Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Groupon Trojaner-Bereinigung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 08.03.2013, 19:05   #1
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Hallo,
Ich habe während eines Telefonats aus Versehen den Anhang der Trojaner-Mail mit dem Betreff Groupon geöffnet. Dann habe ich bereits mitbekommen, dass man Malwarebytes Anti- Rootkit installieren soll und die Logs posten. Bei mir kam Folgendes:


08.03.2013 18:28:58
mbar-log-2013-03-08 (18-28-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 439800
Time elapsed: 18 minute(s), 22 second(s)

Memory Processes Detected: 2
c:\Users\Janne\AppData\Roaming\Xuqoso\zayg.exe (Trojan.Agent.MU) -> 2032 -> Delete on reboot.
c:\Users\Janne\AppData\Roaming\KB00703992.exe (Trojan.Agent.Gen) -> 3844 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QipGuard (Spyware.Zbot) -> Delete on reboot.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Yqnuixmias (Trojan.Agent.MU) -> Data: C:\Users\Janne\AppData\Roaming\Xuqoso\zayg.exe -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|KB00703992.exe (Trojan.Agent.Gen) -> Data: "C:\Users\Janne\AppData\Roaming\KB00703992.exe" -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)



Im nächsten Schritt hab ichs dann gecleant und bei einem erneuten Scan nach dem Rebooten wurde nichts mehr gefunden.

Was kann ich nun tun? Dankeschön

Alt 08.03.2013, 19:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 08.03.2013, 20:48   #3
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.03.2013 20:34:00 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Janne\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,74 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 58,43% Memory free
7,48 Gb Paging File | 5,07 Gb Available in Paging File | 67,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 312,35 Gb Free Space | 74,05% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C32F5F-8240-467D-B54D-ADCC9A69AA22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{11C55580-4E38-4686-AF91-983CA1E7CD29}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1B5E1B7D-E083-4323-947D-C24D49DEC743}" = lport=445 | protocol=6 | dir=in | app=system | 
"{239A6370-58B5-4F92-AECE-594AD73E1AD8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2691BC0A-3D16-4DD2-B4BE-D1F2CD7C36CA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2AE1826C-C812-4634-8728-2F04E892385E}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2E7AAE3D-B629-4757-90D5-633BE7E1EE90}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{423E6A74-E8C1-4476-9D34-F340CC96E274}" = rport=445 | protocol=6 | dir=out | app=system | 
"{42F1CA96-5DD0-4661-9E4E-1CE2A18BE835}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4C1C0D30-004A-4D4D-B4F6-BDF7E648D9D7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{65912224-753A-4005-A134-45BA290166C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6CB5C790-E241-4749-A2EB-33B20E4FF662}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6EA4DD56-3A75-4CAF-856D-7F792DE12CC1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{88DB1C87-8691-4206-AA9D-95EC68F47C30}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9A6B9777-2990-4A3C-85AD-4011A6A4FAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9C0A4F7A-5166-4F4E-8D0A-AA15A3383A9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A4902E36-F97F-41E7-85C1-96246CEC5048}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C3DB5C55-0F69-4E92-99D9-8B3D8397AD49}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C9383292-AD93-46AB-9140-7693F1D33793}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DF3C7CF1-13AC-40C8-B672-A9C00B0F9694}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F194B785-F545-4B95-8F91-8F1E7B6FDBE9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F53A8C14-D33D-412A-AEE4-3F974C4E5C64}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FF93513A-791C-4CA8-B39B-487DD1175E2A}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0072DC9F-CA9A-4130-8AC5-BD74E1FD5A58}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{03477AA7-7CB7-407B-BCE2-4A1D5E281BB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0384F01E-6A5A-4F3A-B2EB-96AE69D07732}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{039486A5-D35F-4835-8282-22604525B2E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0397C711-5F83-416E-9535-039F235A24FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{05069287-D5F2-42CC-BEB0-59CFFC64403B}" = protocol=6 | dir=out | app=system | 
"{09A2FA6F-132C-475B-A6C3-120C2186C575}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0E4AF30E-C6EC-4258-B25B-34C1C06EC11B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1F5D606A-C66D-4E58-BF89-B4CDD503FA46}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{3CE58A87-5099-4942-A121-6FC91C1805D0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{4763EFE0-CC4A-4059-AAB0-69F2FB4A14CE}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{4E2838B3-AC8C-47D0-B6A7-3DC4AE40AFE3}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{548933F4-C566-4ED0-9517-1F7FCDC29D51}" = protocol=17 | dir=in | app=c:\users\janne\appdata\roaming\dropbox\bin\dropbox.exe | 
"{5693CC05-4AD9-47D9-BAF7-0F6E76022C2B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6102CE89-8F88-4ED2-9499-030F1D4A5897}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{7AB23012-46E8-43F7-9782-C435F2137B3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{944BE4A3-64A1-4741-B084-755D4FEA7F9E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{9D8CAF4F-8AD5-4310-B26E-0663941B295E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FFEB393-DF95-4366-AB03-FA133113C028}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A2E094E8-D983-4B33-ADE1-D0E0B2116B6A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A8AA2456-7554-4A6B-9EBA-0FE93801F925}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A8DEDB52-8A7A-4984-8BD7-762BD2B6BA32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B0F81DFE-769B-4E00-B05E-26F7D6DAD308}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B7544C5E-F14E-443C-A4A1-141EB02FF28E}" = protocol=6 | dir=in | app=c:\users\janne\appdata\roaming\dropbox\bin\dropbox.exe | 
"{C0787D8C-85DB-4101-BD06-3F6872C7DA06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C59F36E4-B130-4C36-916F-F99DCFE5DA7B}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | 
"{CF387943-4759-452A-AC53-CB1B756233F1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D7371266-E75E-4BF7-9189-1338784D03AB}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{D7D9356D-A17E-49D5-993B-6C68949FF974}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DFB4219F-1D7A-4E77-8A94-63C4D0F206E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E0DDD8EB-FC51-4A1F-91DC-15EAD7BBB0B6}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | 
"{E6130848-B450-4066-9068-577169A06872}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EEA8D981-019A-4D3B-AC52-4AA39165FBFA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F4038229-0BB5-4346-B07B-6D3A53F0EAD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F6DAA28D-E88B-4EA8-B6AC-C58864266848}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FD516FBD-B8BD-4012-B0E0-F15527EE6FF3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{0D5BF81E-76EC-4E0B-8413-BEF0360BE87A}C:\users\***\appdata\roaming\xuqoso\zayg.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\xuqoso\zayg.exe | 
"TCP Query User{4F0D6EE8-23AD-4E04-B0AE-2D565A4E0010}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{B710095B-CF64-4B6B-A72F-B97849B7CE2F}C:\users\***\appdata\roaming\xuqoso\zayg.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\xuqoso\zayg.exe | 
"TCP Query User{F73E5251-6B10-4FF5-96B5-39AD54A6E6A9}C:\program files (x86)\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip infium\infium.exe | 
"UDP Query User{32C9BC10-DA0A-4984-8DCB-D834E6E60E95}C:\users\***\appdata\roaming\xuqoso\zayg.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\xuqoso\zayg.exe | 
"UDP Query User{448BAE3D-8F67-48F8-BDB2-0CDEDCED27AF}C:\users\***\appdata\roaming\xuqoso\zayg.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\xuqoso\zayg.exe | 
"UDP Query User{971A925F-A66F-4DCE-9B16-670EF6264DEB}C:\program files (x86)\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip infium\infium.exe | 
"UDP Query User{DFEC8DE2-7FFA-4F6B-9493-6460AF803E8C}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5ACF5427-B4E4-4F85-A512-151E0BECF7E3}" = RtLED
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430)
"Elantech" = ETDWare PS/2-x64 7.0.4.17_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"VLC media player" = VLC media player 2.0.4
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{14E0B9EA-FC56-4DAD-ABCA-8B84607D11F8}" = OpenSC
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3ECA0079-088F-4E69-B66A-65D5E687B092}" = KOBIL Chipkartenterminal Treiber V2.212.02271 Build: 20120227.1
"{43EF7CA8-0439-4677-BE6B-749B4562BBB6}" = KOBIL drivers x64x86 installation
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69BCC264-0D43-469F-8434-31E738982E7B}" = Cisco AnyConnect Secure Mobility Client
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2012 Free
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Acoustica MP3 To Wave Converter PLUS" = Acoustica MP3 To Wave Converter PLUS
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client 
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIA.Updatus" = NVIDIA Updatus
"Picasa 3" = Picasa 3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1" = Albelli Fotobücher
"Dropbox" = Dropbox
"PagePlace" = PagePlace
"QIP Infium" = QIP Infium 3.0.9044
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.02.2013 10:22:51 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3120
 
Error - 07.02.2013 10:22:52 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.02.2013 10:22:52 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4165
 
Error - 07.02.2013 10:22:52 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4165
 
Error - 07.02.2013 10:22:53 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.02.2013 10:22:53 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5164
 
Error - 07.02.2013 10:22:53 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5164
 
Error - 07.02.2013 10:22:54 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.02.2013 10:22:54 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6193
 
Error - 07.02.2013 10:22:54 | Computer Name = ***-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6193
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 08.03.2013 15:30:42 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 08.03.2013 15:30:42 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
 225 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 08.03.2013 15:31:10 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
 (0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 08.03.2013 15:31:10 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1655 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588316
 (0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 08.03.2013 15:31:10 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
 1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
 not contact target 
 
Error - 08.03.2013 15:31:10 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 08.03.2013 15:31:48 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
 (0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 08.03.2013 15:31:48 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1655 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588316
 (0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 08.03.2013 15:31:48 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
 1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
 not contact target 
 
Error - 08.03.2013 15:31:48 | Computer Name = ***-Laptop | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
[ System Events ]
Error - 27.11.2012 12:17:47 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 SBSD Security Center Service erreicht.
 
Error - 27.11.2012 12:17:47 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 01.12.2012 07:50:04 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)"
 wurde aufgrund folgenden Fehlers nicht gestartet:   %%1058
 
Error - 01.12.2012 10:50:45 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) Rapid Storage Technology erreicht.
 
Error - 01.12.2012 10:50:47 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 04.12.2012 16:55:30 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 SBSD Security Center Service erreicht.
 
Error - 04.12.2012 16:55:30 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 06.12.2012 11:15:58 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 SBSD Security Center Service erreicht.
 
Error - 06.12.2012 11:15:58 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 06.12.2012 11:15:58 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
 
< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.03.2013 20:34:00 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,74 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 58,43% Memory free
7,48 Gb Paging File | 5,07 Gb Available in Paging File | 67,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 312,35 Gb Free Space | 74,05% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
 
Computer Name: ***-LAPTOP | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe (Egis Technology Inc. )
PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe (Egis Technology Inc. )
PRC - C:\Programme\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f7cb3ae5de64f8cbde3ccc57c780743a\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7a1844283caf3216c346c268cb373b5d\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Windows\SysWOW64\opensc-pkcs11.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (EgisTec Service) -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe (Egis Technology Inc. )
SRV - (EgisTec Data Security Service) -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe (Egis Technology Inc. )
SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (RtLedService) -- C:\Programme\Realtek\RtLED\RtLEDService.exe (Realtek Semiconductor Corp.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (KOBCCID) -- C:\Windows\SysNative\drivers\KOBCCID.sys (KOBIL Systems GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (FPSensor) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows (R) 2000 DDK provider)
DRV:64bit: - (Uim_VIM) -- C:\Windows\SysNative\drivers\uim_vimx64.sys (Paragon)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (JmUsbVideo) -- C:\Windows\SysNative\drivers\jmcam.sys (JMicron Technology Corp.)
DRV:64bit: - (JmUsbCcgp) -- C:\Windows\SysNative\drivers\jmccgp.sys (JMicron Technology Corp.)
DRV:64bit: - (JmUsbVideo2) -- C:\Windows\SysNative\drivers\jmcam_lo.sys (JMicron Technology Corp.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = QIP.RU:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = QIP:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = QIP:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = QIP:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = QIP.RU:
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 96 3A CD 13 18 8D CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = QIP:
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "hxxp://search.qip.ru/search?from=FF&query="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\telekom.com/PagePlaceStarter: C:\Users\***\AppData\Local\PagePlace\npPagePlaceStarter.dll (Deutsche Telekom AG)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.20 11:59:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:25:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:25:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.09.07 17:47:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Extensions
[2012.10.23 12:58:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\amlja91x.default\extensions
[2012.09.10 19:18:09 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\amlja91x.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012.09.10 19:18:34 | 000,002,062 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\amlja91x.default\searchplugins\qip-search.xml
[2013.02.20 13:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 12:25:51 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEPwdBankBHO Class) - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_2D98B7D823551CA6A649891B91AEC86A] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [mixervn] -autorun File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03B0F408-9A93-4100-8377-CF2929192498}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9F9B79-77C2-4336-8C5D-F2D7AABF85B7}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5a77a8d3-f8fc-11e1-8696-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a77a8d3-f8fc-11e1-8696-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.08 18:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.08 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\*** \Desktop\VIREN
[2013.03.08 13:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup & Recovery™ 2012 Free
[2013.03.08 13:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paragon Software
[2013.03.08 13:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Areca
[2013.03.08 13:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Areca
[2013.03.08 12:40:11 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\8BE848DD
[2013.03.08 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Heecyb
[2013.03.08 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Aqon
[2013.03.08 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Amfu
[2013.03.08 10:36:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ofvusa
[2013.03.08 10:36:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Xyvoam
[2013.03.08 10:36:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Dosic
[2013.03.08 10:26:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Xuqoso
[2013.03.08 10:26:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Vyog
[2013.03.08 10:26:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ivurd
[2013.03.07 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\***\Crsmhbciyyr
[2013.03.06 13:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.04 16:48:46 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Exegese
[2013.02.20 13:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.18 17:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2013.02.15 12:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.02.14 20:16:00 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 20:16:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 20:15:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 20:15:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 20:15:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 20:15:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 20:15:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 20:15:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 20:15:57 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 20:15:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 20:15:56 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 20:15:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 20:15:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 20:15:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 20:15:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 10:38:26 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 10:38:25 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 10:38:24 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 10:38:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 10:38:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 10:38:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 10:38:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 10:38:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 10:38:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 10:38:14 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.07 15:14:15 | 000,000,000 | ---D | C] -- C:\Users\*** \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.08 20:29:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.08 20:06:27 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.08 20:06:27 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.08 18:42:18 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 18:42:18 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 18:34:39 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 18:34:17 | 3010,797,568 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.08 16:46:48 | 013,786,977 | ---- | M] () -- C:\Users\***\Desktop\VIREN.zip
[2013.03.08 13:46:50 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.08 13:46:50 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.08 13:46:50 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.08 13:46:50 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.08 13:46:50 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.08 13:31:45 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Backup & Recovery™ 2012 Free.lnk
[2013.03.07 10:40:22 | 000,014,765 | ---- | M] () -- C:\Users\***\Desktop\Broken2.jpg
[2013.03.07 10:39:51 | 000,011,037 | ---- | M] () -- C:\Users\***\Desktop\Broken.jpg
[2013.03.05 21:54:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.28 13:21:54 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.28 13:21:54 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.15 12:46:36 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.02.15 12:46:36 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.02.15 12:41:11 | 000,326,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.03.08 17:47:22 | 007,971,859 | ---- | C] () -- C:\Users\***\Desktop\05 - Das Lied von der Raupe Nimmersatt.mp3
[2013.03.08 16:48:24 | 013,786,977 | ---- | C] () -- C:\Users\***\Desktop\VIREN.zip
[2013.03.08 13:31:45 | 000,002,413 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Backup & Recovery™ 2012 Free.lnk
[2013.03.07 10:40:22 | 000,014,765 | ---- | C] () -- C:\Users\***\Desktop\Broken2.jpg
[2013.03.07 10:39:51 | 000,011,037 | ---- | C] () -- C:\Users\***\Desktop\Broken.jpg
[2012.12.28 02:45:21 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.10 18:39:33 | 000,044,544 | ---- | C] () -- C:\Windows\SysWow64\Gif89.dll
[2012.09.07 17:37:51 | 087,227,952 | ---- | C] () -- C:\Users\***\avira_free_antivirus_898de.exe
[2012.01.10 21:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012.01.10 21:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012.01.10 21:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012.01.10 20:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.07.15 12:49:36 | 001,577,984 | ---- | C] () -- C:\Windows\SysWow64\opensc-pkcs11.dll
[2011.07.15 12:49:36 | 001,577,984 | ---- | C] () -- C:\Windows\SysWow64\onepin-opensc-pkcs11.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---
__________________

Alt 08.03.2013, 21:00   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.03.2013, 22:58   #5
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-08 22:11:14
-----------------------------
22:11:14.356 OS Version: Windows x64 6.1.7601 Service Pack 1
22:11:14.356 Number of processors: 4 586 0x2505
22:11:14.357 ComputerName:***-LAPTOP UserName: ***
22:11:15.768 Initialize success
22:15:03.974 AVAST engine defs: 13030800
22:15:50.719 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:15:50.723 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
22:15:50.741 Disk 0 MBR read successfully
22:15:50.745 Disk 0 MBR scan
22:15:50.788 Disk 0 Windows 7 default MBR code
22:15:50.807 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 431938 MB offset 411648
22:15:50.816 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
22:15:50.858 Disk 0 Partition 2 00 12 Compaq diag NTFS 15109 MB offset 945829888
22:15:50.985 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
22:15:51.046 Disk 0 scanning C:\Windows\system32\drivers
22:16:12.498 Service scanning
22:16:55.143 Modules scanning
22:16:55.155 Disk 0 trace - called modules:
22:16:55.494 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:16:55.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004df7060]
22:16:55.507 3 CLASSPNP.SYS[fffff88001b5443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b1b050]
22:16:57.133 AVAST engine scan C:\Windows
22:16:59.667 AVAST engine scan C:\Windows\system32
22:21:13.701 AVAST engine scan C:\Windows\system32\drivers
22:21:33.689 AVAST engine scan C:\Users\***
22:50:18.603 AVAST engine scan C:\ProgramData
22:51:14.316 Scan finished successfully
22:51:47.089 Disk 0 MBR has been saved successfully to "C:\Users\***\Downloads\MBR.dat"
22:51:47.093 The log file has been saved successfully to "C:\Users\***\Downloads\aswMBR.txt"

Die TDSS Datei ist zu groß um sie zu kopieren und auch für den Anhang zu groß (159,5 KB)

Teil 1:

02:51.0392 7040 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:02:53.0394 7040 ============================================================
23:02:53.0394 7040 Current date / time: 2013/03/08 23:02:53.0394
23:02:53.0394 7040 SystemInfo:
23:02:53.0394 7040
23:02:53.0394 7040 OS Version: 6.1.7601 ServicePack: 1.0
23:02:53.0394 7040 Product type: Workstation
23:02:53.0394 7040 ComputerName: ***-LAPTOP
23:02:53.0395 7040 UserName: ***
23:02:53.0395 7040 Windows directory: C:\Windows
23:02:53.0395 7040 System windows directory: C:\Windows
23:02:53.0395 7040 Running under WOW64
23:02:53.0395 7040 Processor architecture: Intel x64
23:02:53.0395 7040 Number of processors: 4
23:02:53.0395 7040 Page size: 0x1000
23:02:53.0395 7040 Boot type: Normal boot
23:02:53.0395 7040 ============================================================
23:02:53.0824 7040 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:53.0828 7040 ============================================================
23:02:53.0828 7040 \Device\Harddisk0\DR0:
23:02:53.0828 7040 MBR partitions:
23:02:53.0828 7040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
23:02:53.0856 7040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
23:02:53.0856 7040 ============================================================
23:02:53.0903 7040 C: <-> \Device\Harddisk0\DR0\Partition1
23:02:53.0962 7040 D: <-> \Device\Harddisk0\DR0\Partition2
23:02:54.0022 7040 ============================================================
23:02:54.0022 7040 Initialize success
23:02:54.0022 7040 ============================================================
23:03:05.0874 6680 ============================================================
23:03:05.0874 6680 Scan started
23:03:05.0874 6680 Mode: Manual;
23:03:05.0874 6680 ============================================================
23:03:06.0308 6680 ================ Scan system memory ========================
23:03:06.0308 6680 System memory - ok
23:03:06.0309 6680 ================ Scan services =============================
23:03:06.0488 6680 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:03:06.0492 6680 1394ohci - ok
23:03:06.0517 6680 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:03:06.0522 6680 ACPI - ok
23:03:06.0554 6680 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:03:06.0555 6680 AcpiPmi - ok
23:03:06.0594 6680 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:03:06.0595 6680 ACPIVPC - ok
23:03:06.0632 6680 [ E5568164C070A4988BD79C896920B3C6 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
23:03:06.0635 6680 acsock - ok
23:03:06.0724 6680 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:03:06.0725 6680 AdobeARMservice - ok
23:03:06.0884 6680 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:03:06.0887 6680 AdobeFlashPlayerUpdateSvc - ok
23:03:06.0954 6680 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:03:06.0961 6680 adp94xx - ok
23:03:06.0993 6680 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:03:07.0000 6680 adpahci - ok
23:03:07.0034 6680 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:03:07.0038 6680 adpu320 - ok
23:03:07.0069 6680 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:03:07.0071 6680 AeLookupSvc - ok
23:03:07.0123 6680 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:03:07.0131 6680 AFD - ok
23:03:07.0177 6680 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:03:07.0179 6680 agp440 - ok
23:03:07.0220 6680 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:03:07.0223 6680 ALG - ok
23:03:07.0255 6680 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:03:07.0257 6680 aliide - ok
23:03:07.0282 6680 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:03:07.0283 6680 amdide - ok
23:03:07.0303 6680 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:03:07.0305 6680 AmdK8 - ok
23:03:07.0313 6680 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:03:07.0315 6680 AmdPPM - ok
23:03:07.0347 6680 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:03:07.0350 6680 amdsata - ok
23:03:07.0380 6680 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:03:07.0382 6680 amdsbs - ok
23:03:07.0403 6680 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:03:07.0405 6680 amdxata - ok
23:03:07.0491 6680 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:03:07.0493 6680 AntiVirSchedulerService - ok
23:03:07.0543 6680 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:03:07.0545 6680 AntiVirService - ok
23:03:07.0566 6680 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:03:07.0571 6680 AntiVirWebService - ok
23:03:07.0621 6680 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:03:07.0622 6680 AppID - ok
23:03:07.0645 6680 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:03:07.0647 6680 AppIDSvc - ok
23:03:07.0662 6680 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:03:07.0664 6680 Appinfo - ok
23:03:07.0732 6680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:03:07.0734 6680 Apple Mobile Device - ok
23:03:07.0775 6680 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:03:07.0776 6680 arc - ok
23:03:07.0786 6680 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:03:07.0788 6680 arcsas - ok
23:03:07.0817 6680 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:07.0819 6680 AsyncMac - ok
23:03:07.0842 6680 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:03:07.0843 6680 atapi - ok
23:03:07.0899 6680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:07.0906 6680 AudioEndpointBuilder - ok
23:03:07.0918 6680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:03:07.0921 6680 AudioSrv - ok
23:03:07.0962 6680 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:03:07.0975 6680 avgntflt - ok
23:03:08.0000 6680 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:03:08.0002 6680 avipbb - ok
23:03:08.0009 6680 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:03:08.0009 6680 avkmgr - ok
23:03:08.0048 6680 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:03:08.0050 6680 AxInstSV - ok
23:03:08.0091 6680 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:03:08.0098 6680 b06bdrv - ok
23:03:08.0166 6680 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:08.0170 6680 b57nd60a - ok
23:03:08.0278 6680 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:03:08.0335 6680 BCM43XX - ok
23:03:08.0400 6680 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:03:08.0403 6680 BDESVC - ok
23:03:08.0447 6680 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:03:08.0448 6680 Beep - ok
23:03:08.0491 6680 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:03:08.0499 6680 BFE - ok
23:03:08.0543 6680 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:03:08.0558 6680 BITS - ok
23:03:08.0584 6680 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:08.0585 6680 blbdrive - ok
23:03:08.0683 6680 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:03:08.0688 6680 Bonjour Service - ok
23:03:08.0741 6680 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:03:08.0743 6680 bowser - ok
23:03:08.0767 6680 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:03:08.0768 6680 BrFiltLo - ok
23:03:08.0773 6680 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:03:08.0774 6680 BrFiltUp - ok
23:03:08.0814 6680 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:03:08.0816 6680 Browser - ok
23:03:08.0850 6680 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:03:08.0855 6680 Brserid - ok
23:03:08.0871 6680 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:08.0873 6680 BrSerWdm - ok
23:03:08.0882 6680 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:08.0884 6680 BrUsbMdm - ok
23:03:08.0889 6680 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:08.0890 6680 BrUsbSer - ok
23:03:08.0933 6680 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:03:08.0934 6680 BthEnum - ok
23:03:08.0953 6680 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:08.0955 6680 BTHMODEM - ok
23:03:09.0007 6680 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:03:09.0010 6680 BthPan - ok
23:03:09.0067 6680 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:03:09.0076 6680 BTHPORT - ok
23:03:09.0142 6680 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:03:09.0144 6680 bthserv - ok
23:03:09.0171 6680 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:03:09.0173 6680 BTHUSB - ok
23:03:09.0199 6680 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
23:03:09.0201 6680 btusbflt - ok
23:03:09.0228 6680 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:03:09.0230 6680 btwaudio - ok
23:03:09.0263 6680 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:03:09.0266 6680 btwavdt - ok
23:03:09.0329 6680 [ FA77B00B7B825DF75960691871CCA3FF ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
23:03:09.0338 6680 btwdins - ok
23:03:09.0382 6680 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:03:09.0384 6680 btwl2cap - ok
23:03:09.0400 6680 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:03:09.0401 6680 btwrchid - ok
23:03:09.0422 6680 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:03:09.0424 6680 cdfs - ok
23:03:09.0466 6680 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:03:09.0469 6680 cdrom - ok
23:03:09.0503 6680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:03:09.0505 6680 CertPropSvc - ok
23:03:09.0522 6680 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:03:09.0524 6680 circlass - ok
23:03:09.0551 6680 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:03:09.0555 6680 CLFS - ok
23:03:09.0614 6680 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:09.0616 6680 clr_optimization_v2.0.50727_32 - ok
23:03:09.0664 6680 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:03:09.0667 6680 clr_optimization_v2.0.50727_64 - ok
23:03:09.0735 6680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:03:09.0738 6680 clr_optimization_v4.0.30319_32 - ok
23:03:09.0790 6680 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:03:09.0793 6680 clr_optimization_v4.0.30319_64 - ok
23:03:09.0815 6680 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:09.0817 6680 CmBatt - ok
23:03:09.0842 6680 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:03:09.0844 6680 cmdide - ok
23:03:09.0886 6680 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:03:09.0891 6680 CNG - ok
23:03:09.0921 6680 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:03:09.0923 6680 Compbatt - ok
23:03:09.0960 6680 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:09.0961 6680 CompositeBus - ok
23:03:09.0981 6680 COMSysApp - ok
23:03:09.0995 6680 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:03:09.0996 6680 crcdisk - ok
23:03:10.0024 6680 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:03:10.0027 6680 CryptSvc - ok
23:03:10.0071 6680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:03:10.0078 6680 DcomLaunch - ok
23:03:10.0116 6680 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:03:10.0120 6680 defragsvc - ok
23:03:10.0153 6680 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:03:10.0155 6680 DfsC - ok
23:03:10.0179 6680 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:03:10.0183 6680 Dhcp - ok
23:03:10.0219 6680 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:03:10.0220 6680 discache - ok
23:03:10.0251 6680 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:03:10.0253 6680 Disk - ok
23:03:10.0285 6680 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:03:10.0289 6680 Dnscache - ok
23:03:10.0320 6680 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:03:10.0324 6680 dot3svc - ok
23:03:10.0344 6680 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:03:10.0347 6680 DPS - ok
23:03:10.0376 6680 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:03:10.0378 6680 drmkaud - ok
23:03:10.0415 6680 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:03:10.0430 6680 DXGKrnl - ok
23:03:10.0479 6680 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:03:10.0482 6680 EapHost - ok
23:03:10.0579 6680 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:03:10.0667 6680 ebdrv - ok
23:03:10.0702 6680 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:03:10.0704 6680 EFS - ok
23:03:10.0789 6680 [ C49212D3D964B77D15755412CC55144C ] EgisTec Data Security Service C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
23:03:10.0794 6680 EgisTec Data Security Service - ok
23:03:10.0825 6680 [ FB74FD6A2CBB69926078645010B65943 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
23:03:10.0834 6680 EgisTec Service - ok
23:03:10.0901 6680 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:03:10.0911 6680 ehRecvr - ok
23:03:10.0952 6680 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:03:10.0954 6680 ehSched - ok
23:03:11.0011 6680 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:03:11.0018 6680 elxstor - ok
23:03:11.0045 6680 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:03:11.0046 6680 ErrDev - ok
23:03:11.0095 6680 [ F6AD6E0674EF94390F0554BF946977AF ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:03:11.0098 6680 ETD - ok
23:03:11.0129 6680 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:03:11.0135 6680 EventSystem - ok
23:03:11.0163 6680 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:03:11.0166 6680 exfat - ok
23:03:11.0193 6680 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:03:11.0196 6680 fastfat - ok
23:03:11.0254 6680 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:03:11.0264 6680 Fax - ok
23:03:11.0289 6680 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:03:11.0291 6680 fdc - ok
23:03:11.0309 6680 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:03:11.0311 6680 fdPHost - ok
23:03:11.0324 6680 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:03:11.0326 6680 FDResPub - ok
23:03:11.0345 6680 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:03:11.0347 6680 FileInfo - ok
23:03:11.0360 6680 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:03:11.0361 6680 Filetrace - ok
23:03:11.0381 6680 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:03:11.0382 6680 flpydisk - ok
23:03:11.0410 6680 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:03:11.0414 6680 FltMgr - ok
23:03:11.0480 6680 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:03:11.0513 6680 FontCache - ok
23:03:11.0566 6680 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:03:11.0569 6680 FontCache3.0.0.0 - ok
23:03:11.0615 6680 [ 54A9C5A6AA0BB0041A4AF7172FFC3D9F ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
23:03:11.0617 6680 FPSensor - ok
23:03:11.0645 6680 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:03:11.0647 6680 FsDepends - ok
23:03:11.0687 6680 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:11.0688 6680 Fs_Rec - ok
23:03:11.0728 6680 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:03:11.0732 6680 fvevol - ok
23:03:11.0758 6680 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:03:11.0760 6680 gagp30kx - ok
23:03:11.0813 6680 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:11.0815 6680 GEARAspiWDM - ok
23:03:11.0854 6680 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:11.0870 6680 gpsvc - ok
23:03:12.0005 6680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:12.0007 6680 gupdate - ok
23:03:12.0034 6680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:12.0035 6680 gupdatem - ok
23:03:12.0094 6680 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:03:12.0097 6680 gusvc - ok
23:03:12.0113 6680 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:03:12.0114 6680 hcw85cir - ok
23:03:12.0161 6680 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:12.0166 6680 HdAudAddService - ok
23:03:12.0210 6680 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:12.0212 6680 HDAudBus - ok
23:03:12.0254 6680 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:03:12.0255 6680 HECIx64 - ok
23:03:12.0269 6680 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:03:12.0270 6680 HidBatt - ok
23:03:12.0276 6680 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:03:12.0279 6680 HidBth - ok
23:03:12.0283 6680 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:03:12.0285 6680 HidIr - ok
23:03:12.0314 6680 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:03:12.0316 6680 hidserv - ok
23:03:12.0339 6680 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:12.0340 6680 HidUsb - ok
23:03:12.0373 6680 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:12.0376 6680 hkmsvc - ok
23:03:12.0412 6680 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:12.0417 6680 HomeGroupListener - ok
23:03:12.0455 6680 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:12.0460 6680 HomeGroupProvider - ok
23:03:12.0483 6680 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:03:12.0485 6680 HpSAMD - ok
23:03:12.0529 6680 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
23:03:12.0531 6680 htcnprot - ok
23:03:12.0574 6680 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:12.0588 6680 HTTP - ok
23:03:12.0623 6680 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:03:12.0625 6680 hwpolicy - ok
23:03:12.0644 6680 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:12.0646 6680 i8042prt - ok
23:03:12.0706 6680 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:03:12.0710 6680 iaStor - ok
23:03:12.0796 6680 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:03:12.0797 6680 IAStorDataMgrSvc - ok
23:03:12.0843 6680 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:03:12.0849 6680 iaStorV - ok
23:03:12.0931 6680 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:03:12.0960 6680 idsvc - ok
23:03:13.0289 6680 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:03:13.0542 6680 igfx - ok
23:03:13.0566 6680 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:03:13.0567 6680 iirsp - ok
23:03:13.0620 6680 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:13.0634 6680 IKEEXT - ok
23:03:13.0713 6680 [ DAECB75C7C2A4BDEAFEAD19A6FD327C5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:03:13.0777 6680 IntcAzAudAddService - ok
23:03:13.0805 6680 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:03:13.0806 6680 intelide - ok
23:03:13.0831 6680 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:13.0833 6680 intelppm - ok
23:03:13.0858 6680 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:13.0860 6680 IPBusEnum - ok
23:03:13.0878 6680 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:13.0880 6680 IpFilterDriver - ok
23:03:13.0920 6680 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:13.0927 6680 iphlpsvc - ok
23:03:13.0944 6680 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:03:13.0946 6680 IPMIDRV - ok
23:03:13.0960 6680 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:03:13.0962 6680 IPNAT - ok
23:03:14.0004 6680 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:03:14.0011 6680 iPod Service - ok
23:03:14.0053 6680 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:14.0054 6680 IRENUM - ok
23:03:14.0071 6680 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:03:14.0072 6680 isapnp - ok
23:03:14.0090 6680 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:03:14.0093 6680 iScsiPrt - ok
23:03:14.0157 6680 [ 1E4B623259E1093D1A6FE96AB5CB2E46 ] JmUsbCcgp C:\Windows\system32\DRIVERS\jmccgp.sys
23:03:14.0158 6680 JmUsbCcgp - ok
23:03:14.0194 6680 [ 244D5F8EAABFF576340D0326AD93BE15 ] JmUsbVideo C:\Windows\system32\Drivers\jmcam.sys
23:03:14.0195 6680 JmUsbVideo - ok
23:03:14.0207 6680 [ 1FA3D7FE63456321BDF50908E803E2B7 ] JmUsbVideo2 C:\Windows\system32\Drivers\jmcam_lo.sys
23:03:14.0208 6680 JmUsbVideo2 - ok
23:03:14.0226 6680 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:14.0228 6680 kbdclass - ok
23:03:14.0261 6680 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:03:14.0262 6680 kbdhid - ok
23:03:14.0279 6680 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:03:14.0280 6680 KeyIso - ok
23:03:14.0319 6680 [ 3209D40399078C1091398F43215EDD1A ] KOBCCID C:\Windows\system32\drivers\KOBCCID.sys
23:03:14.0321 6680 KOBCCID - ok
23:03:14.0376 6680 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:14.0378 6680 KSecDD - ok
23:03:14.0397 6680 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:03:14.0400 6680 KSecPkg - ok
23:03:14.0429 6680 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:03:14.0430 6680 ksthunk - ok
23:03:14.0458 6680 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:14.0464 6680 KtmRm - ok
23:03:14.0506 6680 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:03:14.0508 6680 L1C - ok
23:03:14.0539 6680 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:03:14.0545 6680 LanmanServer - ok
23:03:14.0561 6680 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:14.0565 6680 LanmanWorkstation - ok
23:03:14.0635 6680 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
23:03:14.0637 6680 LHDmgr - ok
23:03:14.0675 6680 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:14.0677 6680 lltdio - ok
23:03:14.0702 6680 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:14.0708 6680 lltdsvc - ok
23:03:14.0732 6680 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:14.0734 6680 lmhosts - ok
23:03:14.0809 6680 [ 0B4F38AA22D5634C48EDB18FE257F005 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:03:14.0813 6680 LMS - ok
23:03:14.0870 6680 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:03:14.0873 6680 LSI_FC - ok
23:03:14.0905 6680 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:03:14.0909 6680 LSI_SAS - ok
23:03:14.0920 6680 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:03:14.0922 6680 LSI_SAS2 - ok
23:03:14.0946 6680 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:03:14.0949 6680 LSI_SCSI - ok
23:03:14.0966 6680 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:14.0968 6680 luafv - ok
23:03:15.0124 6680 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
23:03:15.0128 6680 McComponentHostService - ok
23:03:15.0156 6680 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:15.0161 6680 Mcx2Svc - ok
23:03:15.0176 6680 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:03:15.0178 6680 megasas - ok
23:03:15.0200 6680 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:03:15.0204 6680 MegaSR - ok
23:03:15.0233 6680 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:03:15.0236 6680 MMCSS - ok
23:03:15.0245 6680 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:03:15.0247 6680 Modem - ok
23:03:15.0274 6680 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:15.0276 6680 monitor - ok
23:03:15.0304 6680 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:15.0306 6680 mouclass - ok
23:03:15.0328 6680 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:15.0330 6680 mouhid - ok
23:03:15.0359 6680 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:03:15.0361 6680 mountmgr - ok
23:03:15.0424 6680 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:03:15.0426 6680 MozillaMaintenance - ok
23:03:15.0454 6680 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:03:15.0457 6680 mpio - ok
23:03:15.0477 6680 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:15.0479 6680 mpsdrv - ok
23:03:15.0511 6680 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:15.0525 6680 MpsSvc - ok
23:03:15.0555 6680 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:15.0558 6680 MRxDAV - ok
23:03:15.0592 6680 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:15.0595 6680 mrxsmb - ok
23:03:15.0608 6680 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:15.0613 6680 mrxsmb10 - ok
23:03:15.0664 6680 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:15.0666 6680 mrxsmb20 - ok
23:03:15.0687 6680 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:15.0688 6680 msahci - ok
23:03:15.0712 6680 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:15.0715 6680 msdsm - ok
23:03:15.0750 6680 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:15.0753 6680 MSDTC - ok
23:03:15.0771 6680 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:15.0772 6680 Msfs - ok
23:03:15.0801 6680 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:15.0803 6680 mshidkmdf - ok
23:03:15.0814 6680 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:15.0816 6680 msisadrv - ok
23:03:15.0857 6680 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:15.0860 6680 MSiSCSI - ok
23:03:15.0867 6680 msiserver - ok
23:03:15.0902 6680 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:15.0904 6680 MSKSSRV - ok
23:03:15.0926 6680 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:15.0927 6680 MSPCLOCK - ok
23:03:15.0931 6680 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:15.0932 6680 MSPQM - ok
23:03:15.0956 6680 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:15.0961 6680 MsRPC - ok
23:03:15.0990 6680 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:15.0991 6680 mssmbios - ok
23:03:16.0011 6680 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:16.0012 6680 MSTEE - ok
23:03:16.0017 6680 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:03:16.0019 6680 MTConfig - ok
23:03:16.0032 6680 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:16.0034 6680 Mup - ok
23:03:16.0066 6680 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:03:16.0067 6680 mwlPSDFilter - ok
23:03:16.0082 6680 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:03:16.0084 6680 mwlPSDNServ - ok
23:03:16.0099 6680 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:03:16.0101 6680 mwlPSDVDisk - ok
23:03:16.0136 6680 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:03:16.0142 6680 napagent - ok
23:03:16.0196 6680 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:16.0201 6680 NativeWifiP - ok
23:03:16.0261 6680 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:16.0274 6680 NDIS - ok
23:03:16.0300 6680 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:16.0302 6680 NdisCap - ok
23:03:16.0322 6680 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:16.0324 6680 NdisTapi - ok
23:03:16.0348 6680 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:16.0350 6680 Ndisuio - ok
23:03:16.0364 6680 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:16.0367 6680 NdisWan - ok
23:03:16.0381 6680 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:16.0383 6680 NDProxy - ok
23:03:16.0410 6680 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:16.0412 6680 NetBIOS - ok
23:03:16.0430 6680 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:16.0434 6680 NetBT - ok
23:03:16.0457 6680 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:03:16.0459 6680 Netlogon - ok
23:03:16.0489 6680 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:03:16.0496 6680 Netman - ok
23:03:16.0538 6680 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:03:16.0546 6680 netprofm - ok
23:03:16.0583 6680 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:16.0585 6680 NetTcpPortSharing - ok
23:03:16.0624 6680 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:03:16.0626 6680 nfrd960 - ok
23:03:16.0660 6680 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:16.0666 6680 NlaSvc - ok
23:03:16.0689 6680 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:16.0691 6680 Npfs - ok
23:03:16.0717 6680 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:03:16.0719 6680 nsi - ok
23:03:16.0737 6680 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:16.0738 6680 nsiproxy - ok
23:03:16.0800 6680 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:16.0833 6680 Ntfs - ok
23:03:16.0862 6680 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:03:16.0864 6680 Null - ok
23:03:17.0139 6680 [ 14C777444E3B0A01BE0FF48F1F3F1F42 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:17.0391 6680 nvlddmkm - ok
23:03:17.0413 6680 [ 3CBCDB9D73DBAB26744B01BE7732FC42 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
23:03:17.0414 6680 nvpciflt - ok
23:03:17.0447 6680 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:17.0450 6680 nvraid - ok
23:03:17.0475 6680 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:17.0478 6680 nvstor - ok
23:03:17.0532 6680 [ FAA8605D93ACDA06FC5D77F0E637885B ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:17.0535 6680 nvsvc - ok
23:03:17.0613 6680 [ 25CDB34CACC78903C8F0EC649F924A8A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:03:17.0659 6680 nvUpdatusService - ok
23:03:17.0674 6680 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:17.0676 6680 nv_agp - ok
23:03:17.0758 6680 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:17.0763 6680 odserv - ok
23:03:17.0783 6680 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:03:17.0785 6680 ohci1394 - ok
23:03:17.0823 6680 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:17.0826 6680 ose - ok
23:03:17.0852 6680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:17.0857 6680 p2pimsvc - ok
23:03:17.0895 6680 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:17.0902 6680 p2psvc - ok
23:03:17.0919 6680 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:03:17.0921 6680 Parport - ok
23:03:17.0961 6680 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:17.0964 6680 partmgr - ok
23:03:18.0024 6680 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
23:03:18.0026 6680 PassThru Service - ok
23:03:18.0052 6680 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:18.0056 6680 PcaSvc - ok
23:03:18.0098 6680 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:03:18.0099 6680 pccsmcfd - ok
23:03:18.0140 6680 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:03:18.0143 6680 pci - ok
23:03:18.0160 6680 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:18.0161 6680 pciide - ok
23:03:18.0174 6680 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:03:18.0177 6680 pcmcia - ok
23:03:18.0198 6680 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:18.0200 6680 pcw - ok
23:03:18.0224 6680 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:18.0232 6680 PEAUTH - ok
23:03:18.0359 6680 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:03:18.0362 6680 PerfHost - ok
23:03:18.0425 6680 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:03:18.0460 6680 pla - ok
23:03:18.0518 6680 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:18.0526 6680 PlugPlay - ok
23:03:18.0550 6680 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:18.0553 6680 PNRPAutoReg - ok
23:03:18.0574 6680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:18.0579 6680 PNRPsvc - ok
23:03:18.0609 6680 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:18.0618 6680 PolicyAgent - ok
23:03:18.0651 6680 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:03:18.0654 6680 Power - ok
23:03:18.0693 6680 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:18.0695 6680 PptpMiniport - ok
23:03:18.0708 6680 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:03:18.0710 6680 Processor - ok
23:03:18.0740 6680 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:18.0744 6680 ProfSvc - ok
23:03:18.0757 6680 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:18.0758 6680 ProtectedStorage - ok
23:03:18.0768 6680 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:18.0770 6680 Psched - ok
23:03:18.0817 6680 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:03:18.0853 6680 ql2300 - ok
23:03:18.0874 6680 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:03:18.0876 6680 ql40xx - ok
23:03:18.0905 6680 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:03:18.0910 6680 QWAVE - ok
23:03:18.0936 6680 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:18.0937 6680 QWAVEdrv - ok
23:03:18.0954 6680 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:18.0955 6680 RasAcd - ok
23:03:18.0986 6680 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:18.0988 6680 RasAgileVpn - ok
23:03:19.0015 6680 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:19.0018 6680 RasAuto - ok
23:03:19.0053 6680 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:19.0056 6680 Rasl2tp - ok
23:03:19.0073 6680 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:03:19.0081 6680 RasMan - ok
23:03:19.0092 6680 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:19.0094 6680 RasPppoe - ok
23:03:19.0107 6680 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:19.0109 6680 RasSstp - ok
23:03:19.0147 6680 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:19.0152 6680 rdbss - ok
23:03:19.0168 6680 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:03:19.0170 6680 rdpbus - ok
23:03:19.0189 6680 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:19.0190 6680 RDPCDD - ok
23:03:19.0222 6680 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:19.0223 6680 RDPENCDD - ok
23:03:19.0244 6680 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:19.0245 6680 RDPREFMP - ok
23:03:19.0277 6680 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:19.0280 6680 RDPWD - ok
23:03:19.0315 6680 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:19.0318 6680 rdyboost - ok
23:03:19.0343 6680 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:19.0345 6680 RemoteAccess - ok
23:03:19.0387 6680 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:19.0391 6680 RemoteRegistry - ok
23:03:19.0446 6680 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:19.0449 6680 RFCOMM - ok
23:03:19.0469 6680 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:19.0472 6680 RpcEptMapper - ok
23:03:19.0496 6680 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:03:19.0498 6680 RpcLocator - ok
23:03:19.0527 6680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:19.0532 6680 RpcSs - ok
23:03:19.0568 6680 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:19.0570 6680 rspndr - ok
23:03:19.0631 6680 [ 79BAD3E977966AF21DF982DEF5A99C76 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:03:19.0635 6680 RSUSBSTOR - ok
23:03:19.0706 6680 [ 0D2BB5612CC0AF08EDD08FF8E196A9A5 ] RtLedService C:\Program Files\Realtek\RtLED\RtLEDService.exe
23:03:19.0711 6680 RtLedService - ok
23:03:19.0735 6680 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:03:19.0737 6680 SamSs - ok
23:03:19.0759 6680 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:19.0761 6680 sbp2port - ok
23:03:19.0826 6680 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
23:03:19.0843 6680 SBSDWSCService - ok
23:03:19.0883 6680 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:19.0886 6680 SCardSvr - ok
23:03:19.0899 6680 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:19.0901 6680 scfilter - ok
23:03:19.0934 6680 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:03:19.0969 6680 Schedule - ok
23:03:20.0003 6680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:20.0004 6680 SCPolicySvc - ok
23:03:20.0034 6680 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:20.0038 6680 SDRSVC - ok
23:03:20.0069 6680 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:20.0071 6680 secdrv - ok
23:03:20.0082 6680 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:03:20.0085 6680 seclogon - ok
23:03:20.0101 6680 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:03:20.0104 6680 SENS - ok
23:03:20.0129 6680 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:20.0131 6680 SensrSvc - ok
23:03:20.0151 6680 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:03:20.0152 6680 Serenum - ok
23:03:20.0192 6680 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:03:20.0195 6680 Serial - ok
23:03:20.0221 6680 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:03:20.0223 6680 sermouse - ok
23:03:20.0275 6680 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
23:03:20.0283 6680 ServiceLayer - ok
23:03:20.0332 6680 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:20.0336 6680 SessionEnv - ok
23:03:20.0348 6680 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:20.0349 6680 sffdisk - ok
23:03:20.0362 6680 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:20.0363 6680 sffp_mmc - ok
23:03:20.0367 6680 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:20.0369 6680 sffp_sd - ok
23:03:20.0374 6680 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:03:20.0376 6680 sfloppy - ok
23:03:20.0403 6680 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:20.0407 6680 SharedAccess - ok
23:03:20.0426 6680 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:20.0431 6680 ShellHWDetection - ok
23:03:20.0461 6680 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:03:20.0463 6680 SiSRaid2 - ok
23:03:20.0495 6680 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:03:20.0497 6680 SiSRaid4 - ok
23:03:20.0563 6680 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:03:20.0566 6680 SkypeUpdate - ok
23:03:20.0588 6680 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:20.0591 6680 Smb - ok
23:03:20.0622 6680 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:20.0625 6680 SNMPTRAP - ok
23:03:20.0650 6680 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:20.0652 6680 spldr - ok
23:03:20.0693 6680 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:20.0701 6680 Spooler - ok
23:03:20.0782 6680 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:20.0867 6680 sppsvc - ok
23:03:20.0886 6680 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:20.0888 6680 sppuinotify - ok
23:03:20.0924 6680 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:20.0929 6680 srv - ok
23:03:20.0945 6680 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:20.0949 6680 srv2 - ok
23:03:20.0987 6680 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:20.0990 6680 srvnet - ok


Alt 09.03.2013, 17:06   #6
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Teil 2:
:03:21.0008 6680 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:21.0012 6680 SSDPSRV - ok
23:03:21.0023 6680 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:21.0026 6680 SstpSvc - ok
23:03:21.0050 6680 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:03:21.0051 6680 stexstor - ok
23:03:21.0078 6680 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:21.0086 6680 stisvc - ok
23:03:21.0096 6680 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:21.0098 6680 swenum - ok
23:03:21.0117 6680 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:03:21.0124 6680 swprv - ok
23:03:21.0168 6680 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:03:21.0211 6680 SysMain - ok
23:03:21.0229 6680 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:21.0232 6680 TabletInputService - ok
23:03:21.0255 6680 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:21.0260 6680 TapiSrv - ok
23:03:21.0279 6680 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:03:21.0281 6680 TBS - ok
23:03:21.0350 6680 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:21.0382 6680 Tcpip - ok
23:03:21.0418 6680 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:21.0428 6680 TCPIP6 - ok
23:03:21.0446 6680 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:21.0447 6680 tcpipreg - ok
23:03:21.0475 6680 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:21.0476 6680 TDPIPE - ok
23:03:21.0508 6680 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:21.0509 6680 TDTCP - ok
23:03:21.0521 6680 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:21.0523 6680 tdx - ok
23:03:21.0540 6680 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:21.0541 6680 TermDD - ok
23:03:21.0574 6680 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:03:21.0583 6680 TermService - ok
23:03:21.0595 6680 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:03:21.0598 6680 Themes - ok
23:03:21.0611 6680 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:21.0613 6680 THREADORDER - ok
23:03:21.0628 6680 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:03:21.0630 6680 TrkWks - ok
23:03:21.0686 6680 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:21.0689 6680 TrustedInstaller - ok
23:03:21.0712 6680 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:21.0713 6680 tssecsrv - ok
23:03:21.0748 6680 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:03:21.0749 6680 TsUsbFlt - ok
23:03:21.0753 6680 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:03:21.0757 6680 TsUsbGD - ok
23:03:21.0784 6680 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:21.0786 6680 tunnel - ok
23:03:21.0791 6680 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:03:21.0793 6680 uagp35 - ok
23:03:21.0808 6680 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:21.0812 6680 udfs - ok
23:03:21.0835 6680 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:21.0837 6680 UI0Detect - ok
23:03:21.0912 6680 [ 34859D3801F4BD3DACFA131DD928455A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
23:03:21.0913 6680 UimBus - ok
23:03:21.0965 6680 [ D3CE4776E7FFB25E6935B1C797F4650C ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
23:03:21.0973 6680 Uim_IM - ok
23:03:22.0046 6680 [ 532E4BED5C7803B2EE5681818B2528B7 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
23:03:22.0050 6680 Uim_VIM - ok
23:03:22.0074 6680 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:22.0076 6680 uliagpkx - ok
23:03:22.0120 6680 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:22.0122 6680 umbus - ok
23:03:22.0127 6680 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:03:22.0128 6680 UmPass - ok
23:03:22.0233 6680 [ 6FDB1CA1ADD261F893C90738EBA37197 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:03:22.0291 6680 UNS - ok
23:03:22.0325 6680 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:03:22.0331 6680 upnphost - ok
23:03:22.0362 6680 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:03:22.0364 6680 USBAAPL64 - ok
23:03:22.0391 6680 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:22.0393 6680 usbccgp - ok
23:03:22.0416 6680 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:22.0418 6680 usbcir - ok
23:03:22.0433 6680 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:03:22.0435 6680 usbehci - ok
23:03:22.0462 6680 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:22.0467 6680 usbhub - ok
23:03:22.0500 6680 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:03:22.0502 6680 usbohci - ok
23:03:22.0530 6680 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:22.0531 6680 usbprint - ok
23:03:22.0562 6680 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:03:22.0564 6680 usbscan - ok
23:03:22.0596 6680 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:22.0598 6680 USBSTOR - ok
23:03:22.0623 6680 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:03:22.0625 6680 usbuhci - ok
23:03:22.0663 6680 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:03:22.0666 6680 usbvideo - ok
23:03:22.0689 6680 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:03:22.0692 6680 UxSms - ok
23:03:22.0702 6680 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:03:22.0703 6680 VaultSvc - ok
23:03:22.0736 6680 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:03:22.0738 6680 vdrvroot - ok
23:03:22.0759 6680 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:03:22.0768 6680 vds - ok
23:03:22.0781 6680 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:22.0783 6680 vga - ok
23:03:22.0800 6680 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:22.0802 6680 VgaSave - ok
23:03:22.0809 6680 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:03:22.0813 6680 vhdmp - ok
23:03:22.0827 6680 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:03:22.0829 6680 viaide - ok
23:03:22.0844 6680 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:03:22.0845 6680 volmgr - ok
23:03:22.0869 6680 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:22.0874 6680 volmgrx - ok
23:03:22.0891 6680 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:03:22.0896 6680 volsnap - ok
23:03:22.0957 6680 [ E23BC9B12EF85B58083A6985F9BE3C44 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
23:03:22.0966 6680 vpnagent - ok
23:03:23.0020 6680 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys
23:03:23.0022 6680 vpnva - ok
23:03:23.0067 6680 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:03:23.0070 6680 vsmraid - ok
23:03:23.0127 6680 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:03:23.0158 6680 VSS - ok
23:03:23.0173 6680 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:03:23.0175 6680 vwifibus - ok
23:03:23.0193 6680 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:03:23.0195 6680 vwififlt - ok
23:03:23.0222 6680 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:03:23.0229 6680 W32Time - ok
23:03:23.0250 6680 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:03:23.0251 6680 WacomPen - ok
23:03:23.0282 6680 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:23.0284 6680 WANARP - ok
23:03:23.0288 6680 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:23.0289 6680 Wanarpv6 - ok
23:03:23.0332 6680 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:03:23.0364 6680 wbengine - ok
23:03:23.0386 6680 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:23.0390 6680 WbioSrvc - ok
23:03:23.0412 6680 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:23.0417 6680 wcncsvc - ok
23:03:23.0426 6680 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:23.0429 6680 WcsPlugInService - ok
23:03:23.0439 6680 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:03:23.0441 6680 Wd - ok
23:03:23.0486 6680 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:23.0495 6680 Wdf01000 - ok
23:03:23.0504 6680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:23.0510 6680 WdiServiceHost - ok
23:03:23.0515 6680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:23.0518 6680 WdiSystemHost - ok
23:03:23.0555 6680 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:03:23.0560 6680 WebClient - ok
23:03:23.0577 6680 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:23.0582 6680 Wecsvc - ok
23:03:23.0598 6680 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:23.0601 6680 wercplsupport - ok
23:03:23.0641 6680 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:23.0644 6680 WerSvc - ok
23:03:23.0690 6680 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:23.0691 6680 WfpLwf - ok
23:03:23.0710 6680 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:23.0711 6680 WIMMount - ok
23:03:23.0735 6680 WinDefend - ok
23:03:23.0739 6680 WinHttpAutoProxySvc - ok
23:03:23.0796 6680 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:03:23.0800 6680 Winmgmt - ok
23:03:23.0867 6680 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:03:23.0913 6680 WinRM - ok
23:03:23.0961 6680 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:23.0963 6680 WinUsb - ok
23:03:24.0025 6680 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:03:24.0059 6680 Wlansvc - ok
23:03:24.0128 6680 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:24.0130 6680 WmiAcpi - ok
23:03:24.0175 6680 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:03:24.0179 6680 wmiApSrv - ok
23:03:24.0217 6680 WMPNetworkSvc - ok
23:03:24.0240 6680 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:03:24.0243 6680 WPCSvc - ok
23:03:24.0253 6680 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:03:24.0261 6680 WPDBusEnum - ok
23:03:24.0300 6680 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:03:24.0303 6680 ws2ifsl - ok
23:03:24.0319 6680 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:03:24.0322 6680 wscsvc - ok
23:03:24.0326 6680 WSearch - ok
23:03:24.0378 6680 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
23:03:24.0380 6680 wsvd - ok
23:03:24.0448 6680 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:03:24.0515 6680 wuauserv - ok
23:03:24.0537 6680 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:03:24.0540 6680 WudfPf - ok
23:03:24.0575 6680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:24.0579 6680 WUDFRd - ok
23:03:24.0609 6680 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:03:24.0613 6680 wudfsvc - ok
23:03:24.0644 6680 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:03:24.0650 6680 WwanSvc - ok
23:03:24.0684 6680 ================ Scan global ===============================
23:03:24.0709 6680 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:24.0726 6680 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:24.0735 6680 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:24.0748 6680 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:24.0780 6680 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:24.0785 6680 [Global] - ok
23:03:24.0785 6680 ================ Scan MBR ==================================
23:03:24.0802 6680 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:03:25.0071 6680 \Device\Harddisk0\DR0 - ok
23:03:25.0072 6680 ================ Scan VBR ==================================
23:03:25.0076 6680 [ 7A30CA194938CBE23EDA44FC151D497D ] \Device\Harddisk0\DR0\Partition1
23:03:25.0079 6680 \Device\Harddisk0\DR0\Partition1 - ok
23:03:25.0112 6680 [ E481042C5AC2B595C2E248E3EA7D132E ] \Device\Harddisk0\DR0\Partition2
23:03:25.0114 6680 \Device\Harddisk0\DR0\Partition2 - ok
23:03:25.0115 6680 ============================================================
23:03:25.0115 6680 Scan finished
23:03:25.0115 6680 ============================================================
23:03:25.0136 7020 Detected object count: 0
23:03:25.0136 7020 Actual detected object count: 0
23:03:38.0463 6476 ============================================================
23:03:38.0463 6476 Scan started
23:03:38.0463 6476 Mode: Manual;
23:03:38.0463 6476 ============================================================
23:03:38.0683 6476 ================ Scan system memory ========================
23:03:38.0683 6476 System memory - ok
23:03:38.0684 6476 ================ Scan services =============================
23:03:38.0854 6476 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:03:38.0856 6476 1394ohci - ok
23:03:38.0882 6476 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:03:38.0886 6476 ACPI - ok
23:03:38.0893 6476 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:03:38.0894 6476 AcpiPmi - ok
23:03:38.0926 6476 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:03:38.0927 6476 ACPIVPC - ok
23:03:38.0953 6476 [ E5568164C070A4988BD79C896920B3C6 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
23:03:38.0955 6476 acsock - ok
23:03:39.0034 6476 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:03:39.0035 6476 AdobeARMservice - ok
23:03:39.0139 6476 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:03:39.0141 6476 AdobeFlashPlayerUpdateSvc - ok
23:03:39.0175 6476 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:03:39.0180 6476 adp94xx - ok
23:03:39.0204 6476 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:03:39.0207 6476 adpahci - ok
23:03:39.0233 6476 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:03:39.0235 6476 adpu320 - ok
23:03:39.0268 6476 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:03:39.0269 6476 AeLookupSvc - ok
23:03:39.0311 6476 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:03:39.0315 6476 AFD - ok
23:03:39.0343 6476 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:03:39.0343 6476 agp440 - ok
23:03:39.0364 6476 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:03:39.0365 6476 ALG - ok
23:03:39.0376 6476 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:03:39.0376 6476 aliide - ok
23:03:39.0392 6476 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:03:39.0392 6476 amdide - ok
23:03:39.0397 6476 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:03:39.0397 6476 AmdK8 - ok
23:03:39.0402 6476 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:03:39.0403 6476 AmdPPM - ok
23:03:39.0435 6476 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:03:39.0436 6476 amdsata - ok
23:03:39.0456 6476 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:03:39.0458 6476 amdsbs - ok
23:03:39.0491 6476 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:03:39.0492 6476 amdxata - ok
23:03:39.0568 6476 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:03:39.0570 6476 AntiVirSchedulerService - ok
23:03:39.0609 6476 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:03:39.0610 6476 AntiVirService - ok
23:03:39.0633 6476 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:03:39.0637 6476 AntiVirWebService - ok
23:03:39.0653 6476 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:03:39.0655 6476 AppID - ok
23:03:39.0677 6476 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:03:39.0678 6476 AppIDSvc - ok
23:03:39.0694 6476 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:03:39.0695 6476 Appinfo - ok
23:03:39.0742 6476 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:03:39.0743 6476 Apple Mobile Device - ok
23:03:39.0774 6476 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:03:39.0775 6476 arc - ok
23:03:39.0785 6476 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:03:39.0786 6476 arcsas - ok
23:03:39.0805 6476 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:39.0806 6476 AsyncMac - ok
23:03:39.0819 6476 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:03:39.0819 6476 atapi - ok
23:03:39.0864 6476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:39.0868 6476 AudioEndpointBuilder - ok
23:03:39.0885 6476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:03:39.0890 6476 AudioSrv - ok
23:03:39.0927 6476 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:03:39.0928 6476 avgntflt - ok
23:03:39.0943 6476 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:03:39.0944 6476 avipbb - ok
23:03:39.0952 6476 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:03:39.0953 6476 avkmgr - ok
23:03:39.0980 6476 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:03:39.0982 6476 AxInstSV - ok
23:03:40.0013 6476 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:03:40.0016 6476 b06bdrv - ok
23:03:40.0055 6476 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:40.0058 6476 b57nd60a - ok
23:03:40.0152 6476 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:03:40.0178 6476 BCM43XX - ok
23:03:40.0222 6476 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:03:40.0223 6476 BDESVC - ok
23:03:40.0268 6476 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:03:40.0269 6476 Beep - ok
23:03:40.0301 6476 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:03:40.0306 6476 BFE - ok
23:03:40.0343 6476 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:03:40.0348 6476 BITS - ok
23:03:40.0361 6476 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:40.0361 6476 blbdrive - ok
23:03:40.0427 6476 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:03:40.0432 6476 Bonjour Service - ok
23:03:40.0474 6476 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:03:40.0475 6476 bowser - ok
23:03:40.0499 6476 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:03:40.0500 6476 BrFiltLo - ok
23:03:40.0506 6476 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:03:40.0506 6476 BrFiltUp - ok
23:03:40.0547 6476 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:03:40.0548 6476 Browser - ok
23:03:40.0571 6476 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:03:40.0573 6476 Brserid - ok
23:03:40.0579 6476 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:40.0580 6476 BrSerWdm - ok
23:03:40.0586 6476 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:40.0587 6476 BrUsbMdm - ok
23:03:40.0594 6476 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:40.0594 6476 BrUsbSer - ok
23:03:40.0620 6476 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:03:40.0621 6476 BthEnum - ok
23:03:40.0630 6476 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:40.0631 6476 BTHMODEM - ok
23:03:40.0661 6476 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:03:40.0662 6476 BthPan - ok
23:03:40.0686 6476 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:03:40.0692 6476 BTHPORT - ok
23:03:40.0719 6476 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:03:40.0720 6476 bthserv - ok
23:03:40.0736 6476 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:03:40.0737 6476 BTHUSB - ok
23:03:40.0764 6476 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
23:03:40.0765 6476 btusbflt - ok
23:03:40.0794 6476 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:03:40.0795 6476 btwaudio - ok
23:03:40.0806 6476 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:03:40.0807 6476 btwavdt - ok
23:03:40.0877 6476 [ FA77B00B7B825DF75960691871CCA3FF ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
23:03:40.0886 6476 btwdins - ok
23:03:40.0904 6476 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:03:40.0904 6476 btwl2cap - ok
23:03:40.0921 6476 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:03:40.0922 6476 btwrchid - ok
23:03:40.0932 6476 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:03:40.0933 6476 cdfs - ok
23:03:40.0964 6476 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:03:40.0966 6476 cdrom - ok
23:03:40.0991 6476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:03:40.0992 6476 CertPropSvc - ok
23:03:41.0010 6476 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:03:41.0011 6476 circlass - ok
23:03:41.0039 6476 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:03:41.0042 6476 CLFS - ok
23:03:41.0101 6476 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:41.0103 6476 clr_optimization_v2.0.50727_32 - ok
23:03:41.0152 6476 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:03:41.0153 6476 clr_optimization_v2.0.50727_64 - ok
23:03:41.0212 6476 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:03:41.0214 6476 clr_optimization_v4.0.30319_32 - ok
23:03:41.0256 6476 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:03:41.0257 6476 clr_optimization_v4.0.30319_64 - ok
23:03:41.0281 6476 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:41.0282 6476 CmBatt - ok
23:03:41.0319 6476 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:03:41.0319 6476 cmdide - ok
23:03:41.0353 6476 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:03:41.0357 6476 CNG - ok
23:03:41.0376 6476 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:03:41.0376 6476 Compbatt - ok
23:03:41.0392 6476 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:41.0393 6476 CompositeBus - ok
23:03:41.0399 6476 COMSysApp - ok
23:03:41.0416 6476 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:03:41.0417 6476 crcdisk - ok
23:03:41.0446 6476 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:03:41.0448 6476 CryptSvc - ok
23:03:41.0482 6476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:03:41.0488 6476 DcomLaunch - ok
23:03:41.0515 6476 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:03:41.0517 6476 defragsvc - ok
23:03:41.0529 6476 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:03:41.0531 6476 DfsC - ok
23:03:41.0545 6476 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:03:41.0547 6476 Dhcp - ok
23:03:41.0585 6476 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:03:41.0585 6476 discache - ok
23:03:41.0594 6476 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:03:41.0595 6476 Disk - ok
23:03:41.0629 6476 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:03:41.0631 6476 Dnscache - ok
23:03:41.0664 6476 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:03:41.0666 6476 dot3svc - ok
23:03:41.0687 6476 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:03:41.0689 6476 DPS - ok
23:03:41.0720 6476 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:03:41.0720 6476 drmkaud - ok
23:03:41.0757 6476 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:03:41.0762 6476 DXGKrnl - ok
23:03:41.0800 6476 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:03:41.0801 6476 EapHost - ok
23:03:41.0893 6476 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:03:41.0920 6476 ebdrv - ok
23:03:41.0956 6476 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:03:41.0958 6476 EFS - ok
23:03:42.0032 6476 [ C49212D3D964B77D15755412CC55144C ] EgisTec Data Security Service C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
23:03:42.0036 6476 EgisTec Data Security Service - ok
23:03:42.0067 6476 [ FB74FD6A2CBB69926078645010B65943 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
23:03:42.0073 6476 EgisTec Service - ok
23:03:42.0135 6476 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:03:42.0143 6476 ehRecvr - ok
23:03:42.0162 6476 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:03:42.0163 6476 ehSched - ok
23:03:42.0200 6476 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:03:42.0203 6476 elxstor - ok
23:03:42.0222 6476 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:03:42.0223 6476 ErrDev - ok
23:03:42.0250 6476 [ F6AD6E0674EF94390F0554BF946977AF ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:03:42.0251 6476 ETD - ok
23:03:42.0295 6476 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:03:42.0298 6476 EventSystem - ok
23:03:42.0318 6476 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:03:42.0319 6476 exfat - ok
23:03:42.0347 6476 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:03:42.0349 6476 fastfat - ok
23:03:42.0376 6476 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:03:42.0381 6476 Fax - ok
23:03:42.0386 6476 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:03:42.0387 6476 fdc - ok
23:03:42.0397 6476 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:03:42.0398 6476 fdPHost - ok
23:03:42.0412 6476 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:03:42.0413 6476 FDResPub - ok
23:03:42.0433 6476 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:03:42.0433 6476 FileInfo - ok
23:03:42.0448 6476 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:03:42.0448 6476 Filetrace - ok
23:03:42.0469 6476 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:03:42.0469 6476 flpydisk - ok
23:03:42.0486 6476 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:03:42.0488 6476 FltMgr - ok
23:03:42.0534 6476 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:03:42.0541 6476 FontCache - ok
23:03:42.0588 6476 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:03:42.0588 6476 FontCache3.0.0.0 - ok
23:03:42.0626 6476 [ 54A9C5A6AA0BB0041A4AF7172FFC3D9F ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
23:03:42.0626 6476 FPSensor - ok
23:03:42.0644 6476 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:03:42.0645 6476 FsDepends - ok
23:03:42.0675 6476 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:42.0675 6476 Fs_Rec - ok
23:03:42.0693 6476 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:03:42.0695 6476 fvevol - ok
23:03:42.0713 6476 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:03:42.0713 6476 gagp30kx - ok
23:03:42.0745 6476 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:42.0746 6476 GEARAspiWDM - ok
23:03:42.0785 6476 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:42.0791 6476 gpsvc - ok
23:03:42.0871 6476 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:42.0872 6476 gupdate - ok
23:03:42.0877 6476 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:42.0878 6476 gupdatem - ok
23:03:42.0905 6476 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:03:42.0906 6476 gusvc - ok
23:03:42.0923 6476 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:03:42.0924 6476 hcw85cir - ok
23:03:42.0961 6476 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:42.0964 6476 HdAudAddService - ok
23:03:42.0998 6476 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:42.0999 6476 HDAudBus - ok
23:03:43.0030 6476 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:03:43.0031 6476 HECIx64 - ok
23:03:43.0036 6476 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:03:43.0037 6476 HidBatt - ok
23:03:43.0053 6476 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:03:43.0054 6476 HidBth - ok
23:03:43.0060 6476 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:03:43.0061 6476 HidIr - ok
23:03:43.0080 6476 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:03:43.0082 6476 hidserv - ok
23:03:43.0093 6476 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:43.0094 6476 HidUsb - ok
23:03:43.0117 6476 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:43.0119 6476 hkmsvc - ok
23:03:43.0134 6476 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:43.0136 6476 HomeGroupListener - ok
23:03:43.0175 6476 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:43.0177 6476 HomeGroupProvider - ok
23:03:43.0193 6476 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:03:43.0193 6476 HpSAMD - ok
23:03:43.0228 6476 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
23:03:43.0229 6476 htcnprot - ok
23:03:43.0272 6476 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:43.0277 6476 HTTP - ok
23:03:43.0300 6476 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:03:43.0301 6476 hwpolicy - ok
23:03:43.0320 6476 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:43.0321 6476 i8042prt - ok
23:03:43.0360 6476 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:03:43.0364 6476 iaStor - ok
23:03:43.0429 6476 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:03:43.0429 6476 IAStorDataMgrSvc - ok
23:03:43.0464 6476 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:03:43.0468 6476 iaStorV - ok
23:03:43.0519 6476 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:03:43.0526 6476 idsvc - ok
23:03:43.0801 6476 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:03:43.0855 6476 igfx - ok
23:03:43.0876 6476 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:03:43.0876 6476 iirsp - ok
23:03:43.0933 6476 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:43.0942 6476 IKEEXT - ok
23:03:44.0031 6476 [ DAECB75C7C2A4BDEAFEAD19A6FD327C5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:03:44.0049 6476 IntcAzAudAddService - ok
23:03:44.0082 6476 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:03:44.0082 6476 intelide - ok
23:03:44.0097 6476 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:44.0097 6476 intelppm - ok
23:03:44.0124 6476 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:44.0125 6476 IPBusEnum - ok
23:03:44.0144 6476 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:44.0145 6476 IpFilterDriver - ok
23:03:44.0185 6476 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:44.0189 6476 iphlpsvc - ok
23:03:44.0209 6476 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:03:44.0210 6476 IPMIDRV - ok
23:03:44.0226 6476 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:03:44.0227 6476 IPNAT - ok
23:03:44.0259 6476 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:03:44.0262 6476 iPod Service - ok
23:03:44.0285 6476 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:44.0286 6476 IRENUM - ok
23:03:44.0303 6476 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:03:44.0304 6476 isapnp - ok
23:03:44.0322 6476 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:03:44.0323 6476 iScsiPrt - ok
23:03:44.0359 6476 [ 1E4B623259E1093D1A6FE96AB5CB2E46 ] JmUsbCcgp C:\Windows\system32\DRIVERS\jmccgp.sys
23:03:44.0360 6476 JmUsbCcgp - ok
23:03:44.0393 6476 [ 244D5F8EAABFF576340D0326AD93BE15 ] JmUsbVideo C:\Windows\system32\Drivers\jmcam.sys
23:03:44.0394 6476 JmUsbVideo - ok
23:03:44.0406 6476 [ 1FA3D7FE63456321BDF50908E803E2B7 ] JmUsbVideo2 C:\Windows\system32\Drivers\jmcam_lo.sys
23:03:44.0407 6476 JmUsbVideo2 - ok
23:03:44.0414 6476 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:44.0415 6476 kbdclass - ok
23:03:44.0438 6476 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:03:44.0439 6476 kbdhid - ok
23:03:44.0456 6476 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:03:44.0458 6476 KeyIso - ok
23:03:44.0485 6476 [ 3209D40399078C1091398F43215EDD1A ] KOBCCID C:\Windows\system32\drivers\KOBCCID.sys
23:03:44.0486 6476 KOBCCID - ok
23:03:44.0519 6476 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:44.0520 6476 KSecDD - ok
23:03:44.0540 6476 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:03:44.0542 6476 KSecPkg - ok
23:03:44.0572 6476 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:03:44.0573 6476 ksthunk - ok
23:03:44.0602 6476 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:44.0606 6476 KtmRm - ok
23:03:44.0639 6476 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:03:44.0640 6476 L1C - ok
23:03:44.0672 6476 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:03:44.0675 6476 LanmanServer - ok
23:03:44.0694 6476 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:44.0696 6476 LanmanWorkstation - ok
23:03:44.0734 6476 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
23:03:44.0735 6476 LHDmgr - ok
23:03:44.0763 6476 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:44.0764 6476 lltdio - ok
23:03:44.0790 6476 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:44.0794 6476 lltdsvc - ok
23:03:44.0809 6476 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:44.0810 6476 lmhosts - ok
23:03:44.0875 6476 [ 0B4F38AA22D5634C48EDB18FE257F005 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:03:44.0878 6476 LMS - ok
23:03:44.0903 6476 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:03:44.0905 6476 LSI_FC - ok
23:03:44.0938 6476 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:03:44.0939 6476 LSI_SAS - ok
23:03:44.0952 6476 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:03:44.0953 6476 LSI_SAS2 - ok
23:03:44.0968 6476 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:03:44.0970 6476 LSI_SCSI - ok
23:03:44.0987 6476 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:44.0988 6476 luafv - ok
23:03:45.0101 6476 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
23:03:45.0103 6476 McComponentHostService - ok
23:03:45.0133 6476 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:45.0135 6476 Mcx2Svc - ok
23:03:45.0153 6476 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:03:45.0154 6476 megasas - ok
23:03:45.0178 6476 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:03:45.0180 6476 MegaSR - ok
23:03:45.0199 6476 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:03:45.0201 6476 MMCSS - ok
23:03:45.0211 6476 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:03:45.0212 6476 Modem - ok
23:03:45.0229 6476 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:45.0230 6476 monitor - ok
23:03:45.0248 6476 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:45.0249 6476 mouclass - ok
23:03:45.0261 6476 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:45.0262 6476 mouhid - ok
23:03:45.0280 6476 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:03:45.0281 6476 mountmgr - ok
23:03:45.0334 6476 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:03:45.0335 6476 MozillaMaintenance - ok
23:03:45.0354 6476 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:03:45.0355 6476 mpio - ok
23:03:45.0376 6476 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:45.0377 6476 mpsdrv - ok
23:03:45.0409 6476 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:45.0414 6476 MpsSvc - ok
23:03:45.0432 6476 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:45.0433 6476 MRxDAV - ok
23:03:45.0468 6476 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:45.0470 6476 mrxsmb - ok
23:03:45.0485 6476 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:45.0487 6476 mrxsmb10 - ok
23:03:45.0529 6476 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:45.0531 6476 mrxsmb20 - ok
23:03:45.0553 6476 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:45.0553 6476 msahci - ok
23:03:45.0567 6476 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:45.0568 6476 msdsm - ok
23:03:45.0605 6476 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:45.0608 6476 MSDTC - ok
23:03:45.0625 6476 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:45.0626 6476 Msfs - ok
23:03:45.0645 6476 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:45.0645 6476 mshidkmdf - ok
23:03:45.0658 6476 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:45.0659 6476 msisadrv - ok
23:03:45.0690 6476 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:45.0692 6476 MSiSCSI - ok
23:03:45.0696 6476 msiserver - ok
23:03:45.0713 6476 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:45.0714 6476 MSKSSRV - ok
23:03:45.0725 6476 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:45.0726 6476 MSPCLOCK - ok
23:03:45.0731 6476 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:45.0732 6476 MSPQM - ok
23:03:45.0756 6476 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:45.0758 6476 MsRPC - ok
23:03:45.0778 6476 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:45.0779 6476 mssmbios - ok
23:03:45.0799 6476 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:45.0800 6476 MSTEE - ok
23:03:45.0804 6476 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:03:45.0805 6476 MTConfig - ok
23:03:45.0820 6476 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:45.0821 6476 Mup - ok
23:03:45.0854 6476 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:03:45.0855 6476 mwlPSDFilter - ok
23:03:45.0870 6476 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:03:45.0871 6476 mwlPSDNServ - ok
23:03:45.0887 6476 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:03:45.0888 6476 mwlPSDVDisk - ok
23:03:45.0924 6476 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:03:45.0928 6476 napagent - ok
23:03:45.0951 6476 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:45.0953 6476 NativeWifiP - ok
23:03:46.0005 6476 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:46.0011 6476 NDIS - ok
23:03:46.0033 6476 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:46.0034 6476 NdisCap - ok
23:03:46.0044 6476 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:46.0045 6476 NdisTapi - ok
23:03:46.0059 6476 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:46.0060 6476 Ndisuio - ok
23:03:46.0074 6476 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:46.0076 6476 NdisWan - ok
23:03:46.0091 6476 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:46.0092 6476 NDProxy - ok
23:03:46.0109 6476 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:46.0110 6476 NetBIOS - ok
23:03:46.0129 6476 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:46.0131 6476 NetBT - ok
23:03:46.0145 6476 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:03:46.0147 6476 Netlogon - ok
23:03:46.0177 6476 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:03:46.0181 6476 Netman - ok
23:03:46.0192 6476 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:03:46.0196 6476 netprofm - ok
23:03:46.0215 6476 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:46.0217 6476 NetTcpPortSharing - ok
23:03:46.0246 6476 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:03:46.0246 6476 nfrd960 - ok
23:03:46.0270 6476 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:46.0272 6476 NlaSvc - ok
23:03:46.0288 6476 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:46.0289 6476 Npfs - ok
23:03:46.0317 6476 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:03:46.0318 6476 nsi - ok
23:03:46.0336 6476 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:46.0337 6476 nsiproxy - ok
23:03:46.0399 6476 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:46.0407 6476 Ntfs - ok
23:03:46.0439 6476 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:03:46.0440 6476 Null - ok
23:03:46.0690 6476 [ 14C777444E3B0A01BE0FF48F1F3F1F42 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:46.0745 6476 nvlddmkm - ok
23:03:46.0767 6476 [ 3CBCDB9D73DBAB26744B01BE7732FC42 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
23:03:46.0768 6476 nvpciflt - ok
23:03:46.0779 6476 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:46.0780 6476 nvraid - ok
23:03:46.0807 6476 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:46.0808 6476 nvstor - ok
23:03:46.0841 6476 [ FAA8605D93ACDA06FC5D77F0E637885B ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:46.0843 6476 nvsvc - ok
23:03:46.0910 6476 [ 25CDB34CACC78903C8F0EC649F924A8A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:03:46.0919 6476 nvUpdatusService - ok
23:03:46.0939 6476 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:46.0940 6476 nv_agp - ok
23:03:47.0025 6476 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:47.0029 6476 odserv - ok
23:03:47.0049 6476 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:03:47.0050 6476 ohci1394 - ok
23:03:47.0089 6476 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:47.0091 6476 ose - ok
23:03:47.0118 6476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:47.0123 6476 p2pimsvc - ok
23:03:47.0161 6476 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:47.0166 6476 p2psvc - ok
23:03:47.0185 6476 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:03:47.0186 6476 Parport - ok
23:03:47.0222 6476 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:47.0223 6476 partmgr - ok
23:03:47.0268 6476 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
23:03:47.0269 6476 PassThru Service - ok
23:03:47.0296 6476 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:47.0298 6476 PcaSvc - ok
23:03:47.0330 6476 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:03:47.0331 6476 pccsmcfd - ok
23:03:47.0361 6476 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:03:47.0363 6476 pci - ok
23:03:47.0381 6476 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:47.0382 6476 pciide - ok
23:03:47.0396 6476 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:03:47.0398 6476 pcmcia - ok
23:03:47.0420 6476 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:47.0421 6476 pcw - ok
23:03:47.0447 6476 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:47.0451 6476 PEAUTH - ok
23:03:47.0536 6476 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:03:47.0538 6476 PerfHost - ok
23:03:47.0602 6476 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:03:47.0613 6476 pla - ok
23:03:47.0650 6476 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:47.0655 6476 PlugPlay - ok
23:03:47.0671 6476 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:47.0673 6476 PNRPAutoReg - ok
23:03:47.0696 6476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:47.0700 6476 PNRPsvc - ok
23:03:47.0730 6476 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:47.0733 6476 PolicyAgent - ok
23:03:47.0761 6476 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:03:47.0764 6476 Power - ok
23:03:47.0792 6476 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:47.0794 6476 PptpMiniport - ok
23:03:47.0807 6476 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:03:47.0808 6476 Processor - ok
23:03:47.0840 6476 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:47.0842 6476 ProfSvc - ok
23:03:47.0856 6476 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:47.0857 6476 ProtectedStorage - ok
23:03:47.0867 6476 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:47.0868 6476 Psched - ok
23:03:47.0903 6476 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:03:47.0910 6476 ql2300 - ok
23:03:47.0929 6476 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:03:47.0930 6476 ql40xx - ok
23:03:47.0949 6476 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:03:47.0952 6476 QWAVE - ok
23:03:47.0979 6476 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:47.0980 6476 QWAVEdrv - ok
23:03:47.0997 6476 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:47.0998 6476 RasAcd - ok
23:03:48.0019 6476 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:48.0020 6476 RasAgileVpn - ok
23:03:48.0037 6476 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:48.0039 6476 RasAuto - ok
23:03:48.0052 6476 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:48.0053 6476 Rasl2tp - ok
23:03:48.0071 6476 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:03:48.0074 6476 RasMan - ok
23:03:48.0091 6476 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:48.0092 6476 RasPppoe - ok
23:03:48.0106 6476 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:48.0107 6476 RasSstp - ok
23:03:48.0147 6476 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:48.0149 6476 rdbss - ok
23:03:48.0168 6476 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:03:48.0168 6476 rdpbus - ok
23:03:48.0188 6476 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:48.0189 6476 RDPCDD - ok
23:03:48.0199 6476 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:48.0200 6476 RDPENCDD - ok
23:03:48.0221 6476 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:48.0222 6476 RDPREFMP - ok
23:03:48.0252 6476 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:48.0254 6476 RDPWD - ok
23:03:48.0280 6476 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:48.0282 6476 rdyboost - ok
23:03:48.0319 6476 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:48.0321 6476 RemoteAccess - ok
23:03:48.0363 6476 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:48.0365 6476 RemoteRegistry - ok
23:03:48.0411 6476 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:48.0412 6476 RFCOMM - ok
23:03:48.0423 6476 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:48.0425 6476 RpcEptMapper - ok
23:03:48.0450 6476 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:03:48.0451 6476 RpcLocator - ok
23:03:48.0481 6476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:48.0486 6476 RpcSs - ok
23:03:48.0511 6476 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:48.0512 6476 rspndr - ok
23:03:48.0551 6476 [ 79BAD3E977966AF21DF982DEF5A99C76 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:03:48.0553 6476 RSUSBSTOR - ok
23:03:48.0616 6476 [ 0D2BB5612CC0AF08EDD08FF8E196A9A5 ] RtLedService C:\Program Files\Realtek\RtLED\RtLEDService.exe
23:03:48.0620 6476 RtLedService - ok
23:03:48.0634 6476 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:03:48.0636 6476 SamSs - ok
23:03:48.0657 6476 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:48.0659 6476 sbp2port - ok
23:03:48.0716 6476 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
23:03:48.0726 6476 SBSDWSCService - ok
23:03:48.0770 6476 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:48.0774 6476 SCardSvr - ok
23:03:48.0786 6476 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:48.0787 6476 scfilter - ok
23:03:48.0823 6476 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:03:48.0834 6476 Schedule - ok
23:03:48.0868 6476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:48.0869 6476 SCPolicySvc - ok
23:03:48.0887 6476 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:48.0889 6476 SDRSVC - ok
23:03:48.0912 6476 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:48.0913 6476 secdrv - ok
23:03:48.0925 6476 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:03:48.0927 6476 seclogon - ok
23:03:48.0943 6476 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:03:48.0945 6476 SENS - ok
23:03:48.0960 6476 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:48.0962 6476 SensrSvc - ok
23:03:48.0971 6476 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:03:48.0972 6476 Serenum - ok
23:03:48.0991 6476 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:03:48.0992 6476 Serial - ok
23:03:48.0996 6476 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:03:48.0997 6476 sermouse - ok
23:03:49.0039 6476 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
23:03:49.0044 6476 ServiceLayer - ok
23:03:49.0075 6476 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:49.0077 6476 SessionEnv - ok
23:03:49.0091 6476 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:49.0091 6476 sffdisk - ok
23:03:49.0104 6476 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:49.0105 6476 sffp_mmc - ok
23:03:49.0109 6476 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:49.0109 6476 sffp_sd - ok
23:03:49.0115 6476 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:03:49.0115 6476 sfloppy - ok
23:03:49.0145 6476 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:49.0148 6476 SharedAccess - ok
23:03:49.0169 6476 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:49.0172 6476 ShellHWDetection - ok
23:03:49.0193 6476 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:03:49.0193 6476 SiSRaid2 - ok
23:03:49.0215 6476 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:03:49.0216 6476 SiSRaid4 - ok
23:03:49.0249 6476 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:03:49.0250 6476 SkypeUpdate - ok
23:03:49.0264 6476 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:49.0265 6476 Smb - ok
23:03:49.0287 6476 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:49.0289 6476 SNMPTRAP - ok
23:03:49.0304 6476 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:49.0305 6476 spldr - ok
23:03:49.0346 6476 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:49.0349 6476 Spooler - ok
23:03:49.0426 6476 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:49.0447 6476 sppsvc - ok
23:03:49.0473 6476 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:49.0475 6476 sppuinotify - ok
23:03:49.0511 6476 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:49.0514 6476 srv - ok
23:03:49.0532 6476 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:49.0534 6476 srv2 - ok
23:03:49.0574 6476 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:49.0575 6476 srvnet - ok
23:03:49.0595 6476 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:49.0597 6476 SSDPSRV - ok
23:03:49.0610 6476 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:49.0611 6476 SstpSvc - ok
23:03:49.0637 6476 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:03:49.0638 6476 stexstor - ok
23:03:49.0665 6476 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:49.0669 6476 stisvc - ok
23:03:49.0684 6476 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:49.0684 6476 swenum - ok
23:03:49.0704 6476 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:03:49.0709 6476 swprv - ok
23:03:49.0756 6476 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:03:49.0768 6476 SysMain - ok
23:03:49.0783 6476 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:49.0784 6476 TabletInputService - ok
23:03:49.0809 6476 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:49.0812 6476 TapiSrv - ok
23:03:49.0822 6476 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:03:49.0824 6476 TBS - ok
23:03:49.0893 6476 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:49.0903 6476 Tcpip - ok
23:03:49.0970 6476 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:49.0987 6476 TCPIP6 - ok
23:03:50.0022 6476 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:50.0023 6476 tcpipreg - ok
23:03:50.0051 6476 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:50.0052 6476 TDPIPE - ok
23:03:50.0084 6476 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:50.0084 6476 TDTCP - ok
23:03:50.0108 6476 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:50.0109 6476 tdx - ok
23:03:50.0127 6476 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:50.0128 6476 TermDD - ok
23:03:50.0161 6476 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:03:50.0167 6476 TermService - ok
23:03:50.0183 6476 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:03:50.0185 6476 Themes - ok
23:03:50.0198 6476 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:50.0200 6476 THREADORDER - ok
23:03:50.0215 6476 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:03:50.0217 6476 TrkWks - ok
23:03:50.0274 6476 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:50.0275 6476 TrustedInstaller - ok
23:03:50.0299 6476 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:50.0300 6476 tssecsrv - ok
23:03:50.0313 6476 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:03:50.0314 6476 TsUsbFlt - ok
23:03:50.0317 6476 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:03:50.0318 6476 TsUsbGD - ok
23:03:50.0338 6476 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:50.0340 6476 tunnel - ok
23:03:50.0345 6476 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:03:50.0345 6476 uagp35 - ok
23:03:50.0362 6476 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:50.0364 6476 udfs - ok
23:03:50.0400 6476 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:50.0401 6476 UI0Detect - ok
23:03:50.0432 6476 [ 34859D3801F4BD3DACFA131DD928455A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
23:03:50.0433 6476 UimBus - ok
23:03:50.0463 6476 [ D3CE4776E7FFB25E6935B1C797F4650C ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
23:03:50.0467 6476 Uim_IM - ok
23:03:50.0489 6476 [ 532E4BED5C7803B2EE5681818B2528B7 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
23:03:50.0491 6476 Uim_VIM - ok
23:03:50.0506 6476 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:50.0506 6476 uliagpkx - ok
23:03:50.0529 6476 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:50.0530 6476 umbus - ok
23:03:50.0534 6476 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:03:50.0535 6476 UmPass - ok
23:03:50.0613 6476 [ 6FDB1CA1ADD261F893C90738EBA37197 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:03:50.0628 6476 UNS - ok
23:03:50.0679 6476 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:03:50.0682 6476 upnphost - ok
23:03:50.0705 6476 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:03:50.0706 6476 USBAAPL64 - ok
23:03:50.0734 6476 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:50.0735 6476 usbccgp - ok
23:03:50.0758 6476 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:50.0759 6476 usbcir - ok
23:03:50.0776 6476 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:03:50.0777 6476 usbehci - ok
23:03:50.0793 6476 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:50.0796 6476 usbhub - ok
23:03:50.0810 6476 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:03:50.0810 6476 usbohci - ok
23:03:50.0828 6476 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:50.0829 6476 usbprint - ok
23:03:50.0850 6476 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:03:50.0850 6476 usbscan - ok
23:03:50.0883 6476 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:50.0884 6476 USBSTOR - ok
23:03:50.0910 6476 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:03:50.0911 6476 usbuhci - ok
23:03:50.0950 6476 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:03:50.0951 6476 usbvideo - ok
23:03:50.0976 6476 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:03:50.0979 6476 UxSms - ok
23:03:50.0989 6476 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:03:50.0991 6476 VaultSvc - ok
23:03:51.0012 6476 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:03:51.0013 6476 vdrvroot - ok
23:03:51.0035 6476 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:03:51.0041 6476 vds - ok
23:03:51.0058 6476 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:51.0058 6476 vga - ok
23:03:51.0076 6476 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:51.0077 6476 VgaSave - ok
23:03:51.0087 6476 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:03:51.0088 6476 vhdmp - ok
23:03:51.0104 6476 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:03:51.0104 6476 viaide - ok
23:03:51.0120 6476 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:03:51.0120 6476 volmgr - ok
23:03:51.0145 6476 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:51.0147 6476 volmgrx - ok
23:03:51.0167 6476 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:03:51.0169 6476 volsnap - ok
23:03:51.0222 6476 [ E23BC9B12EF85B58083A6985F9BE3C44 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
23:03:51.0227 6476 vpnagent - ok
23:03:51.0273 6476 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys
23:03:51.0274 6476 vpnva - ok
23:03:51.0310 6476 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:03:51.0311 6476 vsmraid - ok
23:03:51.0360 6476 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:03:51.0372 6476 VSS - ok
23:03:51.0382 6476 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:03:51.0383 6476 vwifibus - ok
23:03:51.0402 6476 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:03:51.0403 6476 vwififlt - ok
23:03:51.0420 6476 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:03:51.0423 6476 W32Time - ok
23:03:51.0437 6476 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:03:51.0437 6476 WacomPen - ok
23:03:51.0458 6476 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:51.0459 6476 WANARP - ok
23:03:51.0462 6476 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:51.0463 6476 Wanarpv6 - ok
23:03:51.0507 6476 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:03:51.0515 6476 wbengine - ok
23:03:51.0528 6476 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:51.0531 6476 WbioSrvc - ok
23:03:51.0553 6476 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:51.0556 6476 wcncsvc - ok
23:03:51.0569 6476 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:51.0571 6476 WcsPlugInService - ok
23:03:51.0582 6476 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:03:51.0583 6476 Wd - ok
23:03:51.0629 6476 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:51.0633 6476 Wdf01000 - ok
23:03:51.0647 6476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:51.0649 6476 WdiServiceHost - ok
23:03:51.0653 6476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:51.0655 6476 WdiSystemHost - ok
23:03:51.0686 6476 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:03:51.0689 6476 WebClient - ok
23:03:51.0709 6476 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:51.0712 6476 Wecsvc - ok
23:03:51.0730 6476 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:51.0732 6476 wercplsupport - ok
23:03:51.0750 6476 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:51.0752 6476 WerSvc - ok
23:03:51.0777 6476 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:51.0778 6476 WfpLwf - ok
23:03:51.0797 6476 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:51.0798 6476 WIMMount - ok
23:03:51.0822 6476 WinDefend - ok
23:03:51.0827 6476 WinHttpAutoProxySvc - ok
23:03:51.0882 6476 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:03:51.0885 6476 Winmgmt - ok
23:03:51.0947 6476 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:03:51.0965 6476 WinRM - ok
23:03:52.0004 6476 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:52.0004 6476 WinUsb - ok
23:03:52.0042 6476 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:03:52.0048 6476 Wlansvc - ok
23:03:52.0071 6476 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:52.0071 6476 WmiAcpi - ok
23:03:52.0106 6476 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:03:52.0108 6476 wmiApSrv - ok
23:03:52.0127 6476 WMPNetworkSvc - ok
23:03:52.0149 6476 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:03:52.0151 6476 WPCSvc - ok
23:03:52.0162 6476 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:03:52.0165 6476 WPDBusEnum - ok
23:03:52.0198 6476 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:03:52.0199 6476 ws2ifsl - ok
23:03:52.0217 6476 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:03:52.0220 6476 wscsvc - ok
23:03:52.0223 6476 WSearch - ok
23:03:52.0254 6476 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
23:03:52.0255 6476 wsvd - ok
23:03:52.0325 6476 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:03:52.0341 6476 wuauserv - ok
23:03:52.0391 6476 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:03:52.0393 6476 WudfPf - ok
23:03:52.0417 6476 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:52.0420 6476 WUDFRd - ok
23:03:52.0452 6476 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:03:52.0455 6476 wudfsvc - ok
23:03:52.0487 6476 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:03:52.0491 6476 WwanSvc - ok
23:03:52.0506 6476 ================ Scan global ===============================
23:03:52.0529 6476 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:52.0548 6476 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:52.0557 6476 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:52.0569 6476 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:52.0600 6476 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:52.0603 6476 [Global] - ok
23:03:52.0604 6476 ================ Scan MBR ==================================
23:03:52.0611 6476 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:03:52.0873 6476 \Device\Harddisk0\DR0 - ok
23:03:52.0874 6476 ================ Scan VBR ==================================
23:03:52.0878 6476 [ 7A30CA194938CBE23EDA44FC151D497D ] \Device\Harddisk0\DR0\Partition1
23:03:52.0880 6476 \Device\Harddisk0\DR0\Partition1 - ok
23:03:52.0910 6476 [ E481042C5AC2B595C2E248E3EA7D132E ] \Device\Harddisk0\DR0\Partition2
23:03:52.0913 6476 \Device\Harddisk0\DR0\Partition2 - ok
23:03:52.0914 6476 ============================================================
23:03:52.0914 6476 Scan finished
23:03:52.0914 6476 ============================================================
23:03:52.0930 3564 Detected object count: 0
23:03:52.0930 3564 Actual detected object count: 0
23:04:31.0135 6456 ============================================================
23:04:31.0135 6456 Scan started
23:04:31.0135 6456 Mode: Manual; SigCheck; TDLFS;
23:04:31.0135 6456 ============================================================
23:04:31.0371 6456 ================ Scan system memory ========================
23:04:31.0371 6456 System memory - ok
23:04:31.0371 6456 ================ Scan services =============================
23:04:31.0552 6456 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:04:31.0675 6456 1394ohci - ok
23:04:31.0690 6456 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:04:31.0706 6456 ACPI - ok
23:04:31.0728 6456 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:04:31.0809 6456 AcpiPmi - ok
23:04:31.0846 6456 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:04:31.0895 6456 ACPIVPC - ok
23:04:31.0929 6456 [ E5568164C070A4988BD79C896920B3C6 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
23:04:31.0945 6456 acsock - ok
23:04:32.0021 6456 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:04:32.0035 6456 AdobeARMservice - ok
23:04:32.0136 6456 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:04:32.0162 6456 AdobeFlashPlayerUpdateSvc - ok
23:04:32.0205 6456 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:04:32.0227 6456 adp94xx - ok
23:04:32.0256 6456 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:04:32.0276 6456 adpahci - ok
23:04:32.0286 6456 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:04:32.0298 6456 adpu320 - ok
23:04:32.0321 6456 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:04:32.0477 6456 AeLookupSvc - ok
23:04:32.0518 6456 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:04:32.0575 6456 AFD - ok
23:04:32.0596 6456 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:04:32.0616 6456 agp440 - ok
23:04:32.0651 6456 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:04:32.0729 6456 ALG - ok
23:04:32.0752 6456 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:04:32.0762 6456 aliide - ok
23:04:32.0790 6456 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:04:32.0800 6456 amdide - ok
23:04:32.0811 6456 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:04:32.0853 6456 AmdK8 - ok
23:04:32.0866 6456 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:04:32.0905 6456 AmdPPM - ok
23:04:32.0922 6456 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:04:32.0937 6456 amdsata - ok
23:04:32.0999 6456 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:04:33.0023 6456 amdsbs - ok
23:04:33.0045 6456 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:04:33.0056 6456 amdxata - ok
23:04:33.0133 6456 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:04:33.0174 6456 AntiVirSchedulerService - ok
23:04:33.0207 6456 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:04:33.0222 6456 AntiVirService - ok
23:04:33.0242 6456 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:04:33.0264 6456 AntiVirWebService - ok
23:04:33.0284 6456 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:04:33.0462 6456 AppID - ok
23:04:33.0487 6456 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:04:33.0552 6456 AppIDSvc - ok
23:04:33.0570 6456 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:04:33.0637 6456 Appinfo - ok
23:04:33.0685 6456 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:04:33.0695 6456 Apple Mobile Device - ok
23:04:33.0727 6456 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:04:33.0740 6456 arc - ok
23:04:33.0749 6456 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:04:33.0761 6456 arcsas - ok
23:04:33.0770 6456 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:04:33.0832 6456 AsyncMac - ok
23:04:33.0850 6456 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:04:33.0860 6456 atapi - ok
23:04:33.0894 6456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:04:33.0983 6456 AudioEndpointBuilder - ok
23:04:34.0005 6456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:04:34.0046 6456 AudioSrv - ok
23:04:34.0081 6456 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:04:34.0092 6456 avgntflt - ok
23:04:34.0108 6456 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:04:34.0119 6456 avipbb - ok
23:04:34.0128 6456 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:04:34.0137 6456 avkmgr - ok
23:04:34.0156 6456 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:04:34.0245 6456 AxInstSV - ok
23:04:34.0289 6456 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:04:34.0332 6456 b06bdrv - ok
23:04:34.0353 6456 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:04:34.0380 6456 b57nd60a - ok
23:04:34.0475 6456 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:04:34.0532 6456 BCM43XX - ok
23:04:34.0564 6456 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:04:34.0595 6456 BDESVC - ok
23:04:34.0622 6456 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:04:34.0699 6456 Beep - ok
23:04:34.0732 6456 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:04:34.0792 6456 BFE - ok
23:04:34.0829 6456 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:04:34.0906 6456 BITS - ok
23:04:34.0914 6456 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:04:34.0949 6456 blbdrive - ok
23:04:35.0014 6456 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:04:35.0038 6456 Bonjour Service - ok
23:04:35.0071 6456 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:04:35.0116 6456 bowser - ok
23:04:35.0141 6456 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:04:35.0173 6456 BrFiltLo - ok
23:04:35.0177 6456 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:04:35.0219 6456 BrFiltUp - ok
23:04:35.0256 6456 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:04:35.0308 6456 Browser - ok
23:04:35.0335 6456 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:04:35.0381 6456 Brserid - ok
23:04:35.0402 6456 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:04:35.0441 6456 BrSerWdm - ok
23:04:35.0447 6456 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:04:35.0481 6456 BrUsbMdm - ok
23:04:35.0486 6456 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:04:35.0515 6456 BrUsbSer - ok
23:04:35.0541 6456 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:04:35.0587 6456 BthEnum - ok
23:04:35.0606 6456 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:04:35.0640 6456 BTHMODEM - ok
23:04:35.0681 6456 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:04:35.0736 6456 BthPan - ok
23:04:35.0774 6456 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:04:35.0812 6456 BTHPORT - ok
23:04:35.0839 6456 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:04:35.0880 6456 bthserv - ok
23:04:35.0890 6456 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:04:35.0925 6456 BTHUSB - ok
23:04:35.0951 6456 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
23:04:35.0961 6456 btusbflt - ok
23:04:35.0992 6456 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:04:36.0002 6456 btwaudio - ok
23:04:36.0015 6456 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:04:36.0026 6456 btwavdt - ok
23:04:36.0082 6456 [ FA77B00B7B825DF75960691871CCA3FF ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
23:04:36.0106 6456 btwdins - ok
23:04:36.0124 6456 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:04:36.0132 6456 btwl2cap - ok
23:04:36.0141 6456 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:04:36.0150 6456 btwrchid - ok
23:04:36.0163 6456 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:04:36.0229 6456 cdfs - ok
23:04:36.0262 6456 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:04:36.0286 6456 cdrom - ok
23:04:36.0311 6456 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:04:36.0373 6456 CertPropSvc - ok
23:04:36.0386 6456 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:04:36.0405 6456 circlass - ok
23:04:36.0425 6456 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:04:36.0440 6456 CLFS - ok
23:04:36.0499 6456 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:04:36.0511 6456 clr_optimization_v2.0.50727_32 - ok
23:04:36.0561 6456 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:04:36.0575 6456 clr_optimization_v2.0.50727_64 - ok
23:04:36.0632 6456 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:04:36.0648 6456 clr_optimization_v4.0.30319_32 - ok
23:04:36.0686 6456 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:04:36.0697 6456 clr_optimization_v4.0.30319_64 - ok
23:04:36.0712 6456 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:04:36.0741 6456 CmBatt - ok
23:04:36.0761 6456 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:04:36.0773 6456 cmdide - ok
23:04:36.0805 6456 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:04:36.0861 6456 CNG - ok
23:04:36.0873 6456 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:04:36.0885 6456 Compbatt - ok
23:04:36.0912 6456 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:04:36.0937 6456 CompositeBus - ok
23:04:36.0941 6456 COMSysApp - ok
23:04:36.0958 6456 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:04:36.0969 6456 crcdisk - ok
23:04:36.0998 6456 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:04:37.0040 6456 CryptSvc - ok
23:04:37.0079 6456 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:04:37.0149 6456 DcomLaunch - ok
23:04:37.0180 6456 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:04:37.0237 6456 defragsvc - ok
23:04:37.0249 6456 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:04:37.0303 6456 DfsC - ok
23:04:37.0320 6456 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:04:37.0380 6456 Dhcp - ok
23:04:37.0416 6456 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:04:37.0486 6456 discache - ok
23:04:37.0503 6456 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:04:37.0514 6456 Disk - ok
23:04:37.0549 6456 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:04:37.0594 6456 Dnscache - ok
23:04:37.0628 6456 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:04:37.0692 6456 dot3svc - ok
23:04:37.0707 6456 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:04:37.0764 6456 DPS - ok
23:04:37.0795 6456 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:04:37.0834 6456 drmkaud - ok
23:04:37.0867 6456 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:04:37.0897 6456 DXGKrnl - ok
23:04:37.0931 6456 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:04:37.0984 6456 EapHost - ok
23:04:38.0080 6456 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:04:38.0136 6456 ebdrv - ok
23:04:38.0165 6456 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:04:38.0201 6456 EFS - ok
23:04:38.0274 6456 [ C49212D3D964B77D15755412CC55144C ] EgisTec Data Security Service C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
23:04:38.0296 6456 EgisTec Data Security Service - ok
23:04:38.0332 6456 [ FB74FD6A2CBB69926078645010B65943 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
23:04:38.0356 6456 EgisTec Service - ok
23:04:38.0419 6456 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:04:38.0481 6456 ehRecvr - ok
23:04:38.0504 6456 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:04:38.0530 6456 ehSched - ok
23:04:38.0575 6456 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:04:38.0598 6456 elxstor - ok
23:04:38.0609 6456 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:04:38.0661 6456 ErrDev - ok
23:04:38.0692 6456 [ F6AD6E0674EF94390F0554BF946977AF ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:04:38.0724 6456 ETD - ok
23:04:38.0770 6456 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:04:38.0828 6456 EventSystem - ok
23:04:38.0848 6456 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:04:38.0892 6456 exfat - ok
23:04:38.0922 6456 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:04:38.0988 6456 fastfat - ok
23:04:39.0027 6456 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:04:39.0080 6456 Fax - ok
23:04:39.0097 6456 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:04:39.0132 6456 fdc - ok
23:04:39.0150 6456 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:04:39.0195 6456 fdPHost - ok
23:04:39.0210 6456 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:04:39.0253 6456 FDResPub - ok
23:04:39.0275 6456 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:04:39.0286 6456 FileInfo - ok
23:04:39.0301 6456 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:04:39.0356 6456 Filetrace - ok
23:04:39.0367 6456 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:04:39.0382 6456 flpydisk - ok
23:04:39.0406 6456 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:04:39.0420 6456 FltMgr - ok
23:04:39.0468 6456 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:04:39.0519 6456 FontCache - ok
23:04:39.0563 6456 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:04:39.0573 6456 FontCache3.0.0.0 - ok
23:04:39.0612 6456 [ 54A9C5A6AA0BB0041A4AF7172FFC3D9F ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
23:04:39.0623 6456 FPSensor - ok
23:04:39.0642 6456 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:04:39.0659 6456 FsDepends - ok
23:04:39.0694 6456 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:04:39.0710 6456 Fs_Rec - ok
23:04:39.0725 6456 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:04:39.0747 6456 fvevol - ok
23:04:39.0766 6456 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:04:39.0776 6456 gagp30kx - ok
23:04:39.0798 6456 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:04:39.0806 6456 GEARAspiWDM - ok
23:04:39.0850 6456 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:04:39.0913 6456 gpsvc - ok
23:04:39.0990 6456 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:04:40.0002 6456 gupdate - ok
23:04:40.0007 6456 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:04:40.0018 6456 gupdatem - ok
23:04:40.0046 6456 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:04:40.0056 6456 gusvc - ok
23:04:40.0076 6456 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:04:40.0107 6456 hcw85cir - ok
23:04:40.0147 6456 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:04:40.0183 6456 HdAudAddService - ok
23:04:40.0218 6456 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:04:40.0252 6456 HDAudBus - ok
23:04:40.0283 6456 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:04:40.0292 6456 HECIx64 - ok
23:04:40.0310 6456 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:04:40.0337 6456 HidBatt - ok
23:04:40.0357 6456 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:04:40.0402 6456 HidBth - ok
23:04:40.0409 6456 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:04:40.0425 6456 HidIr - ok
23:04:40.0467 6456 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:04:40.0512 6456 hidserv - ok
23:04:40.0546 6456 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:04:40.0558 6456 HidUsb - ok
23:04:40.0581 6456 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:04:40.0631 6456 hkmsvc - ok
23:04:40.0653 6456 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:04:40.0700 6456 HomeGroupListener - ok
23:04:40.0739 6456 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:04:40.0770 6456 HomeGroupProvider - ok
23:04:40.0790 6456 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:04:40.0804 6456 HpSAMD - ok
23:04:40.0837 6456 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
23:04:40.0847 6456 htcnprot - ok
23:04:40.0891 6456 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:04:40.0972 6456 HTTP - ok
23:04:40.0998 6456 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:04:41.0008 6456 hwpolicy - ok
23:04:41.0018 6456 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:04:41.0029 6456 i8042prt - ok
23:04:41.0068 6456 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:04:41.0083 6456 iaStor - ok
23:04:41.0159 6456 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:04:41.0167 6456 IAStorDataMgrSvc - ok
23:04:41.0205 6456 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:04:41.0222 6456 iaStorV - ok
23:04:41.0270 6456 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:04:41.0293 6456 idsvc - ok
23:04:41.0550 6456 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:04:41.0724 6456 igfx - ok
23:04:41.0740 6456 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:04:41.0751 6456 iirsp - ok
23:04:41.0794 6456 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:04:41.0852 6456 IKEEXT - ok
23:04:41.0940 6456 [ DAECB75C7C2A4BDEAFEAD19A6FD327C5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:04:41.0992 6456 IntcAzAudAddService - ok
23:04:42.0024 6456 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:04:42.0034 6456 intelide - ok
23:04:42.0050 6456 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:04:42.0078 6456 intelppm - ok
23:04:42.0099 6456 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:04:42.0150 6456 IPBusEnum - ok
23:04:42.0163 6456 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:04:42.0212 6456 IpFilterDriver - ok
23:04:42.0238 6456 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:04:42.0283 6456 iphlpsvc - ok
23:04:42.0307 6456 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:04:42.0334 6456 IPMIDRV - ok
23:04:42.0354 6456 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:04:42.0404 6456 IPNAT - ok
23:04:42.0445 6456 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:04:42.0463 6456 iPod Service - ok
23:04:42.0483 6456 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:04:42.0509 6456 IRENUM - ok
23:04:42.0534 6456 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:04:42.0545 6456 isapnp - ok
23:04:42.0564 6456 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:04:42.0580 6456 iScsiPrt - ok
23:04:42.0623 6456 [ 1E4B623259E1093D1A6FE96AB5CB2E46 ] JmUsbCcgp C:\Windows\system32\DRIVERS\jmccgp.sys
23:04:42.0632 6456 JmUsbCcgp - ok
23:04:42.0668 6456 [ 244D5F8EAABFF576340D0326AD93BE15 ] JmUsbVideo C:\Windows\system32\Drivers\jmcam.sys
23:04:42.0679 6456 JmUsbVideo - ok
23:04:42.0692 6456 [ 1FA3D7FE63456321BDF50908E803E2B7 ] JmUsbVideo2 C:\Windows\system32\Drivers\jmcam_lo.sys
23:04:42.0701 6456 JmUsbVideo2 - ok
23:04:42.0712 6456 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:04:42.0722 6456 kbdclass - ok
23:04:42.0747 6456 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:04:42.0777 6456 kbdhid - ok
23:04:42.0787 6456 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:04:42.0801 6456 KeyIso - ok
23:04:42.0827 6456 [ 3209D40399078C1091398F43215EDD1A ] KOBCCID C:\Windows\system32\drivers\KOBCCID.sys
23:04:42.0866 6456 KOBCCID - ok
23:04:42.0906 6456 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:04:42.0918 6456 KSecDD - ok
23:04:42.0937 6456 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:04:42.0949 6456 KSecPkg - ok
23:04:42.0981 6456 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:04:43.0026 6456 ksthunk - ok
23:04:43.0055 6456 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:04:43.0100 6456 KtmRm - ok
23:04:43.0125 6456 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:04:43.0135 6456 L1C - ok
23:04:43.0169 6456 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

Danke für die nette Hilfe!

Alt 10.03.2013, 16:14   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Ich hab dich doch gebeten die Logs in CODE Tagd zu posten außerdem scheint das Log vom TDSS-Killer unvollständig zu sein, die untere Zusammenfassung fehlt
Wenn die Logs so groß sind bitte diese zippen und hier anhängen siehe http://www.trojaner-board.de/69886-a...tml#post566999
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.03.2013, 16:24   #8
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Und was soll ich nun tun? Ich habe die TTDS Datei gar nicht abgespeichert gefunden. Ich musste es unter Report suchen und anschließend selbst in eine txt Datei speichern. Und das andere kann nun nicht ausgewertet werden bis ich es in LOG-Dateien hier gepostet hab?

Alt 10.03.2013, 16:26   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Ist es zuviel verlangt die Anleitungen mal komplett zu lesen?

Zitat:
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.03.2013, 16:28   #10
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Hier die Txt. datei von einem gerade durchgeführten TDSS Scan

Alt 10.03.2013, 16:30   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Zitat:
16:24:50.0719 2504 Scan started
16:24:50.0719 2504 Mode: Manual;
TDSS-Killer wurde falsch eingestellt!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.03.2013, 16:30   #12
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Ich habe es gelesen. Aber nicht gefunden. Daher habe ich es direkt vom Programm selbst unter einer txt Datei abgespeichert.

Ich habe die beiden Additional options verwendet wie in der Anleitung beschrieben. Oder was ist der Fehler?

Alt 10.03.2013, 19:52   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Log im Anhang ist zwar vollständig aber der TDSS-Killer wurde falsch eingestellt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.03.2013, 20:21   #14
Sherezade
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Wenn ich jetzt wüsste was falsch eingestellt ist, würde ich es ändern

Alt 10.03.2013, 20:28   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Groupon Trojaner-Bereinigung - Standard

Groupon Trojaner-Bereinigung



Nochmal: Einfach mal die Anleitung richtig lesen und auch 1:1 so umsetzen!

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Groupon Trojaner-Bereinigung
anhang, appdata, betreff, dankeschön, detected, erneute, file, folge, folgendes, groupon, installieren, malwarebytes, microsoft, minute, nichts, poste, quick, registry, roaming, rootkit, software, startup, system, troja, trojan.agent.ge, version, windows



Ähnliche Themen: Groupon Trojaner-Bereinigung


  1. Groupon Virus/Trojaner
    Log-Analyse und Auswertung - 29.05.2013 (74)
  2. Von Trojaner in Groupon Mail erwischt!
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (19)
  3. Groupon Trojaner
    Log-Analyse und Auswertung - 30.03.2013 (28)
  4. Groupon Trojaner
    Log-Analyse und Auswertung - 26.03.2013 (9)
  5. Groupon Trojaner.
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (29)
  6. Groupon Trojaner
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (11)
  7. Groupon Trojaner, die Hundertste...
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (23)
  8. Groupon-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (10)
  9. Groupon Trojaner. Windows 7. Keine offensichtlichen Probleme. Bereinigung gewünscht (keine Formatierung).
    Log-Analyse und Auswertung - 16.03.2013 (7)
  10. Groupon Trojaner
    Plagegeister aller Art und deren Bekämpfung - 15.03.2013 (16)
  11. Groupon AG Abrechnung - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.03.2013 (2)
  12. Nochmal Groupon-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (1)
  13. 2x | Groupon Trojaner
    Mülltonne - 13.03.2013 (5)
  14. Groupon Nachricht mit Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.03.2013 (5)
  15. Groupon Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.03.2013 (24)
  16. Groupon Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.03.2013 (13)
  17. Groupon Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (5)

Zum Thema Groupon Trojaner-Bereinigung - Hallo, Ich habe während eines Telefonats aus Versehen den Anhang der Trojaner-Mail mit dem Betreff Groupon geöffnet. Dann habe ich bereits mitbekommen, dass man Malwarebytes Anti- Rootkit installieren soll und - Groupon Trojaner-Bereinigung...
Archiv
Du betrachtest: Groupon Trojaner-Bereinigung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.