
22:33:39.0588 2364 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:33:39.0604 2364 BrFiltUp - ok
22:33:39.0620 2364 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:33:39.0666 2364 Browser - ok
22:33:39.0682 2364 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:33:39.0729 2364 Brserid - ok
22:33:39.0760 2364 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:33:39.0791 2364 BrSerWdm - ok
22:33:39.0791 2364 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:33:39.0838 2364 BrUsbMdm - ok
22:33:39.0854 2364 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:33:39.0869 2364 BrUsbSer - ok
22:33:39.0885 2364 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:33:39.0916 2364 BTHMODEM - ok
22:33:39.0947 2364 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:33:39.0978 2364 bthserv - ok
22:33:40.0010 2364 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:33:40.0072 2364 cdfs - ok
22:33:40.0103 2364 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:33:40.0119 2364 cdrom - ok
22:33:40.0150 2364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:33:40.0212 2364 CertPropSvc - ok
22:33:40.0228 2364 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:33:40.0259 2364 circlass - ok
22:33:40.0290 2364 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:33:40.0322 2364 CLFS - ok
22:33:40.0368 2364 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:33:40.0384 2364 clr_optimization_v2.0.50727_32 - ok
22:33:40.0524 2364 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:33:40.0556 2364 clr_optimization_v2.0.50727_64 - ok
22:33:40.0634 2364 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:33:40.0649 2364 clr_optimization_v4.0.30319_32 - ok
22:33:40.0665 2364 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:33:40.0680 2364 clr_optimization_v4.0.30319_64 - ok
22:33:40.0696 2364 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:33:40.0727 2364 CmBatt - ok
22:33:40.0743 2364 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:33:40.0758 2364 cmdide - ok
22:33:40.0790 2364 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:33:40.0836 2364 CNG - ok
22:33:40.0852 2364 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:33:40.0868 2364 Compbatt - ok
22:33:40.0883 2364 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:33:40.0914 2364 CompositeBus - ok
22:33:40.0930 2364 COMSysApp - ok
22:33:40.0946 2364 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:33:40.0961 2364 crcdisk - ok
22:33:41.0008 2364 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:33:41.0055 2364 CryptSvc - ok
22:33:41.0086 2364 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:33:41.0148 2364 CSC - ok
22:33:41.0180 2364 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:33:41.0211 2364 CscService - ok
22:33:41.0242 2364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:33:41.0289 2364 DcomLaunch - ok
22:33:41.0320 2364 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:33:41.0367 2364 defragsvc - ok
22:33:41.0398 2364 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:33:41.0429 2364 DfsC - ok
22:33:41.0460 2364 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:33:41.0523 2364 Dhcp - ok
22:33:41.0538 2364 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:33:41.0585 2364 discache - ok
22:33:41.0632 2364 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:33:41.0648 2364 Disk - ok
22:33:41.0679 2364 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:33:41.0710 2364 dmvsc - ok
22:33:41.0726 2364 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:33:41.0772 2364 Dnscache - ok
22:33:41.0804 2364 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:33:41.0850 2364 dot3svc - ok
22:33:41.0866 2364 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:33:41.0897 2364 DPS - ok
22:33:41.0913 2364 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:33:41.0944 2364 drmkaud - ok
22:33:41.0975 2364 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:33:42.0006 2364 DXGKrnl - ok
22:33:42.0022 2364 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:33:42.0084 2364 EapHost - ok
22:33:42.0148 2364 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:33:42.0210 2364 ebdrv - ok
22:33:42.0241 2364 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:33:42.0273 2364 EFS - ok
22:33:42.0304 2364 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:33:42.0335 2364 elxstor - ok
22:33:42.0351 2364 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:33:42.0366 2364 ErrDev - ok
22:33:42.0413 2364 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:33:42.0460 2364 EventSystem - ok
22:33:42.0475 2364 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:33:42.0491 2364 exfat - ok
22:33:42.0522 2364 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:33:42.0569 2364 fastfat - ok
22:33:42.0585 2364 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:33:42.0600 2364 fdc - ok
22:33:42.0631 2364 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:33:42.0678 2364 fdPHost - ok
22:33:42.0678 2364 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:33:42.0709 2364 FDResPub - ok
22:33:42.0741 2364 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:33:42.0756 2364 FileInfo - ok
22:33:42.0756 2364 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:33:42.0803 2364 Filetrace - ok
22:33:42.0803 2364 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:33:42.0819 2364 flpydisk - ok
22:33:42.0819 2364 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:33:42.0834 2364 FltMgr - ok
22:33:42.0865 2364 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:33:42.0928 2364 FontCache - ok
22:33:42.0959 2364 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:33:42.0975 2364 FontCache3.0.0.0 - ok
22:33:42.0990 2364 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:33:43.0006 2364 FsDepends - ok
22:33:43.0021 2364 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:33:43.0037 2364 Fs_Rec - ok
22:33:43.0068 2364 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:33:43.0084 2364 fvevol - ok
22:33:43.0115 2364 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:33:43.0131 2364 gagp30kx - ok
22:33:43.0146 2364 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:33:43.0177 2364 gpsvc - ok
22:33:43.0209 2364 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:33:43.0240 2364 hcw85cir - ok
22:33:43.0271 2364 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:33:43.0302 2364 HdAudAddService - ok
22:33:43.0318 2364 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:33:43.0365 2364 HDAudBus - ok
22:33:43.0380 2364 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:33:43.0411 2364 HidBatt - ok
22:33:43.0427 2364 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:33:43.0458 2364 HidBth - ok
22:33:43.0474 2364 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:33:43.0505 2364 HidIr - ok
22:33:43.0521 2364 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:33:43.0567 2364 hidserv - ok
22:33:43.0599 2364 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:33:43.0599 2364 HidUsb - ok
22:33:43.0614 2364 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:33:43.0645 2364 hkmsvc - ok
22:33:43.0661 2364 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:33:43.0708 2364 HomeGroupListener - ok
22:33:43.0739 2364 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:33:43.0786 2364 HomeGroupProvider - ok
22:33:43.0801 2364 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:33:43.0833 2364 HpSAMD - ok
22:33:43.0848 2364 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:33:43.0911 2364 HTTP - ok
22:33:43.0926 2364 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:33:43.0926 2364 hwpolicy - ok
22:33:43.0957 2364 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:33:43.0989 2364 i8042prt - ok
22:33:44.0020 2364 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:33:44.0035 2364 iaStorV - ok
22:33:44.0067 2364 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:33:44.0098 2364 idsvc - ok
22:33:44.0316 2364 [ 78527E6A4D78B1153925914C55872BEB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:33:44.0550 2364 igfx - ok
22:33:44.0581 2364 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:33:44.0597 2364 iirsp - ok
22:33:44.0613 2364 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:33:44.0659 2364 IKEEXT - ok
22:33:44.0737 2364 [ 895C6DD2A3CAB8C2BAEDB201DD1A7D40 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:33:44.0815 2364 IntcAzAudAddService - ok
22:33:44.0831 2364 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:33:44.0847 2364 intelide - ok
22:33:44.0878 2364 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:33:44.0909 2364 intelppm - ok
22:33:44.0925 2364 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:33:44.0971 2364 IPBusEnum - ok
22:33:44.0987 2364 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:33:45.0018 2364 IpFilterDriver - ok
22:33:45.0065 2364 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:33:45.0112 2364 iphlpsvc - ok
22:33:45.0143 2364 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:33:45.0174 2364 IPMIDRV - ok
22:33:45.0174 2364 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:33:45.0237 2364 IPNAT - ok
22:33:45.0252 2364 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:33:45.0283 2364 IRENUM - ok
22:33:45.0299 2364 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:33:45.0315 2364 isapnp - ok
22:33:45.0330 2364 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:33:45.0361 2364 iScsiPrt - ok
22:33:45.0377 2364 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:33:45.0393 2364 kbdclass - ok
22:33:45.0408 2364 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:33:45.0439 2364 kbdhid - ok
22:33:45.0439 2364 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:33:45.0455 2364 KeyIso - ok
22:33:45.0471 2364 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:33:45.0486 2364 KSecDD - ok
22:33:45.0502 2364 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:33:45.0517 2364 KSecPkg - ok
22:33:45.0549 2364 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:33:45.0611 2364 ksthunk - ok
22:33:45.0642 2364 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:33:45.0673 2364 KtmRm - ok
22:33:45.0705 2364 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:33:45.0751 2364 LanmanServer - ok
22:33:45.0767 2364 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:33:45.0814 2364 LanmanWorkstation - ok
22:33:45.0845 2364 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:33:45.0892 2364 lltdio - ok
22:33:45.0907 2364 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:33:45.0954 2364 lltdsvc - ok
22:33:45.0970 2364 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:33:46.0001 2364 lmhosts - ok
22:33:46.0032 2364 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:33:46.0048 2364 LSI_FC - ok
22:33:46.0063 2364 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:33:46.0079 2364 LSI_SAS - ok
22:33:46.0095 2364 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:33:46.0110 2364 LSI_SAS2 - ok
22:33:46.0126 2364 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:33:46.0157 2364 LSI_SCSI - ok
22:33:46.0173 2364 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:33:46.0219 2364 luafv - ok
22:33:46.0235 2364 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:33:46.0251 2364 megasas - ok
22:33:46.0282 2364 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:33:46.0297 2364 MegaSR - ok
22:33:46.0329 2364 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:33:46.0329 2364 MEIx64 - ok
22:33:46.0360 2364 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:33:46.0407 2364 MMCSS - ok
22:33:46.0422 2364 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:33:46.0453 2364 Modem - ok
22:33:46.0469 2364 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:33:46.0500 2364 monitor - ok
22:33:46.0516 2364 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:33:46.0516 2364 mouclass - ok
22:33:46.0563 2364 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:33:46.0594 2364 mouhid - ok
22:33:46.0594 2364 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:33:46.0609 2364 mountmgr - ok
22:33:46.0641 2364 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:33:46.0656 2364 MozillaMaintenance - ok
22:33:46.0672 2364 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:33:46.0703 2364 mpio - ok
22:33:46.0703 2364 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:33:46.0750 2364 mpsdrv - ok
22:33:46.0781 2364 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:33:46.0812 2364 MpsSvc - ok
22:33:46.0859 2364 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:33:46.0906 2364 MRxDAV - ok
22:33:46.0921 2364 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:33:46.0968 2364 mrxsmb - ok
22:33:46.0984 2364 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:33:47.0015 2364 mrxsmb10 - ok
22:33:47.0031 2364 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:33:47.0046 2364 mrxsmb20 - ok
22:33:47.0077 2364 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:33:47.0093 2364 msahci - ok
22:33:47.0109 2364 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:33:47.0140 2364 msdsm - ok
22:33:47.0140 2364 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:33:47.0187 2364 MSDTC - ok
22:33:47.0202 2364 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:33:47.0249 2364 Msfs - ok
22:33:47.0296 2364 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:33:47.0343 2364 mshidkmdf - ok
22:33:47.0358 2364 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:33:47.0358 2364 msisadrv - ok
22:33:47.0374 2364 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:33:47.0421 2364 MSiSCSI - ok
22:33:47.0421 2364 msiserver - ok
22:33:47.0436 2364 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:33:47.0499 2364 MSKSSRV - ok
22:33:47.0514 2364 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:33:47.0561 2364 MSPCLOCK - ok
22:33:47.0561 2364 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:33:47.0592 2364 MSPQM - ok
22:33:47.0608 2364 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:33:47.0624 2364 MsRPC - ok
22:33:47.0624 2364 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:33:47.0639 2364 mssmbios - ok
22:33:47.0702 2364 MSSQL$SQLEXPRESS - ok
22:33:47.0780 2364 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:33:47.0795 2364 MSSQLServerADHelper100 - ok
22:33:47.0795 2364 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:33:47.0842 2364 MSTEE - ok
22:33:47.0858 2364 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:33:47.0873 2364 MTConfig - ok
22:33:47.0889 2364 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:33:47.0889 2364 Mup - ok
22:33:47.0920 2364 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:33:47.0982 2364 napagent - ok
22:33:48.0014 2364 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:33:48.0045 2364 NativeWifiP - ok
22:33:48.0076 2364 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:33:48.0107 2364 NDIS - ok
22:33:48.0123 2364 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:33:48.0154 2364 NdisCap - ok
22:33:48.0170 2364 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:33:48.0201 2364 NdisTapi - ok
22:33:48.0201 2364 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:33:48.0232 2364 Ndisuio - ok
22:33:48.0248 2364 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:33:48.0279 2364 NdisWan - ok
22:33:48.0294 2364 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:33:48.0326 2364 NDProxy - ok
22:33:48.0341 2364 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:33:48.0404 2364 NetBIOS - ok
22:33:48.0419 2364 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:33:48.0450 2364 NetBT - ok
22:33:48.0450 2364 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:33:48.0466 2364 Netlogon - ok
22:33:48.0497 2364 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:33:48.0544 2364 Netman - ok
22:33:48.0591 2364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:48.0606 2364 NetMsmqActivator - ok
22:33:48.0606 2364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:48.0622 2364 NetPipeActivator - ok
22:33:48.0638 2364 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:33:48.0684 2364 netprofm - ok
22:33:48.0684 2364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:48.0684 2364 NetTcpActivator - ok
22:33:48.0700 2364 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:48.0700 2364 NetTcpPortSharing - ok
22:33:48.0731 2364 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:33:48.0747 2364 nfrd960 - ok
22:33:48.0903 2364 [ 7C272C9E8696A63A58D3A835FD446212 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
22:33:48.0981 2364 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
22:33:48.0981 2364 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
22:33:49.0028 2364 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:33:49.0043 2364 NlaSvc - ok
22:33:49.0059 2364 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:33:49.0090 2364 Npfs - ok
22:33:49.0106 2364 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:33:49.0121 2364 nsi - ok
22:33:49.0137 2364 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:33:49.0168 2364 nsiproxy - ok
22:33:49.0215 2364 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:33:49.0262 2364 Ntfs - ok
22:33:49.0277 2364 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:33:49.0308 2364 Null - ok
22:33:49.0324 2364 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:33:49.0340 2364 nvraid - ok
22:33:49.0355 2364 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:33:49.0371 2364 nvstor - ok
22:33:49.0386 2364 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:33:49.0402 2364 nv_agp - ok
22:33:49.0418 2364 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:33:49.0433 2364 ohci1394 - ok
22:33:49.0464 2364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:33:49.0496 2364 p2pimsvc - ok
22:33:49.0511 2364 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:33:49.0527 2364 p2psvc - ok
22:33:49.0558 2364 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:33:49.0574 2364 Parport - ok
22:33:49.0605 2364 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:33:49.0605 2364 partmgr - ok
22:33:49.0636 2364 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:33:49.0667 2364 PcaSvc - ok
22:33:49.0683 2364 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:33:49.0698 2364 pci - ok
22:33:49.0714 2364 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:33:49.0730 2364 pciide - ok
22:33:49.0730 2364 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:33:49.0745 2364 pcmcia - ok
22:33:49.0761 2364 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:33:49.0761 2364 pcw - ok
22:33:49.0792 2364 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:33:49.0839 2364 PEAUTH - ok
22:33:49.0870 2364 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:33:49.0917 2364 PeerDistSvc - ok
22:33:49.0979 2364 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:33:50.0010 2364 PerfHost - ok
22:33:50.0042 2364 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:33:50.0104 2364 pla - ok
22:33:50.0135 2364 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:33:50.0182 2364 PlugPlay - ok
22:33:50.0213 2364 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:33:50.0244 2364 PNRPAutoReg - ok
22:33:50.0260 2364 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:33:50.0276 2364 PNRPsvc - ok
22:33:50.0307 2364 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:33:50.0354 2364 PolicyAgent - ok
22:33:50.0369 2364 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:33:50.0400 2364 Power - ok
22:33:50.0432 2364 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:33:50.0478 2364 PptpMiniport - ok
22:33:50.0478 2364 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:33:50.0510 2364 Processor - ok
22:33:50.0525 2364 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:33:50.0556 2364 ProfSvc - ok
22:33:50.0572 2364 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:33:50.0588 2364 ProtectedStorage - ok
22:33:50.0603 2364 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:33:50.0666 2364 Psched - ok
22:33:50.0712 2364 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:33:50.0759 2364 ql2300 - ok
22:33:50.0775 2364 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:33:50.0790 2364 ql40xx - ok
22:33:50.0806 2364 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:33:50.0822 2364 QWAVE - ok
22:33:50.0837 2364 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:33:50.0853 2364 QWAVEdrv - ok
22:33:50.0868 2364 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:33:50.0915 2364 RasAcd - ok
22:33:50.0931 2364 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:33:50.0946 2364 RasAgileVpn - ok
22:33:50.0978 2364 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:33:51.0009 2364 RasAuto - ok
22:33:51.0024 2364 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:33:51.0040 2364 Rasl2tp - ok
22:33:51.0056 2364 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:33:51.0087 2364 RasMan - ok
22:33:51.0102 2364 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:33:51.0134 2364 RasPppoe - ok
22:33:51.0149 2364 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:33:51.0196 2364 RasSstp - ok
22:33:51.0196 2364 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:33:51.0227 2364 rdbss - ok
22:33:51.0243 2364 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:33:51.0258 2364 rdpbus - ok
22:33:51.0290 2364 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:33:51.0321 2364 RDPCDD - ok
22:33:51.0336 2364 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:33:51.0368 2364 RDPDR - ok
22:33:51.0368 2364 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:33:51.0399 2364 RDPENCDD - ok
22:33:51.0430 2364 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:33:51.0446 2364 RDPREFMP - ok
22:33:51.0461 2364 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:33:51.0508 2364 RDPWD - ok
22:33:51.0539 2364 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:33:51.0570 2364 rdyboost - ok
22:33:51.0586 2364 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:33:51.0633 2364 RemoteAccess - ok
22:33:51.0648 2364 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:33:51.0711 2364 RemoteRegistry - ok
22:33:51.0726 2364 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:33:51.0758 2364 RpcEptMapper - ok
22:33:51.0773 2364 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:33:51.0789 2364 RpcLocator - ok
22:33:51.0804 2364 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:33:51.0836 2364 RpcSs - ok
22:33:51.0867 2364 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
22:33:51.0882 2364 RsFx0103 - ok
22:33:51.0914 2364 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:33:51.0929 2364 rspndr - ok
22:33:51.0976 2364 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:33:51.0976 2364 RSUSBSTOR - ok
22:33:52.0007 2364 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:33:52.0023 2364 RTL8167 - ok
22:33:52.0038 2364 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:33:52.0054 2364 s3cap - ok
22:33:52.0054 2364 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:33:52.0070 2364 SamSs - ok
22:33:52.0085 2364 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:33:52.0101 2364 sbp2port - ok
22:33:52.0132 2364 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:33:52.0163 2364 SCardSvr - ok
22:33:52.0163 2364 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:33:52.0194 2364 scfilter - ok
22:33:52.0226 2364 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:33:52.0288 2364 Schedule - ok
22:33:52.0304 2364 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:33:52.0335 2364 SCPolicySvc - ok
22:33:52.0350 2364 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:33:52.0382 2364 SDRSVC - ok
22:33:52.0413 2364 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:33:52.0460 2364 secdrv - ok
22:33:52.0475 2364 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:33:52.0506 2364 seclogon - ok
22:33:52.0522 2364 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:33:52.0553 2364 SENS - ok
22:33:52.0569 2364 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:33:52.0600 2364 SensrSvc - ok
22:33:52.0631 2364 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:33:52.0647 2364 Serenum - ok
22:33:52.0678 2364 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:33:52.0709 2364 Serial - ok
22:33:52.0740 2364 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:33:52.0772 2364 sermouse - ok
22:33:52.0803 2364 [ 8CCE1DD878F6192553C71A3FC55ECDA9 ] sessavs C:\Windows\system32\Drivers\sessavs.sys
22:33:52.0834 2364 sessavs - ok
22:33:52.0850 2364 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:33:52.0896 2364 SessionEnv - ok
22:33:52.0928 2364 [ 32FEB5BB5F39ED5A8CA0254443A4EE40 ] sessusb_svc C:\Windows\system32\Drivers\sessusb.sys
22:33:52.0959 2364 sessusb_svc - ok
22:33:52.0959 2364 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:33:52.0990 2364 sffdisk - ok
22:33:53.0021 2364 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:33:53.0052 2364 sffp_mmc - ok
22:33:53.0052 2364 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:33:53.0084 2364 sffp_sd - ok
22:33:53.0099 2364 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:33:53.0130 2364 sfloppy - ok
22:33:53.0146 2364 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:33:53.0208 2364 SharedAccess - ok
22:33:53.0240 2364 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:33:53.0286 2364 ShellHWDetection - ok
22:33:53.0302 2364 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:33:53.0318 2364 SiSRaid2 - ok
22:33:53.0333 2364 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:33:53.0349 2364 SiSRaid4 - ok
22:33:53.0364 2364 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:33:53.0396 2364 Smb - ok
22:33:53.0427 2364 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:33:53.0442 2364 SNMPTRAP - ok
22:33:53.0474 2364 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:33:53.0474 2364 spldr - ok
22:33:53.0505 2364 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:33:53.0536 2364 Spooler - ok
22:33:53.0598 2364 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:33:53.0676 2364 sppsvc - ok
22:33:53.0692 2364 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:33:53.0723 2364 sppuinotify - ok
22:33:53.0754 2364 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
22:33:53.0770 2364 SQLAgent$SQLEXPRESS - ok
22:33:53.0817 2364 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:33:53.0832 2364 SQLBrowser - ok
22:33:53.0848 2364 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:33:53.0864 2364 SQLWriter - ok
22:33:53.0879 2364 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:33:53.0926 2364 srv - ok
22:33:53.0942 2364 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:33:53.0973 2364 srv2 - ok
22:33:53.0988 2364 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:33:54.0004 2364 srvnet - ok
22:33:54.0020 2364 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:33:54.0051 2364 ssadbus - ok
22:33:54.0066 2364 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:33:54.0082 2364 ssadmdfl - ok
22:33:54.0098 2364 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:33:54.0129 2364 ssadmdm - ok
22:33:54.0144 2364 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:33:54.0176 2364 SSDPSRV - ok
22:33:54.0191 2364 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:33:54.0222 2364 SstpSvc - ok
22:33:54.0238 2364 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:33:54.0238 2364 stexstor - ok
22:33:54.0269 2364 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:33:54.0300 2364 stisvc - ok
22:33:54.0316 2364 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:33:54.0316 2364 storflt - ok
22:33:54.0347 2364 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
22:33:54.0378 2364 StorSvc - ok
22:33:54.0394 2364 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:33:54.0410 2364 storvsc - ok
22:33:54.0425 2364 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:33:54.0441 2364 swenum - ok
22:33:54.0456 2364 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:33:54.0503 2364 swprv - ok
22:33:54.0534 2364 [ 512231BA47975F3F1A67B11F271BB49D ] SynasUSB C:\Windows\system32\drivers\SynUSB64.sys
22:33:54.0550 2364 SynasUSB - ok
22:33:54.0581 2364 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:33:54.0612 2364 SysMain - ok
22:33:54.0644 2364 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:33:54.0659 2364 TabletInputService - ok
22:33:54.0675 2364 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:33:54.0706 2364 TapiSrv - ok
22:33:54.0722 2364 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:33:54.0753 2364 TBS - ok
22:33:54.0815 2364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:33:54.0878 2364 Tcpip - ok
22:33:54.0909 2364 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:33:54.0940 2364 TCPIP6 - ok
22:33:54.0956 2364 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:33:54.0956 2364 tcpipreg - ok
22:33:54.0971 2364 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:33:55.0002 2364 TDPIPE - ok
22:33:55.0018 2364 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:33:55.0049 2364 TDTCP - ok
22:33:55.0065 2364 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:33:55.0112 2364 tdx - ok
22:33:55.0127 2364 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:33:55.0143 2364 TermDD - ok
22:33:55.0158 2364 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:33:55.0205 2364 TermService - ok
22:33:55.0221 2364 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:33:55.0236 2364 Themes - ok
22:33:55.0236 2364 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:33:55.0268 2364 THREADORDER - ok
22:33:55.0283 2364 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:33:55.0314 2364 TrkWks - ok
22:33:55.0346 2364 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:33:55.0377 2364 TrustedInstaller - ok
22:33:55.0392 2364 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:33:55.0424 2364 tssecsrv - ok
22:33:55.0455 2364 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:33:55.0486 2364 TsUsbFlt - ok
22:33:55.0486 2364 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:33:55.0502 2364 TsUsbGD - ok
22:33:55.0517 2364 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:33:55.0548 2364 tunnel - ok
22:33:55.0564 2364 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:33:55.0580 2364 uagp35 - ok
22:33:55.0595 2364 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:33:55.0626 2364 udfs - ok
22:33:55.0658 2364 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:33:55.0673 2364 UI0Detect - ok
22:33:55.0704 2364 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:33:55.0720 2364 uliagpkx - ok
22:33:55.0751 2364 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:33:55.0782 2364 umbus - ok
22:33:55.0782 2364 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:33:55.0814 2364 UmPass - ok
22:33:55.0845 2364 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:33:55.0876 2364 UmRdpService - ok
22:33:55.0907 2364 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:33:55.0970 2364 upnphost - ok
22:33:56.0016 2364 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:33:56.0032 2364 usbaudio - ok
22:33:56.0063 2364 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:33:56.0094 2364 usbccgp - ok
22:33:56.0126 2364 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:33:56.0157 2364 usbcir - ok
22:33:56.0188 2364 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:33:56.0204 2364 usbehci - ok
22:33:56.0219 2364 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:33:56.0266 2364 usbhub - ok
22:33:56.0266 2364 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:33:56.0297 2364 usbohci - ok
22:33:56.0313 2364 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:33:56.0344 2364 usbprint - ok
22:33:56.0360 2364 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:33:56.0406 2364 USBSTOR - ok
22:33:56.0438 2364 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:33:56.0469 2364 usbuhci - ok
22:33:56.0484 2364 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:33:56.0547 2364 UxSms - ok
22:33:56.0562 2364 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:33:56.0578 2364 VaultSvc - ok
22:33:56.0609 2364 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:33:56.0625 2364 vdrvroot - ok
22:33:56.0656 2364 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:33:56.0718 2364 vds - ok
22:33:56.0750 2364 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:33:56.0765 2364 vga - ok
22:33:56.0765 2364 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:33:56.0812 2364 VgaSave - ok
22:33:56.0828 2364 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:33:56.0859 2364 vhdmp - ok
22:33:56.0874 2364 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:33:56.0890 2364 viaide - ok
22:33:56.0906 2364 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:33:56.0921 2364 vmbus - ok
22:33:56.0921 2364 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:33:56.0952 2364 VMBusHID - ok
22:33:56.0968 2364 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:33:56.0984 2364 volmgr - ok
22:33:57.0015 2364 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:33:57.0030 2364 volmgrx - ok
22:33:57.0046 2364 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:33:57.0062 2364 volsnap - ok
22:33:57.0093 2364 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:33:57.0108 2364 vsmraid - ok
22:33:57.0140 2364 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:33:57.0202 2364 VSS - ok
22:33:57.0218 2364 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:33:57.0233 2364 vwifibus - ok
22:33:57.0249 2364 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:33:57.0296 2364 vwififlt - ok
22:33:57.0311 2364 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:33:57.0358 2364 W32Time - ok
22:33:57.0374 2364 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:33:57.0389 2364 WacomPen - ok
22:33:57.0436 2364 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:33:57.0483 2364 WANARP - ok
22:33:57.0483 2364 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:33:57.0514 2364 Wanarpv6 - ok
22:33:57.0530 2364 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:33:57.0592 2364 wbengine - ok
22:33:57.0608 2364 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:33:57.0623 2364 WbioSrvc - ok
22:33:57.0623 2364 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:33:57.0654 2364 wcncsvc - ok
22:33:57.0686 2364 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:33:57.0732 2364 WcsPlugInService - ok
22:33:57.0748 2364 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:33:57.0764 2364 Wd - ok
22:33:57.0810 2364 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:33:57.0857 2364 Wdf01000 - ok
22:33:57.0873 2364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:33:57.0951 2364 WdiServiceHost - ok
22:33:57.0951 2364 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:33:57.0982 2364 WdiSystemHost - ok
22:33:57.0998 2364 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:33:58.0029 2364 WebClient - ok
22:33:58.0044 2364 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:33:58.0091 2364 Wecsvc - ok
22:33:58.0107 2364 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:33:58.0122 2364 wercplsupport - ok
22:33:58.0154 2364 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:33:58.0169 2364 WerSvc - ok
22:33:58.0200 2364 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:33:58.0232 2364 WfpLwf - ok
22:33:58.0232 2364 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:33:58.0247 2364 WIMMount - ok
22:33:58.0247 2364 WinDefend - ok
22:33:58.0294 2364 [ 7922583C802203A54CDD47D9ECF028F2 ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys
22:33:58.0341 2364 WinDriver6 - ok
22:33:58.0341 2364 WinHttpAutoProxySvc - ok
22:33:58.0388 2364 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:33:58.0434 2364 Winmgmt - ok
22:33:58.0466 2364 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:33:58.0528 2364 WinRM - ok
22:33:58.0559 2364 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:33:58.0606 2364 WinUsb - ok
22:33:58.0637 2364 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:33:58.0668 2364 Wlansvc - ok
22:33:58.0684 2364 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:33:58.0700 2364 WmiAcpi - ok
22:33:58.0731 2364 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:33:58.0762 2364 wmiApSrv - ok
22:33:58.0778 2364 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:33:58.0824 2364 WPCSvc - ok
22:33:58.0824 2364 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:33:58.0871 2364 WPDBusEnum - ok
22:33:58.0871 2364 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:33:58.0918 2364 ws2ifsl - ok
22:33:58.0918 2364 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:33:58.0949 2364 wscsvc - ok
22:33:58.0949 2364 WSearch - ok
22:33:58.0996 2364 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:33:59.0043 2364 wuauserv - ok
22:33:59.0074 2364 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:33:59.0105 2364 WudfPf - ok
22:33:59.0136 2364 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:33:59.0168 2364 WUDFRd - ok
22:33:59.0199 2364 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:33:59.0230 2364 wudfsvc - ok
22:33:59.0246 2364 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:33:59.0277 2364 WwanSvc - ok
22:33:59.0292 2364 ================ Scan global ===============================
22:33:59.0308 2364 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:33:59.0339 2364 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:33:59.0355 2364 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:33:59.0386 2364 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:33:59.0402 2364 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:33:59.0417 2364 [Global] - ok
22:33:59.0417 2364 ================ Scan MBR ==================================
22:33:59.0417 2364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:33:59.0698 2364 \Device\Harddisk0\DR0 - ok
22:33:59.0714 2364 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:33:59.0776 2364 \Device\Harddisk1\DR1 - ok
22:33:59.0776 2364 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk2\DR2
22:34:00.0260 2364 \Device\Harddisk2\DR2 - ok
22:34:00.0260 2364 ================ Scan VBR ==================================
22:34:00.0275 2364 [ B14E7BC7E21E23FAC8BA20D0CA7489E8 ] \Device\Harddisk0\DR0\Partition1
22:34:00.0275 2364 \Device\Harddisk0\DR0\Partition1 - ok
22:34:00.0275 2364 [ C7A759F77BD6E0062D9F1EB08EED450B ] \Device\Harddisk0\DR0\Partition2
22:34:00.0275 2364 \Device\Harddisk0\DR0\Partition2 - ok
22:34:00.0306 2364 [ E2EC6249F7402225D0D8EFFD4F4A05A4 ] \Device\Harddisk0\DR0\Partition3
22:34:00.0306 2364 \Device\Harddisk0\DR0\Partition3 - ok
22:34:00.0306 2364 [ 9A7B1FCCFC70257B19FEE0DB8F716B2F ] \Device\Harddisk1\DR1\Partition1
22:34:00.0322 2364 \Device\Harddisk1\DR1\Partition1 - ok
22:34:00.0322 2364 [ 932B5DC74B315990ACCB28A21BD1C1AF ] \Device\Harddisk2\DR2\Partition1
22:34:00.0322 2364 \Device\Harddisk2\DR2\Partition1 - ok
22:34:00.0322 2364 ============================================================
22:34:00.0322 2364 Scan finished
22:34:00.0322 2364 ============================================================
22:34:00.0322 3620 Detected object count: 1
22:34:00.0322 3620 Actual detected object count: 1
22:34:27.0404 3620 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
22:34:27.0404 3620 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:35:00.0912 3764 Deinitialize success
Geändert von Oddgit (28.01.2013 um 22:55 Uhr) |
|
28.01.2013, 22:55
| #5 |
| | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Sorry für den Doppelpost. Habe "Controller Editor" von Native Instruments deinstalliert (habe ich kommerziell erworben und bereits vor längerer Zeit installiert), jetzt hat der TDSSKiller nix mehr gefunden: Code:
ATTFilter 22:49:26.0936 3524 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:49:27.0171 3524 ============================================================
22:49:27.0171 3524 Current date / time: 2013/01/28 22:49:27.0171
22:49:27.0171 3524 SystemInfo:
22:49:27.0171 3524
22:49:27.0171 3524 OS Version: 6.1.7601 ServicePack: 1.0
22:49:27.0171 3524 Product type: Workstation
22:49:27.0171 3524 ComputerName: ***-PC
22:49:27.0171 3524 UserName: ***
22:49:27.0171 3524 Windows directory: C:\Windows
22:49:27.0171 3524 System windows directory: C:\Windows
22:49:27.0171 3524 Running under WOW64
22:49:27.0171 3524 Processor architecture: Intel x64
22:49:27.0171 3524 Number of processors: 4
22:49:27.0171 3524 Page size: 0x1000
22:49:27.0171 3524 Boot type: Normal boot
22:49:27.0171 3524 ============================================================
22:49:29.0366 3524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:49:29.0366 3524 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:49:29.0368 3524 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:49:29.0370 3524 ============================================================
22:49:29.0370 3524 \Device\Harddisk0\DR0:
22:49:29.0370 3524 MBR partitions:
22:49:29.0370 3524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
22:49:29.0370 3524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x2784D000
22:49:29.0370 3524 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27AA5800, BlocksNum 0x128DF800
22:49:29.0370 3524 \Device\Harddisk1\DR1:
22:49:29.0370 3524 MBR partitions:
22:49:29.0370 3524 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
22:49:29.0370 3524 \Device\Harddisk2\DR2:
22:49:29.0371 3524 MBR partitions:
22:49:29.0371 3524 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
22:49:29.0371 3524 ============================================================
22:49:29.0383 3524 C: <-> \Device\Harddisk0\DR0\Partition2
22:49:29.0423 3524 D: <-> \Device\Harddisk0\DR0\Partition3
22:49:29.0424 3524 H: <-> \Device\Harddisk2\DR2\Partition1
22:49:29.0436 3524 F: <-> \Device\Harddisk1\DR1\Partition1
22:49:29.0436 3524 ============================================================
22:49:29.0436 3524 Initialize success
22:49:29.0436 3524 ============================================================
22:49:33.0987 3600 ============================================================
22:49:33.0987 3600 Scan started
22:49:33.0987 3600 Mode: Manual; SigCheck; TDLFS;
22:49:33.0987 3600 ============================================================
22:49:34.0897 3600 ================ Scan system memory ========================
22:49:34.0897 3600 System memory - ok
22:49:34.0898 3600 ================ Scan services =============================
22:49:35.0013 3600 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:49:40.0110 3600 1394ohci - ok
22:49:40.0130 3600 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:49:40.0189 3600 ACPI - ok
22:49:40.0236 3600 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:49:40.0484 3600 AcpiPmi - ok
22:49:40.0699 3600 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:49:40.0709 3600 AdobeARMservice - ok
22:49:40.0845 3600 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:49:40.0916 3600 adp94xx - ok
22:49:41.0003 3600 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:49:41.0052 3600 adpahci - ok
22:49:41.0108 3600 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:49:41.0130 3600 adpu320 - ok
22:49:41.0183 3600 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:49:41.0681 3600 AeLookupSvc - ok
22:49:41.0765 3600 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:49:41.0918 3600 AFD - ok
22:49:41.0962 3600 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:49:41.0985 3600 agp440 - ok
22:49:42.0069 3600 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:49:42.0144 3600 ALG - ok
22:49:42.0198 3600 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:49:42.0269 3600 aliide - ok
22:49:42.0297 3600 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:49:42.0326 3600 amdide - ok
22:49:42.0400 3600 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:49:42.0498 3600 AmdK8 - ok
22:49:42.0524 3600 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:49:42.0588 3600 AmdPPM - ok
22:49:42.0634 3600 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:49:42.0697 3600 amdsata - ok
22:49:42.0757 3600 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:49:42.0801 3600 amdsbs - ok
22:49:42.0857 3600 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:49:42.0923 3600 amdxata - ok
22:49:42.0983 3600 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:49:43.0131 3600 androidusb - ok
22:49:43.0309 3600 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:49:43.0400 3600 AntiVirSchedulerService - ok
22:49:43.0442 3600 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:49:43.0484 3600 AntiVirService - ok
22:49:43.0543 3600 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:49:44.0362 3600 AppID - ok
22:49:44.0406 3600 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:49:44.0506 3600 AppIDSvc - ok
22:49:44.0797 3600 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:49:45.0216 3600 Appinfo - ok
22:49:45.0414 3600 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:49:45.0494 3600 AppMgmt - ok
22:49:45.0536 3600 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:49:45.0558 3600 arc - ok
22:49:45.0570 3600 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:49:45.0581 3600 arcsas - ok
22:49:45.0740 3600 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:49:45.0788 3600 aspnet_state - ok
22:49:45.0819 3600 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:49:45.0863 3600 AsyncMac - ok
22:49:45.0876 3600 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:49:45.0883 3600 atapi - ok
22:49:45.0922 3600 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:49:45.0969 3600 athr - ok
22:49:46.0005 3600 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:49:46.0061 3600 AudioEndpointBuilder - ok
22:49:46.0069 3600 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:49:46.0095 3600 AudioSrv - ok
22:49:46.0137 3600 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:49:46.0147 3600 avgntflt - ok
22:49:46.0171 3600 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:49:46.0182 3600 avipbb - ok
22:49:46.0206 3600 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:49:46.0215 3600 avkmgr - ok
22:49:46.0252 3600 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:49:46.0305 3600 AxInstSV - ok
22:49:46.0330 3600 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:49:46.0363 3600 b06bdrv - ok
22:49:46.0387 3600 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:49:46.0413 3600 b57nd60a - ok
22:49:46.0461 3600 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:49:46.0488 3600 BDESVC - ok
22:49:46.0510 3600 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:49:46.0544 3600 Beep - ok
22:49:46.0586 3600 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:49:46.0630 3600 BFE - ok
22:49:46.0662 3600 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:49:46.0726 3600 BITS - ok
22:49:46.0750 3600 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:49:46.0767 3600 blbdrive - ok
22:49:46.0789 3600 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:49:46.0813 3600 bowser - ok
22:49:46.0833 3600 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:49:46.0854 3600 BrFiltLo - ok
22:49:46.0874 3600 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:49:46.0886 3600 BrFiltUp - ok
22:49:46.0919 3600 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:49:46.0940 3600 Browser - ok
22:49:46.0957 3600 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:49:47.0000 3600 Brserid - ok
22:49:47.0022 3600 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:49:47.0041 3600 BrSerWdm - ok
22:49:47.0047 3600 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:49:47.0078 3600 BrUsbMdm - ok
22:49:47.0098 3600 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:49:47.0121 3600 BrUsbSer - ok
22:49:47.0130 3600 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:49:47.0153 3600 BTHMODEM - ok
22:49:47.0180 3600 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:49:47.0208 3600 bthserv - ok
22:49:47.0236 3600 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:49:47.0280 3600 cdfs - ok
22:49:47.0305 3600 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:49:47.0318 3600 cdrom - ok
22:49:47.0345 3600 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:49:47.0380 3600 CertPropSvc - ok
22:49:47.0400 3600 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:49:47.0424 3600 circlass - ok
22:49:47.0453 3600 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:49:47.0469 3600 CLFS - ok
22:49:47.0527 3600 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:49:47.0544 3600 clr_optimization_v2.0.50727_32 - ok
22:49:47.0590 3600 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:49:47.0603 3600 clr_optimization_v2.0.50727_64 - ok
22:49:47.0685 3600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:49:47.0991 3600 clr_optimization_v4.0.30319_32 - ok
22:49:48.0009 3600 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:49:48.0072 3600 clr_optimization_v4.0.30319_64 - ok
22:49:48.0110 3600 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:49:48.0128 3600 CmBatt - ok
22:49:48.0152 3600 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:49:48.0164 3600 cmdide - ok
22:49:48.0217 3600 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:49:48.0304 3600 CNG - ok
22:49:48.0352 3600 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:49:48.0372 3600 Compbatt - ok
22:49:48.0455 3600 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:49:48.0497 3600 CompositeBus - ok
22:49:48.0506 3600 COMSysApp - ok
22:49:48.0581 3600 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:49:48.0612 3600 crcdisk - ok
22:49:48.0704 3600 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:49:48.0787 3600 CryptSvc - ok
22:49:48.0835 3600 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:49:48.0958 3600 CSC - ok
22:49:49.0030 3600 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:49:49.0188 3600 CscService - ok
22:49:49.0318 3600 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:49:49.0385 3600 DcomLaunch - ok
22:49:49.0441 3600 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:49:49.0626 3600 defragsvc - ok
22:49:49.0683 3600 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:49:49.0815 3600 DfsC - ok
22:49:49.0883 3600 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:49:50.0019 3600 Dhcp - ok
22:49:50.0040 3600 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:49:50.0082 3600 discache - ok
22:49:50.0117 3600 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:49:50.0128 3600 Disk - ok
22:49:50.0156 3600 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:49:50.0186 3600 dmvsc - ok
22:49:50.0211 3600 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:49:50.0246 3600 Dnscache - ok
22:49:50.0267 3600 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:49:50.0320 3600 dot3svc - ok
22:49:50.0334 3600 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:49:50.0375 3600 DPS - ok
22:49:50.0399 3600 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:49:50.0420 3600 drmkaud - ok
22:49:50.0454 3600 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:49:50.0474 3600 DXGKrnl - ok
22:49:50.0504 3600 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:49:50.0544 3600 EapHost - ok
22:49:50.0608 3600 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:49:50.0711 3600 ebdrv - ok
22:49:50.0744 3600 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:49:50.0777 3600 EFS - ok
22:49:50.0807 3600 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:49:50.0826 3600 elxstor - ok
22:49:50.0833 3600 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:49:50.0852 3600 ErrDev - ok
22:49:50.0881 3600 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:49:50.0922 3600 EventSystem - ok
22:49:50.0944 3600 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:49:50.0979 3600 exfat - ok
22:49:51.0004 3600 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:49:51.0041 3600 fastfat - ok
22:49:51.0050 3600 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:49:51.0074 3600 fdc - ok
22:49:51.0103 3600 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:49:51.0129 3600 fdPHost - ok
22:49:51.0134 3600 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:49:51.0167 3600 FDResPub - ok
22:49:51.0193 3600 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:49:51.0203 3600 FileInfo - ok
22:49:51.0212 3600 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:49:51.0245 3600 Filetrace - ok
22:49:51.0255 3600 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:49:51.0266 3600 flpydisk - ok
22:49:51.0276 3600 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:49:51.0292 3600 FltMgr - ok
22:49:51.0325 3600 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:49:51.0358 3600 FontCache - ok
22:49:51.0408 3600 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:49:51.0422 3600 FontCache3.0.0.0 - ok
22:49:51.0431 3600 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:49:51.0442 3600 FsDepends - ok
22:49:51.0465 3600 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:49:51.0474 3600 Fs_Rec - ok
22:49:51.0499 3600 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:49:51.0521 3600 fvevol - ok
22:49:51.0539 3600 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:49:51.0549 3600 gagp30kx - ok
22:49:51.0583 3600 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:49:51.0622 3600 gpsvc - ok
22:49:51.0635 3600 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:49:51.0657 3600 hcw85cir - ok
22:49:51.0681 3600 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:49:51.0706 3600 HdAudAddService - ok
22:49:51.0728 3600 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:49:51.0753 3600 HDAudBus - ok
22:49:51.0769 3600 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:49:51.0786 3600 HidBatt - ok
22:49:51.0798 3600 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:49:51.0819 3600 HidBth - ok
22:49:51.0839 3600 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:49:51.0852 3600 HidIr - ok
22:49:51.0874 3600 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:49:51.0910 3600 hidserv - ok
22:49:51.0954 3600 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:49:51.0965 3600 HidUsb - ok
22:49:51.0989 3600 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:49:52.0029 3600 hkmsvc - ok
22:49:52.0052 3600 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:49:52.0082 3600 HomeGroupListener - ok
22:49:52.0110 3600 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:49:52.0136 3600 HomeGroupProvider - ok
22:49:52.0156 3600 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:49:52.0167 3600 HpSAMD - ok
22:49:52.0188 3600 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:49:52.0236 3600 HTTP - ok
22:49:52.0245 3600 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:49:52.0254 3600 hwpolicy - ok
22:49:52.0277 3600 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:49:52.0291 3600 i8042prt - ok
22:49:52.0320 3600 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:49:52.0338 3600 iaStorV - ok
22:49:52.0372 3600 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:49:52.0405 3600 idsvc - ok
22:49:52.0617 3600 [ 78527E6A4D78B1153925914C55872BEB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:49:52.0836 3600 igfx - ok
22:49:52.0866 3600 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:49:52.0876 3600 iirsp - ok
22:49:52.0904 3600 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:49:52.0959 3600 IKEEXT - ok
22:49:53.0012 3600 [ 895C6DD2A3CAB8C2BAEDB201DD1A7D40 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:49:53.0048 3600 IntcAzAudAddService - ok
22:49:53.0065 3600 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:49:53.0075 3600 intelide - ok
22:49:53.0119 3600 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:49:53.0166 3600 intelppm - ok
22:49:53.0193 3600 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:49:53.0256 3600 IPBusEnum - ok
22:49:53.0270 3600 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:49:53.0313 3600 IpFilterDriver - ok
22:49:53.0358 3600 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:49:53.0399 3600 iphlpsvc - ok
22:49:53.0414 3600 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:49:53.0439 3600 IPMIDRV - ok
22:49:53.0453 3600 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:49:53.0493 3600 IPNAT - ok
22:49:53.0512 3600 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:49:53.0531 3600 IRENUM - ok
22:49:53.0554 3600 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:49:53.0564 3600 isapnp - ok
22:49:53.0585 3600 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:49:53.0600 3600 iScsiPrt - ok
22:49:53.0632 3600 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:49:53.0642 3600 kbdclass - ok
22:49:53.0656 3600 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:49:53.0674 3600 kbdhid - ok
22:49:53.0694 3600 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:49:53.0702 3600 KeyIso - ok
22:49:53.0719 3600 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:49:53.0743 3600 KSecDD - ok
22:49:53.0758 3600 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:49:53.0770 3600 KSecPkg - ok
22:49:53.0804 3600 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:49:53.0838 3600 ksthunk - ok
22:49:53.0852 3600 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:49:53.0894 3600 KtmRm - ok
22:49:53.0920 3600 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:49:53.0963 3600 LanmanServer - ok
22:49:53.0973 3600 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:49:54.0009 3600 LanmanWorkstation - ok
22:49:54.0032 3600 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:49:54.0068 3600 lltdio - ok
22:49:54.0087 3600 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:49:54.0142 3600 lltdsvc - ok
22:49:54.0158 3600 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:49:54.0194 3600 lmhosts - ok
22:49:54.0226 3600 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:49:54.0238 3600 LSI_FC - ok
22:49:54.0244 3600 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:49:54.0255 3600 LSI_SAS - ok
22:49:54.0263 3600 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:49:54.0274 3600 LSI_SAS2 - ok
22:49:54.0287 3600 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:49:54.0298 3600 LSI_SCSI - ok
22:49:54.0329 3600 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:49:54.0367 3600 luafv - ok
22:49:54.0380 3600 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:49:54.0401 3600 megasas - ok
22:49:54.0435 3600 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:49:54.0450 3600 MegaSR - ok
22:49:54.0480 3600 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:49:54.0488 3600 MEIx64 - ok
22:49:54.0521 3600 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:49:54.0558 3600 MMCSS - ok
22:49:54.0565 3600 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:49:54.0603 3600 Modem - ok
22:49:54.0623 3600 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:49:54.0643 3600 monitor - ok
22:49:54.0678 3600 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:49:54.0688 3600 mouclass - ok
22:49:54.0703 3600 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:49:54.0722 3600 mouhid - ok
22:49:54.0741 3600 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:49:54.0752 3600 mountmgr - ok
22:49:54.0777 3600 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:49:54.0790 3600 MozillaMaintenance - ok
22:49:54.0811 3600 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:49:54.0825 3600 mpio - ok
22:49:54.0834 3600 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:49:54.0860 3600 mpsdrv - ok
22:49:54.0900 3600 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:49:54.0939 3600 MpsSvc - ok
22:49:54.0956 3600 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:49:55.0001 3600 MRxDAV - ok
22:49:55.0017 3600 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:49:55.0055 3600 mrxsmb - ok
22:49:55.0074 3600 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:49:55.0089 3600 mrxsmb10 - ok
22:49:55.0097 3600 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:49:55.0109 3600 mrxsmb20 - ok
22:49:55.0128 3600 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:49:55.0137 3600 msahci - ok
22:49:55.0145 3600 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:49:55.0169 3600 msdsm - ok
22:49:55.0180 3600 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:49:55.0204 3600 MSDTC - ok
22:49:55.0227 3600 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:49:55.0263 3600 Msfs - ok
22:49:55.0295 3600 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:49:55.0331 3600 mshidkmdf - ok
22:49:55.0344 3600 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:49:55.0353 3600 msisadrv - ok
22:49:55.0371 3600 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:49:55.0408 3600 MSiSCSI - ok
22:49:55.0410 3600 msiserver - ok
22:49:55.0429 3600 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:49:55.0470 3600 MSKSSRV - ok
22:49:55.0489 3600 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:49:55.0525 3600 MSPCLOCK - ok
22:49:55.0527 3600 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:49:55.0557 3600 MSPQM - ok
22:49:55.0574 3600 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:49:55.0590 3600 MsRPC - ok
22:49:55.0602 3600 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:49:55.0611 3600 mssmbios - ok
22:49:55.0709 3600 MSSQL$SQLEXPRESS - ok
22:49:55.0792 3600 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:49:55.0813 3600 MSSQLServerADHelper100 - ok
22:49:55.0841 3600 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:49:55.0878 3600 MSTEE - ok
22:49:55.0885 3600 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:49:55.0896 3600 MTConfig - ok
22:49:55.0902 3600 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:49:55.0912 3600 Mup - ok
22:49:55.0939 3600 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:49:55.0988 3600 napagent - ok
22:49:56.0016 3600 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:49:56.0044 3600 NativeWifiP - ok
22:49:56.0083 3600 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:49:56.0114 3600 NDIS - ok
22:49:56.0133 3600 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:49:56.0167 3600 NdisCap - ok
22:49:56.0200 3600 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:49:56.0226 3600 NdisTapi - ok
22:49:56.0238 3600 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:49:56.0272 3600 Ndisuio - ok
22:49:56.0282 3600 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:49:56.0330 3600 NdisWan - ok
22:49:56.0343 3600 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:49:56.0368 3600 NDProxy - ok
22:49:56.0396 3600 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:49:56.0434 3600 NetBIOS - ok
22:49:56.0446 3600 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:49:56.0482 3600 NetBT - ok
22:49:56.0502 3600 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:49:56.0510 3600 Netlogon - ok
22:49:56.0532 3600 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:49:56.0579 3600 Netman - ok
22:49:56.0613 3600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:56.0656 3600 NetMsmqActivator - ok
22:49:56.0659 3600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:56.0665 3600 NetPipeActivator - ok
22:49:56.0690 3600 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:49:56.0730 3600 netprofm - ok
22:49:56.0738 3600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:56.0745 3600 NetTcpActivator - ok
22:49:56.0754 3600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:56.0761 3600 NetTcpPortSharing - ok
22:49:56.0788 3600 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:49:56.0799 3600 nfrd960 - ok
22:49:56.0857 3600 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:49:56.0885 3600 NlaSvc - ok
22:49:56.0894 3600 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:49:56.0920 3600 Npfs - ok
22:49:56.0935 3600 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:49:56.0971 3600 nsi - ok
22:49:56.0985 3600 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:49:57.0019 3600 nsiproxy - ok
22:49:57.0077 3600 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:49:57.0122 3600 Ntfs - ok
22:49:57.0143 3600 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:49:57.0175 3600 Null - ok
22:49:57.0195 3600 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:49:57.0206 3600 nvraid - ok
22:49:57.0226 3600 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:49:57.0238 3600 nvstor - ok
22:49:57.0259 3600 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:49:57.0270 3600 nv_agp - ok
22:49:57.0282 3600 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:49:57.0303 3600 ohci1394 - ok
22:49:57.0325 3600 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:49:57.0359 3600 p2pimsvc - ok
22:49:57.0371 3600 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:49:57.0389 3600 p2psvc - ok
22:49:57.0410 3600 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:49:57.0444 3600 Parport - ok
22:49:57.0467 3600 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:49:57.0489 3600 partmgr - ok
22:49:57.0517 3600 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:49:57.0544 3600 PcaSvc - ok
22:49:57.0561 3600 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:49:57.0575 3600 pci - ok
22:49:57.0585 3600 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:49:57.0593 3600 pciide - ok
22:49:57.0600 3600 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:49:57.0614 3600 pcmcia - ok
22:49:57.0622 3600 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:49:57.0632 3600 pcw - ok
22:49:57.0669 3600 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:49:57.0711 3600 PEAUTH - ok
22:49:57.0743 3600 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:49:57.0791 3600 PeerDistSvc - ok
22:49:57.0861 3600 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:49:57.0878 3600 PerfHost - ok
22:49:57.0912 3600 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:49:57.0968 3600 pla - ok
22:49:58.0009 3600 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:49:58.0044 3600 PlugPlay - ok
22:49:58.0065 3600 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:49:58.0082 3600 PNRPAutoReg - ok
22:49:58.0092 3600 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:49:58.0102 3600 PNRPsvc - ok
22:49:58.0124 3600 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:49:58.0192 3600 PolicyAgent - ok
22:49:58.0219 3600 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:49:58.0278 3600 Power - ok
22:49:58.0311 3600 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:49:58.0347 3600 PptpMiniport - ok
22:49:58.0359 3600 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:49:58.0383 3600 Processor - ok
22:49:58.0401 3600 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:49:58.0437 3600 ProfSvc - ok
22:49:58.0451 3600 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:49:58.0460 3600 ProtectedStorage - ok
22:49:58.0475 3600 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:49:58.0513 3600 Psched - ok
22:49:58.0559 3600 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:49:58.0593 3600 ql2300 - ok
22:49:58.0607 3600 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:49:58.0619 3600 ql40xx - ok
22:49:58.0643 3600 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:49:58.0670 3600 QWAVE - ok
22:49:58.0685 3600 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:49:58.0712 3600 QWAVEdrv - ok
22:49:58.0733 3600 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:49:58.0767 3600 RasAcd - ok
22:49:58.0783 3600 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:49:58.0810 3600 RasAgileVpn - ok
22:49:58.0856 3600 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:49:58.0888 3600 RasAuto - ok
22:49:58.0911 3600 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:49:58.0953 3600 Rasl2tp - ok
22:49:58.0973 3600 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:49:59.0049 3600 RasMan - ok
22:49:59.0078 3600 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:49:59.0110 3600 RasPppoe - ok
22:49:59.0127 3600 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:49:59.0165 3600 RasSstp - ok
22:49:59.0175 3600 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:49:59.0215 3600 rdbss - ok
22:49:59.0229 3600 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:49:59.0242 3600 rdpbus - ok
22:49:59.0258 3600 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:49:59.0282 3600 RDPCDD - ok
22:49:59.0314 3600 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:49:59.0337 3600 RDPDR - ok
22:49:59.0349 3600 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:49:59.0386 3600 RDPENCDD - ok
22:49:59.0409 3600 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:49:59.0433 3600 RDPREFMP - ok
22:49:59.0452 3600 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:49:59.0497 3600 RDPWD - ok
22:49:59.0531 3600 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:49:59.0545 3600 rdyboost - ok
22:49:59.0571 3600 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:49:59.0620 3600 RemoteAccess - ok
22:49:59.0640 3600 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:49:59.0683 3600 RemoteRegistry - ok
22:49:59.0694 3600 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:49:59.0734 3600 RpcEptMapper - ok
22:49:59.0747 3600 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:49:59.0787 3600 RpcLocator - ok
22:49:59.0801 3600 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:49:59.0827 3600 RpcSs - ok
22:49:59.0869 3600 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
22:49:59.0894 3600 RsFx0103 - ok
22:49:59.0924 3600 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:49:59.0951 3600 rspndr - ok
22:49:59.0988 3600 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:49:59.0999 3600 RSUSBSTOR - ok
22:50:00.0020 3600 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:50:00.0032 3600 RTL8167 - ok
22:50:00.0067 3600 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:50:00.0082 3600 s3cap - ok
22:50:00.0094 3600 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:50:00.0102 3600 SamSs - ok
22:50:00.0117 3600 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:50:00.0128 3600 sbp2port - ok
22:50:00.0152 3600 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:50:00.0191 3600 SCardSvr - ok
22:50:00.0209 3600 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:50:00.0243 3600 scfilter - ok
22:50:00.0265 3600 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:50:00.0331 3600 Schedule - ok
22:50:00.0353 3600 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:50:00.0375 3600 SCPolicySvc - ok
22:50:00.0390 3600 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:50:00.0412 3600 SDRSVC - ok
22:50:00.0440 3600 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:50:00.0478 3600 secdrv - ok
22:50:00.0487 3600 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:50:00.0513 3600 seclogon - ok
22:50:00.0532 3600 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:50:00.0575 3600 SENS - ok
22:50:00.0589 3600 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:50:00.0612 3600 SensrSvc - ok
22:50:00.0638 3600 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:50:00.0658 3600 Serenum - ok
22:50:00.0669 3600 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:50:00.0689 3600 Serial - ok
22:50:00.0711 3600 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:50:00.0736 3600 sermouse - ok
22:50:00.0772 3600 [ 8CCE1DD878F6192553C71A3FC55ECDA9 ] sessavs C:\Windows\system32\Drivers\sessavs.sys
22:50:00.0784 3600 sessavs - ok
22:50:00.0819 3600 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:50:00.0870 3600 SessionEnv - ok
22:50:00.0903 3600 [ 32FEB5BB5F39ED5A8CA0254443A4EE40 ] sessusb_svc C:\Windows\system32\Drivers\sessusb.sys
22:50:00.0920 3600 sessusb_svc - ok
22:50:00.0928 3600 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:50:00.0961 3600 sffdisk - ok
22:50:00.0973 3600 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:50:01.0005 3600 sffp_mmc - ok
22:50:01.0018 3600 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:50:01.0048 3600 sffp_sd - ok
22:50:01.0061 3600 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:50:01.0091 3600 sfloppy - ok
22:50:01.0110 3600 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:50:01.0176 3600 SharedAccess - ok
22:50:01.0203 3600 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:50:01.0254 3600 ShellHWDetection - ok
22:50:01.0280 3600 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:50:01.0290 3600 SiSRaid2 - ok
22:50:01.0309 3600 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:50:01.0320 3600 SiSRaid4 - ok
22:50:01.0334 3600 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:50:01.0373 3600 Smb - ok
22:50:01.0407 3600 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:50:01.0426 3600 SNMPTRAP - ok
22:50:01.0447 3600 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:50:01.0457 3600 spldr - ok
22:50:01.0497 3600 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:50:01.0545 3600 Spooler - ok
22:50:01.0615 3600 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:50:01.0703 3600 sppsvc - ok
22:50:01.0724 3600 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:50:01.0752 3600 sppuinotify - ok
22:50:01.0792 3600 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
22:50:01.0821 3600 SQLAgent$SQLEXPRESS - ok
22:50:01.0877 3600 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:50:01.0903 3600 SQLBrowser - ok
22:50:01.0953 3600 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:50:01.0973 3600 SQLWriter - ok
22:50:02.0028 3600 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:50:02.0092 3600 srv - ok
22:50:02.0111 3600 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:50:02.0154 3600 srv2 - ok
22:50:02.0179 3600 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:50:02.0203 3600 srvnet - ok
22:50:02.0233 3600 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:50:02.0273 3600 ssadbus - ok
22:50:02.0289 3600 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:50:02.0307 3600 ssadmdfl - ok
22:50:02.0317 3600 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:50:02.0351 3600 ssadmdm - ok
22:50:02.0378 3600 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:50:02.0430 3600 SSDPSRV - ok
22:50:02.0447 3600 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:50:02.0473 3600 SstpSvc - ok
22:50:02.0494 3600 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:50:02.0504 3600 stexstor - ok
22:50:02.0528 3600 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:50:02.0563 3600 stisvc - ok
22:50:02.0578 3600 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:50:02.0588 3600 storflt - ok
22:50:02.0608 3600 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
22:50:02.0649 3600 StorSvc - ok
22:50:02.0662 3600 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:50:02.0687 3600 storvsc - ok
22:50:02.0702 3600 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:50:02.0718 3600 swenum - ok
22:50:02.0745 3600 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:50:02.0798 3600 swprv - ok
22:50:02.0842 3600 [ 512231BA47975F3F1A67B11F271BB49D ] SynasUSB C:\Windows\system32\drivers\SynUSB64.sys
22:50:02.0854 3600 SynasUSB - ok
22:50:02.0918 3600 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:50:02.0989 3600 SysMain - ok
22:50:03.0007 3600 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:03.0026 3600 TabletInputService - ok
22:50:03.0037 3600 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:50:03.0085 3600 TapiSrv - ok
22:50:03.0095 3600 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:50:03.0132 3600 TBS - ok
22:50:03.0208 3600 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:50:03.0279 3600 Tcpip - ok
22:50:03.0310 3600 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:50:03.0334 3600 TCPIP6 - ok
22:50:03.0365 3600 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:50:03.0387 3600 tcpipreg - ok
22:50:03.0410 3600 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:50:03.0438 3600 TDPIPE - ok
22:50:03.0455 3600 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:50:03.0482 3600 TDTCP - ok
22:50:03.0493 3600 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:50:03.0542 3600 tdx - ok
22:50:03.0554 3600 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:50:03.0563 3600 TermDD - ok
22:50:03.0587 3600 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:50:03.0656 3600 TermService - ok
22:50:03.0683 3600 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:50:03.0708 3600 Themes - ok
22:50:03.0721 3600 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:50:03.0747 3600 THREADORDER - ok
22:50:03.0766 3600 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:50:03.0825 3600 TrkWks - ok
22:50:03.0887 3600 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:03.0930 3600 TrustedInstaller - ok
22:50:03.0945 3600 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:03.0981 3600 tssecsrv - ok
22:50:04.0008 3600 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:50:04.0043 3600 TsUsbFlt - ok
22:50:04.0052 3600 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:50:04.0084 3600 TsUsbGD - ok
22:50:04.0113 3600 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:50:04.0164 3600 tunnel - ok
22:50:04.0179 3600 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:50:04.0190 3600 uagp35 - ok
22:50:04.0218 3600 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:50:04.0293 3600 udfs - ok
22:50:04.0318 3600 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:50:04.0355 3600 UI0Detect - ok
22:50:04.0393 3600 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:50:04.0417 3600 uliagpkx - ok
22:50:04.0467 3600 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:50:04.0502 3600 umbus - ok
22:50:04.0648 3600 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:50:04.0710 3600 UmPass - ok
22:50:05.0001 3600 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:50:05.0044 3600 UmRdpService - ok
22:50:05.0072 3600 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:50:05.0134 3600 upnphost - ok
22:50:05.0229 3600 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:50:05.0261 3600 usbaudio - ok
22:50:05.0283 3600 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:05.0313 3600 usbccgp - ok
22:50:05.0340 3600 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:50:05.0360 3600 usbcir - ok
22:50:05.0366 3600 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:50:05.0388 3600 usbehci - ok
22:50:05.0418 3600 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:50:05.0452 3600 usbhub - ok
22:50:05.0463 3600 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:50:05.0482 3600 usbohci - ok
22:50:05.0540 3600 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:50:05.0574 3600 usbprint - ok
22:50:05.0592 3600 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:50:05.0634 3600 USBSTOR - ok
22:50:05.0647 3600 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:50:05.0672 3600 usbuhci - ok
22:50:05.0695 3600 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:50:05.0747 3600 UxSms - ok
22:50:05.0785 3600 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:50:05.0798 3600 VaultSvc - ok
22:50:05.0833 3600 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:50:05.0850 3600 vdrvroot - ok
22:50:05.0874 3600 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:50:05.0920 3600 vds - ok
22:50:05.0930 3600 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:05.0943 3600 vga - ok
22:50:05.0953 3600 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:50:05.0983 3600 VgaSave - ok
22:50:05.0994 3600 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:50:06.0008 3600 vhdmp - ok
22:50:06.0025 3600 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:50:06.0034 3600 viaide - ok
22:50:06.0056 3600 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:50:06.0071 3600 vmbus - ok
22:50:06.0078 3600 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:50:06.0099 3600 VMBusHID - ok
22:50:06.0129 3600 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:50:06.0148 3600 volmgr - ok
22:50:06.0159 3600 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:50:06.0179 3600 volmgrx - ok
22:50:06.0190 3600 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:50:06.0208 3600 volsnap - ok
22:50:06.0230 3600 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:50:06.0249 3600 vsmraid - ok
22:50:06.0298 3600 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:50:06.0392 3600 VSS - ok
22:50:06.0405 3600 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:50:06.0463 3600 vwifibus - ok
22:50:06.0473 3600 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:50:06.0501 3600 vwififlt - ok
22:50:06.0535 3600 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:50:06.0584 3600 W32Time - ok
22:50:06.0592 3600 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:50:06.0612 3600 WacomPen - ok
22:50:06.0647 3600 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:50:06.0696 3600 WANARP - ok
22:50:06.0704 3600 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:50:06.0726 3600 Wanarpv6 - ok
22:50:06.0753 3600 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:50:06.0803 3600 wbengine - ok
22:50:06.0844 3600 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:50:06.0874 3600 WbioSrvc - ok
22:50:06.0898 3600 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:50:06.0945 3600 wcncsvc - ok
22:50:06.0971 3600 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:07.0062 3600 WcsPlugInService - ok
22:50:07.0084 3600 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:50:07.0102 3600 Wd - ok
22:50:07.0144 3600 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:50:07.0187 3600 Wdf01000 - ok
22:50:07.0212 3600 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:50:07.0279 3600 WdiServiceHost - ok
22:50:07.0283 3600 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:50:07.0297 3600 WdiSystemHost - ok
22:50:07.0313 3600 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:50:07.0341 3600 WebClient - ok
22:50:07.0358 3600 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:50:07.0414 3600 Wecsvc - ok
22:50:07.0424 3600 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:50:07.0462 3600 wercplsupport - ok
22:50:07.0489 3600 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:50:07.0533 3600 WerSvc - ok
22:50:07.0558 3600 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:07.0583 3600 WfpLwf - ok
22:50:07.0589 3600 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:50:07.0603 3600 WIMMount - ok
22:50:07.0616 3600 WinDefend - ok
22:50:07.0661 3600 [ 7922583C802203A54CDD47D9ECF028F2 ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys
22:50:07.0704 3600 WinDriver6 - ok
22:50:07.0707 3600 WinHttpAutoProxySvc - ok
22:50:07.0747 3600 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:50:07.0804 3600 Winmgmt - ok
22:50:07.0838 3600 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:50:07.0891 3600 WinRM - ok
22:50:07.0933 3600 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:50:07.0957 3600 WinUsb - ok
22:50:07.0990 3600 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:50:08.0040 3600 Wlansvc - ok
22:50:08.0058 3600 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:50:08.0083 3600 WmiAcpi - ok
22:50:08.0106 3600 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:50:08.0143 3600 wmiApSrv - ok
22:50:08.0158 3600 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:50:08.0186 3600 WPCSvc - ok
22:50:08.0196 3600 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:50:08.0234 3600 WPDBusEnum - ok
22:50:08.0243 3600 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:50:08.0282 3600 ws2ifsl - ok
22:50:08.0292 3600 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:50:08.0321 3600 wscsvc - ok
22:50:08.0322 3600 WSearch - ok
22:50:08.0392 3600 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:50:08.0468 3600 wuauserv - ok
22:50:08.0499 3600 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:50:08.0531 3600 WudfPf - ok
22:50:08.0557 3600 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:08.0587 3600 WUDFRd - ok
22:50:08.0617 3600 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:50:08.0656 3600 wudfsvc - ok
22:50:08.0684 3600 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:50:08.0713 3600 WwanSvc - ok
22:50:08.0728 3600 ================ Scan global ===============================
22:50:08.0746 3600 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:50:08.0785 3600 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:50:08.0811 3600 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:50:08.0833 3600 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:50:08.0852 3600 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:50:08.0864 3600 [Global] - ok
22:50:08.0865 3600 ================ Scan MBR ==================================
22:50:08.0872 3600 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:50:09.0278 3600 \Device\Harddisk0\DR0 - ok
22:50:09.0281 3600 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:50:09.0353 3600 \Device\Harddisk1\DR1 - ok
22:50:09.0357 3600 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk2\DR2
22:50:09.0850 3600 \Device\Harddisk2\DR2 - ok
22:50:09.0851 3600 ================ Scan VBR ==================================
22:50:09.0869 3600 [ B14E7BC7E21E23FAC8BA20D0CA7489E8 ] \Device\Harddisk0\DR0\Partition1
22:50:09.0871 3600 \Device\Harddisk0\DR0\Partition1 - ok
22:50:09.0889 3600 [ C7A759F77BD6E0062D9F1EB08EED450B ] \Device\Harddisk0\DR0\Partition2
22:50:09.0900 3600 \Device\Harddisk0\DR0\Partition2 - ok
22:50:09.0933 3600 [ E2EC6249F7402225D0D8EFFD4F4A05A4 ] \Device\Harddisk0\DR0\Partition3
22:50:09.0935 3600 \Device\Harddisk0\DR0\Partition3 - ok
22:50:09.0938 3600 [ 9A7B1FCCFC70257B19FEE0DB8F716B2F ] \Device\Harddisk1\DR1\Partition1
22:50:09.0940 3600 \Device\Harddisk1\DR1\Partition1 - ok
22:50:09.0943 3600 [ 932B5DC74B315990ACCB28A21BD1C1AF ] \Device\Harddisk2\DR2\Partition1
22:50:09.0944 3600 \Device\Harddisk2\DR2\Partition1 - ok
22:50:09.0944 3600 ============================================================
22:50:09.0944 3600 Scan finished
22:50:09.0944 3600 ============================================================
22:50:09.0958 3592 Detected object count: 0
22:50:09.0958 3592 Actual detected object count: 0
22:50:31.0560 3516 Deinitialize success
|
|
29.01.2013, 12:27
| #6 |
| /// Malware-holic | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Hi hättest du nicht deinstalieren müssen! malwarebytes: Downloade Dir bitte Malwarebytes
__________________ --> Auf Paypal Phishing reingefallen, Trojaner Gefahr? |
|
29.01.2013, 15:32
| #7 |
| | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Schaut ganz gut aus, hat nix gefunden... Kann ich also beruhigt sein?! Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.29.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 *** :: ***-PC [Administrator] 29.01.2013 14:01:52 mbam-log-2013-01-29 (14-01-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 671403 Laufzeit: 1 Stunde(n), 28 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
31.01.2013, 19:09
| #8 |
| /// Malware-holic | Auf Paypal Phishing reingefallen, Trojaner Gefahr? hi sehr gut lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
31.01.2013, 19:51
| #9 |
| | Auf Paypal Phishing reingefallen, Trojaner Gefahr? Hier die Liste. Keine Ahnung, warum sämtliche Native Instruments Programme beim CCleaner zweimal auftauchen, in der Systemsteuerung sind sie nur einmal da. Und bei dem ganzen Microsoft-Gedöns bin ich mir nicht so ganz sicher, was ich alles zum Entwickeln mit Visual Studio brauche und was mit irgendwelchen Windows Updates installiert wurde. Das einzige, was mit spontan gänzlich unbekannt vorkommt ist der "Mozilla Maintenance Service" Code:
ATTFilter notwendig 7-Zip 9.20 (x64 edition) Igor Pavlov 10.09.2012 4,53MB 9.20.00.0 notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 17.01.2013 6,00MB 11.5.502.146 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11.01.2013 6,00MB 11.5.502.146 notwendig Adobe Reader X (10.1.5) - Deutsch Adobe Systems Incorporated 10.01.2013 121MB 10.1.5 notwendig Android SDK Tools Google Inc. 20.10.2012 1.16 unbekannt Application Verifier (x64) Microsoft Corporation 07.01.2013 55,3MB 4.1.1078 notwendig Atmel Software Framework Atmel 18.10.2012 370MB 3.1.121 notwendig Atmel Studio 6.0 Atmel 18.10.2012 6.0.1843 notwendig Atmel USB Atmel 18.10.2012 10.6 notwendig Avira Free Antivirus Avira 19.12.2012 129MB 13.0.0.2890 notwendig CCleaner Piriform 23.01.2013 3.27 bekannt Debugging Tools for Windows (x64) Microsoft Corporation 07.01.2013 39,8MB 6.12.2.633 bekannt Dotfuscator Software Services - Community Edition PreEmptive Solutions 10.09.2012 6,44MB 5.0.2300.0 bekannt Dotfuscator Software Services - Community Edition - DEU PreEmptive Solutions 10.09.2012 2,84MB 5.0.2300.0 notwendig Dropbox Dropbox, Inc. 27.01.2013 1.6.16 notwendig EAGLE 6.3.0 CadSoft Computer GmbH 13.11.2012 6.3.0 notwendig eLicenser Control Steinberg Media Technologies GmbH 11.09.2012 notwendig GIMP 2.8.2 The GIMP Team 09.09.2012 244MB 2.8.2 notwendig Java 7 Update 9 (64-bit) Oracle 20.10.2012 127MB 7.0.90 notwendig Java SE Development Kit 7 Update 9 (64-bit) Oracle 20.10.2012 188MB 1.7.0.90 notwendig JLink OB CDC Driver Package SEGGER 18.10.2012 48,0KB 1.2.1 notwendig LyX 2.0.4 LyX Team 10.09.2012 2.0.4 bekannt Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 28.01.2013 18,4MB 1.70.0.1100 notwendig Maxima 5.28.0-2 The Maxima Development Team 07.10.2012 107MB 5.28.0-2 notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 09.09.2012 38,8MB 4.0.30319 notwendig Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 09.09.2012 2,93MB 4.0.30319 notwendig Microsoft .NET Framework 4 Extended Microsoft Corporation 10.09.2012 51,9MB 4.0.30319 notwendig Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 10.09.2012 10,6MB 4.0.30319 notwendig Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 10.09.2012 83,4MB 4.0.30319 notwendig Microsoft ASP.NET MVC 2 Microsoft Corporation 10.09.2012 482KB 2.0.50217.0 notwendig Microsoft ASP.NET MVC 2 - DEU Microsoft Corporation 10.09.2012 25,0KB 2.0.50331.0 notwendig Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 10.09.2012 2,25MB 2.0.50217.0 notwendig Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU Microsoft Corporation 10.09.2012 2,07MB 2.0.50331.0 notwendig Microsoft Help Viewer 1.0 Microsoft Corporation 10.09.2012 3,97MB 1.0.30319 notwendig Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 10.09.2012 1,95MB 1.0.30319 notwendig Microsoft Silverlight Microsoft Corporation 10.09.2012 24,9MB 3.0.40818.0 notwendig Microsoft Silverlight 3 SDK - Deutsch Microsoft Corporation 10.09.2012 32,7MB 3.0.40818.0 notwendig Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 10.09.2012 notwendig Microsoft SQL Server 2008 Browser Microsoft Corporation 10.09.2012 8,00MB 10.1.2531.0 notwendig Microsoft SQL Server 2008 Native Client Microsoft Corporation 10.09.2012 7,07MB 10.1.2531.0 notwendig Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft Corporation 10.09.2012 14,1MB 10.50.1447.4 notwendig Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 18.10.2012 5,89MB 10.50.1447.4 notwendig Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft Corporation 10.09.2012 10,4MB 10.50.1447.4 notwendig Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft Corporation 10.09.2012 5,41MB 10.50.1447.4 notwendig Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework Microsoft Corporation 10.09.2012 379KB 10.50.1447.4 notwendig Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 10.09.2012 3,69MB 3.5.8080.0 notwendig Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 10.09.2012 4,81MB 3.5.8080.0 notwendig Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 10.09.2012 10,1MB 10.1.2512.8 notwendig Microsoft SQL Server System CLR Types Microsoft Corporation 18.10.2012 625KB 10.50.1447.4 notwendig Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 10.09.2012 832KB 10.50.1447.4 notwendig Microsoft SQL Server VSS Writer Microsoft Corporation 10.09.2012 3,59MB 10.1.2531.0 notwendig Microsoft Sync Framework Runtime v1.0 SP1 (x64) de Microsoft Corporation 10.09.2012 1,03MB 1.0.3010.0 notwendig Microsoft Sync Framework SDK v1.0 SP1 de Microsoft Corporation 10.09.2012 30,0MB 1.0.3010.0 notwendig Microsoft Sync Framework Services v1.0 SP1 (x64) de Microsoft Corporation 10.09.2012 2,89MB 1.0.3010.0 notwendig Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de Microsoft Corporation 10.09.2012 598KB 2.0.3010.0 notwendig Microsoft Team Foundation Server 2010-Objektmodell - DEU Microsoft Corporation 10.09.2012 10.0.30319 notwendig Microsoft Visual C++ Compilers 2010 Standard - enu - x64 Microsoft Corporation 07.01.2013 207MB 10.0.30319 notwendig Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Corporation 07.01.2013 612MB 10.0.30319 notwendig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 10.09.2012 426KB 8.0.56336 notwendig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 08.09.2012 788KB 9.0.30729.6161 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 08.09.2012 600KB 9.0.30729.6161 notwendig Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Corporation 10.09.2012 310KB 10.0.30319 notwendig Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 07.01.2013 13,6MB 10.0.30319 notwendig Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation 10.09.2012 33,0MB 10.0.30319 notwendig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 07.01.2013 743KB 10.0.30319 notwendig Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Corporation 10.09.2012 15,6MB 10.0.30319 notwendig Microsoft Visual F# 2.0 Runtime Microsoft Corporation 10.09.2012 5,81MB 10.0.30319 notwendig Microsoft Visual F# 2.0 Runtime Language Pack - DEU Microsoft Corporation 10.09.2012 1,30MB 10.0.30319 notwendig Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 10.09.2012 35,2MB 10.0.30319 notwendig Microsoft Visual Studio 2010 Professional - DEU Microsoft Corporation 10.09.2012 10.0.30319 notwendig Microsoft Visual Studio 2010 Shell (Isolated) - ENU Microsoft Corporation 18.10.2012 514MB 10.0.30319 notwendig Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 10.09.2012 10.0.30319 notwendig Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU Microsoft Corporation 10.09.2012 10.0.30319 notwendig Microsoft Visual Studio Macro Tools Microsoft Corporation 10.09.2012 9.0.30729 notwendig Microsoft Visual Studio Macro Tools - DEU Language Pack Microsoft Corporation 10.09.2012 9.0.30729 notwendig Microsoft Windows Performance Toolkit Microsoft Corporation 07.01.2013 26,1MB 4.8.0 notwendig Microsoft Windows SDK for Windows 7 (7.1) Microsoft Corporation 07.01.2013 7.1.7600.0.30514 notwendig MiKTeX 2.9 MiKTeX.org 10.09.2012 2.9 notwendig Mozilla Firefox 18.0.1 (x86 de) Mozilla 19.01.2013 43,2MB 18.0.1 unbekannt Mozilla Maintenance Service Mozilla 19.01.2013 330KB 18.0.1 notwendig Mozilla Thunderbird 17.0.2 (x86 de) Mozilla 09.01.2013 41,9MB 17.0.2 notwendig Native Instruments Abbey Road 60s Drums 11.09.2012 notwendig Native Instruments Abbey Road 60s Drums Native Instruments 19.09.2012 notwendig Native Instruments Absynth 5 11.09.2012 notwendig Native Instruments Absynth 5 Native Instruments 11.09.2012 notwendig Native Instruments Acoustic Refractions 11.09.2012 notwendig Native Instruments Acoustic Refractions Native Instruments 11.09.2012 notwendig Native Instruments Battery 3 11.09.2012 notwendig Native Instruments Battery 3 Native Instruments 11.09.2012 notwendig Native Instruments Berlin Concert Grand 12.09.2012 notwendig Native Instruments Berlin Concert Grand Native Instruments 11.09.2012 notwendig Native Instruments Driver 07.09.2012 notwendig Native Instruments Driver Native Instruments 18.12.2012 55,2MB 1.0.1.288 notwendig Native Instruments FM8 11.09.2012 notwendig Native Instruments FM8 Native Instruments 11.09.2012 notwendig Native Instruments Guitar Rig 4 11.09.2012 notwendig Native Instruments Guitar Rig 4 Native Instruments 11.09.2012 notwendig Native Instruments Guitar Rig Session I/O 08.09.2012 notwendig Native Instruments Guitar Rig Session I/O Native Instruments 08.09.2012 notwendig Native Instruments Komplete 7 11.09.2012 notwendig Native Instruments Komplete 7 Native Instruments 19.09.2012 notwendig Native Instruments Kontakt 4 11.09.2012 notwendig Native Instruments Kontakt 4 Native Instruments 11.09.2012 notwendig Native Instruments Kontakt 4 Factory Content 11.09.2012 notwendig Native Instruments Kontakt 4 Factory Content Native Instruments 11.09.2012 notwendig Native Instruments Kore Player 11.09.2012 notwendig Native Instruments Kore Player Native Instruments 11.09.2012 notwendig Native Instruments Massive 11.09.2012 notwendig Native Instruments Massive Native Instruments 11.09.2012 notwendig Native Instruments New York Concert Grand 12.09.2012 notwendig Native Instruments New York Concert Grand Native Instruments 12.09.2012 notwendig Native Instruments Rammfire 11.09.2012 notwendig Native Instruments Rammfire Native Instruments 11.09.2012 notwendig Native Instruments Reaktor 5 01.12.2012 notwendig Native Instruments Reaktor 5 Native Instruments 01.12.2012 notwendig Native Instruments Reaktor Prism 11.09.2012 notwendig Native Instruments Reaktor Prism Native Instruments 11.09.2012 notwendig Native Instruments Reaktor Spark R2 11.09.2012 notwendig Native Instruments Reaktor Spark R2 Native Instruments 11.09.2012 notwendig Native Instruments Reflektor 11.09.2012 notwendig Native Instruments Reflektor Native Instruments 11.09.2012 notwendig Native Instruments Scarbee A-200 11.09.2012 notwendig Native Instruments Scarbee A-200 Native Instruments 11.09.2012 notwendig Native Instruments Scarbee Clavinet Pianet 11.09.2012 notwendig Native Instruments Scarbee Clavinet Pianet Native Instruments 11.09.2012 notwendig Native Instruments Scarbee Mark I 11.09.2012 notwendig Native Instruments Scarbee Mark I Native Instruments 11.09.2012 notwendig Native Instruments Scarbee MM-Bass 11.09.2012 notwendig Native Instruments Scarbee MM-Bass Native Instruments 11.09.2012 notwendig Native Instruments Service Center 11.09.2012 notwendig Native Instruments Service Center Native Instruments 11.09.2012 notwendig Native Instruments The Finger R2 11.09.2012 notwendig Native Instruments The Finger R2 Native Instruments 11.09.2012 notwendig Native Instruments Traktors 12 11.09.2012 notwendig Native Instruments Traktors 12 Native Instruments 11.09.2012 notwendig Native Instruments Upright Piano 12.09.2012 notwendig Native Instruments Upright Piano Native Instruments 12.09.2012 notwendig Native Instruments Vienna Concert Grand 11.09.2012 notwendig Native Instruments Vienna Concert Grand Native Instruments 19.09.2012 notwendig Native Instruments Vintage Organs 11.09.2012 notwendig Native Instruments Vintage Organs Native Instruments 11.09.2012 notwendig OpenOffice.org 3.4.1 Apache Software Foundation 08.09.2012 331MB 3.41.9593 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 07.09.2012 6.0.1.6265 notwendig scilab-5.3.3 (64-bit) DIGITEO 10.09.2012 456MB notwendig Steinberg Cubase LE 4 Steinberg Media Technologies GmbH 19.09.2012 199MB 4.1.2.851 unbekannt Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 10.09.2012 33,7MB 10.1.2731.0 unbekannt Visual Studio 2010 Prerequisites - English Microsoft Corporation 10.09.2012 5,88MB 10.0.30319 bekannt Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 10.09.2012 11,1MB 4.0.8080.0 bekannt VLC media player 2.0.3 VideoLAN 08.09.2012 2.0.3 bekannt Web Deployment Tool Microsoft Corporation 10.09.2012 3,10MB 1.1.0618 bekannt Windows-Treiberpaket - Segger (jlink_ob_x64) USB (03/13/2012 2.6.6.2) Segger 18.10.2012 03/13/2012 2.6.6.2 bekannt Windows-Treiberpaket - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) SEGGER 18.10.2012 01/25/2012 6.0.2600.4 |
|
04.02.2013, 13:33
| #10 |
| /// Malware-holic | Auf Paypal Phishing reingefallen, Trojaner Gefahr? deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Java : beide downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren öffne ccleaner, analysieren, starten PC neustarten Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Auf Paypal Phishing reingefallen, Trojaner Gefahr? |
| 7-zip, antivir, autorun, avira, besitzer, beste grüße, bho, cubase, error, firefox, flash player, format, google, iexplore.exe, install.exe, logfile, mozilla, paypal phishing, phishing, phishing mail, plug-in, problem, realtek, registry, rundll, scan, security, server, software, spark, system, trojaner, visual studio, windows, zahlung |
