Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firefox ungewollte Linkumleitung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.01.2013, 16:52   #1
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Guten Abend liebe Helfer,

seit einigen Tagen muss ich mit dem Problem kämpfen, dass Links, welche ich in Google anklicke, direkt zu merkwürdigen Seiten wie ihavenet.com weiterleiten. Dies gilt sowohl für Mozilla Firefox als auch für den IE 9.
Ich habe nun direkt ein Firefox-Update auf die aktuelle Version 18.0 und ein Flash Player-Update durchgeführt. Allerdings ohne Erfolg.

Außerdem lässt sich mein Antivirenprogramm Microsoft Security Essentials nicht mehr öffnen bzw öffnet sich für den Bruchteil einer Sekunde und wird sofort wieder geschlossen.

Lösungsansätze:
- Malwarebytes Anti-Malware ergab keine Treffer
- TDSSKiller durchlaufen lassen und 3 Einträge entfernen lassen
- die Logs von OTL und GMER sind angehängt


OTL:
Code:
ATTFilter
OTL logfile created on: 18.01.2013 16:09:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\HASO\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,29% Memory free
4,00 Gb Paging File | 2,73 Gb Available in Paging File | 68,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 132,79 Gb Total Space | 97,39 Gb Free Space | 73,34% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 99,87 Gb Free Space | 99,87% Space Free | Partition Type: NTFS
 
Computer Name: HASO-PC | User Name: HASO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\HASO\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-597450708-2834875878-553534017-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-597450708-2834875878-553534017-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-597450708-2834875878-553534017-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 14:30:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.12 14:36:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.12 14:36:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.11.05 17:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HASO\AppData\Roaming\mozilla\Extensions
[2013.01.18 14:30:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.05 04:44:54 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1000..\Run: [EINBYJOKSB] C:\Users\HASO\AppData\Roaming\KBDINASA7.dll ()
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1000..\Run: [Kazp] C:\Users\HASO\AppData\Roaming\dwmapiv.dll ()
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2580C4CC-26D8-4DF4-87CE-909E281E98BB}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.18 15:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.01.18 15:04:08 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.01.18 14:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.17 16:01:25 | 000,000,000 | ---D | C] -- C:\Users\HASO\AppData\Roaming\Malwarebytes
[2013.01.17 16:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.17 16:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.17 16:01:08 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.01.17 16:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.01.17 16:00:58 | 000,000,000 | ---D | C] -- C:\Users\HASO\AppData\Local\Programs
[2013.01.17 15:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.01.17 15:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.01.12 14:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.18 15:48:26 | 000,000,000 | ---- | M] () -- C:\Users\HASO\defogger_reenable
[2013.01.18 15:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.18 15:15:28 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.18 15:13:11 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 15:13:11 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 15:10:15 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.18 15:10:15 | 000,651,768 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.18 15:10:15 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.18 15:10:15 | 000,129,468 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.18 15:10:15 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.18 15:05:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.18 15:05:04 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.18 14:31:05 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.01.17 16:01:14 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.17 15:57:20 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.15 10:42:24 | 000,311,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.12 15:26:57 | 000,002,110 | ---- | M] () -- C:\Users\HASO\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012.12.27 14:49:43 | 000,122,880 | RHS- | M] () -- C:\Users\HASO\AppData\Roaming\KBDINASA7.dll
[2012.12.27 14:49:28 | 000,122,880 | RHS- | M] () -- C:\Users\HASO\AppData\Roaming\dwmapiv.dll
 
========== Files Created - No Company Name ==========
 
[2013.01.18 15:48:26 | 000,000,000 | ---- | C] () -- C:\Users\HASO\defogger_reenable
[2013.01.18 15:15:28 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.18 14:31:05 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.01.17 16:01:14 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.17 15:57:16 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.12.27 14:49:43 | 000,122,880 | RHS- | C] () -- C:\Users\HASO\AppData\Roaming\KBDINASA7.dll
[2012.12.27 14:49:28 | 000,122,880 | RHS- | C] () -- C:\Users\HASO\AppData\Roaming\dwmapiv.dll
[2012.11.28 18:55:03 | 000,533,516 | ---- | C] () -- C:\Users\HASO\KFZ 2.jpeg
[2012.11.28 18:52:46 | 000,566,577 | ---- | C] () -- C:\Users\HASO\KFZ 1.jpeg
[2012.11.05 18:49:12 | 000,170,661 | ---- | C] () -- C:\Windows\hpwins28.dat
[2012.11.05 18:49:12 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.06 13:28:51 | 000,000,000 | ---D | M] -- C:\Users\HASO\AppData\Roaming\Canneverbe Limited
[2012.11.05 18:26:20 | 000,000,000 | ---D | M] -- C:\Users\HASO\AppData\Roaming\LibreOffice
[2012.11.05 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\HASO\AppData\Roaming\Thunderbird
[2012.12.16 15:48:37 | 000,000,000 | ---D | M] -- C:\Users\HASO\AppData\Roaming\WinTrack
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 184 bytes -> C:\Users\HASO\KFZ 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 184 bytes -> C:\Users\HASO\KFZ 1.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >
         
GMER:
Code:
ATTFilter
GMER 2.0.18444 - hxxp://www.gmer.net
Rootkit scan 2013-01-18 16:36:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 Hitachi_HDP725025GLA380 rev.GM2OA5CA 232,89GB
Running: gmer-2.0.18444.exe; Driver: C:\Users\HASO\AppData\Local\Temp\kxldipog.sys


---- User code sections - GMER 2.0 ----

.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000075761401 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000075761419 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000075761431 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      000000007576144a 2 bytes [76, 75]
.text    ...                                                                                                                                         * 9
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         00000000757614dd 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  00000000757614f5 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         000000007576150d 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000075761525 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        000000007576153d 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000075761555 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      000000007576156d 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000075761585 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           000000007576159d 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        00000000757615b5 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      00000000757615cd 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  00000000757616b2 2 bytes [76, 75]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  00000000757616bd 2 bytes [76, 75]

---- Threads - GMER 2.0 ----

Thread   C:\Windows\system32\taskhost.exe [1520:1780]                                                                                                000007fefa051f38
Thread   C:\Windows\system32\taskhost.exe [1520:1844]                                                                                                000007fefa4b1010
Thread   C:\Windows\system32\svchost.exe [1488:1740]                                                                                                 000007fef7ca5fd0
Thread   C:\Windows\system32\svchost.exe [1488:1816]                                                                                                 000007fef75e3438
Thread   C:\Windows\system32\svchost.exe [1488:1848]                                                                                                 000007fef7ca63ec
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:2912]                                                                                                000000000020f2b0
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:2916]                                                                                                00000000001e3a80
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:2940]                                                                                                00000000001e3a10
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:1808]                                                                                                00000000004a5cfe
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:884]                                                                                                 00000000004a2ea6
Thread   C:\Windows\SysWOW64\rundll32.exe [2860:1756]                                                                                                00000000004a33de
---- Processes - GMER 2.0 ----

Library  ? (*** suspicious ***) @ C:\Windows\system32\wininit.exe [424]                                                                              000007fefd470000
Library  ? (*** suspicious ***) @ C:\Windows\system32\winlogon.exe [536]                                                                             000007feffde0000
Library  ? (*** suspicious ***) @ C:\Windows\system32\taskhost.exe [1520]                                                                            000007fefa3d0000
Library  ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1488]                                                                             000007feff810000
Library  ? (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\NisSrv.exe [1980]                                                       000007fefd360000

---- EOF - GMER 2.0 ----
         
Bisher keine Besserung des Problems.

Für Hinweise zur Lösung des Problems bin ich sehr dankbar.

Freundliche Grüße,
djjay

Alt 18.01.2013, 17:30   #2
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
nich t alles was tdss Killer findet ist malware.
öffne bitte c: tdsskiller-datum-version.txt, Inhalt posten bitte

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1000..\Run: [EINBYJOKSB] C:\Users\HASO\AppData\Roaming\KBDINASA7.dll ()
O4 - HKU\S-1-5-21-597450708-2834875878-553534017-1000..\Run: [Kazp] C:\Users\HASO\AppData\Roaming\dwmapiv.dll ()
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus


downloade get info:
http://markusg.trojaner-board.de/GetInfo.exe
doppelklicke die .exe
im selben ordner wird nun eine .txt erstellt:
summary-info.txt
diese doppelklicken und deren inhalt posten.

Frage:
hast du zum infektionszeitpunkt, bzw evtl. einen tag davor, etwas runtergeladen und instaliert bzw ausgeführt?
wurdest du beim besuch einer seite aufgefordert etwas zu instalieren bzw runterzuladen? diese infos hätte ich auch gern als private nachicht.
__________________

__________________

Alt 19.01.2013, 14:43   #3
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Guten Tag,

ich habe zwei Textdateien von TDSSKiller:

TDSSKiller.2.8.15.0_18.01.2013_15.03.05_log
Code:
ATTFilter
15:03:05.0798 2436  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:03:06.0048 2436  ============================================================
15:03:06.0048 2436  Current date / time: 2013/01/18 15:03:06.0048
15:03:06.0048 2436  SystemInfo:
15:03:06.0048 2436  
15:03:06.0048 2436  OS Version: 6.1.7601 ServicePack: 1.0
15:03:06.0048 2436  Product type: Workstation
15:03:06.0048 2436  ComputerName: HASO-PC
15:03:06.0048 2436  UserName: HASO
15:03:06.0048 2436  Windows directory: C:\Windows
15:03:06.0048 2436  System windows directory: C:\Windows
15:03:06.0048 2436  Running under WOW64
15:03:06.0048 2436  Processor architecture: Intel x64
15:03:06.0048 2436  Number of processors: 2
15:03:06.0048 2436  Page size: 0x1000
15:03:06.0048 2436  Boot type: Normal boot
15:03:06.0048 2436  ============================================================
15:03:07.0673 2436  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
15:03:07.0673 2436  ============================================================
15:03:07.0673 2436  \Device\Harddisk0\DR0:
15:03:07.0673 2436  MBR partitions:
15:03:07.0673 2436  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:03:07.0673 2436  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC800000
15:03:07.0673 2436  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC832800, BlocksNum 0x10992800
15:03:07.0673 2436  ============================================================
15:03:07.0736 2436  C: <-> \Device\Harddisk0\DR0\Partition3
15:03:07.0861 2436  D: <-> \Device\Harddisk0\DR0\Partition2
15:03:07.0908 2436  ============================================================
15:03:07.0908 2436  Initialize success
15:03:07.0908 2436  ============================================================
15:03:17.0189 3960  ============================================================
15:03:17.0189 3960  Scan started
15:03:17.0189 3960  Mode: Manual; SigCheck; TDLFS; 
15:03:17.0189 3960  ============================================================
15:03:17.0595 3960  ================ Scan system memory ========================
15:03:17.0595 3960  System memory - ok
15:03:17.0595 3960  ================ Scan services =============================
15:03:17.0736 3960  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:03:17.0955 3960  1394ohci - ok
15:03:17.0986 3960  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:03:18.0001 3960  ACPI - ok
15:03:18.0033 3960  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:03:18.0080 3960  AcpiPmi - ok
15:03:18.0142 3960  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:03:18.0173 3960  AdobeARMservice - ok
15:03:18.0236 3960  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:03:18.0251 3960  AdobeFlashPlayerUpdateSvc - ok
15:03:18.0298 3960  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:03:18.0330 3960  adp94xx - ok
15:03:18.0361 3960  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:03:18.0392 3960  adpahci - ok
15:03:18.0423 3960  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:03:18.0439 3960  adpu320 - ok
15:03:18.0455 3960  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:03:18.0595 3960  AeLookupSvc - ok
15:03:18.0626 3960  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:03:18.0673 3960  AFD - ok
15:03:18.0705 3960  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:03:18.0720 3960  agp440 - ok
15:03:18.0751 3960  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:03:18.0798 3960  ALG - ok
15:03:18.0814 3960  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:03:18.0830 3960  aliide - ok
15:03:18.0830 3960  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:03:18.0845 3960  amdide - ok
15:03:18.0876 3960  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:03:18.0955 3960  AmdK8 - ok
15:03:18.0955 3960  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:03:19.0001 3960  AmdPPM - ok
15:03:19.0033 3960  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:03:19.0048 3960  amdsata - ok
15:03:19.0095 3960  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:03:19.0111 3960  amdsbs - ok
15:03:19.0126 3960  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:03:19.0142 3960  amdxata - ok
15:03:19.0173 3960  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:03:19.0314 3960  AppID - ok
15:03:19.0345 3960  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:03:19.0408 3960  AppIDSvc - ok
15:03:19.0439 3960  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:03:19.0486 3960  Appinfo - ok
15:03:19.0533 3960  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:03:19.0580 3960  AppMgmt - ok
15:03:19.0611 3960  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:03:19.0626 3960  arc - ok
15:03:19.0642 3960  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:03:19.0658 3960  arcsas - ok
15:03:19.0673 3960  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:03:19.0751 3960  AsyncMac - ok
15:03:19.0767 3960  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:03:19.0783 3960  atapi - ok
15:03:19.0845 3960  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:03:19.0908 3960  AudioEndpointBuilder - ok
15:03:19.0908 3960  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:03:19.0955 3960  AudioSrv - ok
15:03:20.0001 3960  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:03:20.0080 3960  AxInstSV - ok
15:03:20.0111 3960  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:03:20.0173 3960  b06bdrv - ok
15:03:20.0205 3960  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:03:20.0236 3960  b57nd60a - ok
15:03:20.0267 3960  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:03:20.0298 3960  BDESVC - ok
15:03:20.0330 3960  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:03:20.0376 3960  Beep - ok
15:03:20.0423 3960  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:03:20.0486 3960  BFE - ok
15:03:20.0517 3960  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:03:20.0580 3960  BITS - ok
15:03:20.0611 3960  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:03:20.0642 3960  blbdrive - ok
15:03:20.0673 3960  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:03:20.0720 3960  bowser - ok
15:03:20.0736 3960  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:03:20.0814 3960  BrFiltLo - ok
15:03:20.0830 3960  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:03:20.0861 3960  BrFiltUp - ok
15:03:20.0876 3960  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:03:20.0908 3960  Browser - ok
15:03:20.0939 3960  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:03:21.0001 3960  Brserid - ok
15:03:21.0001 3960  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:03:21.0033 3960  BrSerWdm - ok
15:03:21.0064 3960  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:03:21.0095 3960  BrUsbMdm - ok
15:03:21.0095 3960  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:03:21.0142 3960  BrUsbSer - ok
15:03:21.0142 3960  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:03:21.0189 3960  BTHMODEM - ok
15:03:21.0205 3960  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:03:21.0267 3960  bthserv - ok
15:03:21.0283 3960  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:03:21.0330 3960  cdfs - ok
15:03:21.0376 3960  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:03:21.0408 3960  cdrom - ok
15:03:21.0455 3960  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:03:21.0517 3960  CertPropSvc - ok
15:03:21.0533 3960  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:03:21.0580 3960  circlass - ok
15:03:21.0611 3960  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:03:21.0626 3960  CLFS - ok
15:03:21.0673 3960  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:21.0689 3960  clr_optimization_v2.0.50727_32 - ok
15:03:21.0720 3960  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:03:21.0736 3960  clr_optimization_v2.0.50727_64 - ok
15:03:21.0783 3960  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:03:21.0798 3960  clr_optimization_v4.0.30319_32 - ok
15:03:21.0814 3960  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:03:21.0830 3960  clr_optimization_v4.0.30319_64 - ok
15:03:21.0861 3960  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:03:21.0892 3960  CmBatt - ok
15:03:21.0923 3960  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:03:21.0939 3960  cmdide - ok
15:03:22.0001 3960  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:03:22.0064 3960  CNG - ok
15:03:22.0111 3960  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:03:22.0142 3960  Compbatt - ok
15:03:22.0158 3960  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:03:22.0205 3960  CompositeBus - ok
15:03:22.0236 3960  COMSysApp - ok
15:03:22.0251 3960  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:03:22.0267 3960  crcdisk - ok
15:03:22.0314 3960  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:03:22.0361 3960  CryptSvc - ok
15:03:22.0392 3960  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
15:03:22.0439 3960  CSC - ok
15:03:22.0470 3960  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:03:22.0517 3960  CscService - ok
15:03:22.0548 3960  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:03:22.0595 3960  DcomLaunch - ok
15:03:22.0626 3960  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:03:22.0658 3960  defragsvc - ok
15:03:22.0689 3960  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:03:22.0736 3960  DfsC - ok
15:03:22.0767 3960  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:03:22.0830 3960  Dhcp - ok
15:03:22.0845 3960  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:03:22.0892 3960  discache - ok
15:03:22.0923 3960  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:03:22.0939 3960  Disk - ok
15:03:22.0970 3960  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:03:23.0033 3960  Dnscache - ok
15:03:23.0064 3960  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:03:23.0111 3960  dot3svc - ok
15:03:23.0126 3960  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:03:23.0173 3960  DPS - ok
15:03:23.0205 3960  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:03:23.0236 3960  drmkaud - ok
15:03:23.0283 3960  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:03:23.0314 3960  DXGKrnl - ok
15:03:23.0345 3960  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:03:23.0376 3960  EapHost - ok
15:03:23.0470 3960  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:03:23.0548 3960  ebdrv - ok
15:03:23.0580 3960  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:03:23.0626 3960  EFS - ok
15:03:23.0673 3960  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:03:23.0751 3960  ehRecvr - ok
15:03:23.0767 3960  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:03:23.0798 3960  ehSched - ok
15:03:23.0845 3960  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:03:23.0876 3960  elxstor - ok
15:03:23.0892 3960  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:03:23.0923 3960  ErrDev - ok
15:03:23.0955 3960  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:03:24.0001 3960  EventSystem - ok
15:03:24.0017 3960  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:03:24.0048 3960  exfat - ok
15:03:24.0064 3960  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:03:24.0126 3960  fastfat - ok
15:03:24.0158 3960  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:03:24.0220 3960  Fax - ok
15:03:24.0220 3960  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:03:24.0267 3960  fdc - ok
15:03:24.0298 3960  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:03:24.0345 3960  fdPHost - ok
15:03:24.0361 3960  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:03:24.0392 3960  FDResPub - ok
15:03:24.0423 3960  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:03:24.0439 3960  FileInfo - ok
15:03:24.0439 3960  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:03:24.0501 3960  Filetrace - ok
15:03:24.0501 3960  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:03:24.0533 3960  flpydisk - ok
15:03:24.0564 3960  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:03:24.0580 3960  FltMgr - ok
15:03:24.0626 3960  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
15:03:24.0689 3960  FontCache - ok
15:03:24.0736 3960  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:03:24.0751 3960  FontCache3.0.0.0 - ok
15:03:24.0783 3960  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:03:24.0798 3960  FsDepends - ok
15:03:24.0814 3960  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:03:24.0830 3960  Fs_Rec - ok
15:03:24.0861 3960  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:03:24.0876 3960  fvevol - ok
15:03:24.0892 3960  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:03:24.0908 3960  gagp30kx - ok
15:03:24.0939 3960  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:03:25.0001 3960  gpsvc - ok
15:03:25.0017 3960  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:03:25.0064 3960  hcw85cir - ok
15:03:25.0095 3960  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:03:25.0142 3960  HdAudAddService - ok
15:03:25.0173 3960  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:03:25.0205 3960  HDAudBus - ok
15:03:25.0236 3960  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:03:25.0267 3960  HidBatt - ok
15:03:25.0267 3960  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:03:25.0314 3960  HidBth - ok
15:03:25.0330 3960  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:03:25.0376 3960  HidIr - ok
15:03:25.0392 3960  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:03:25.0439 3960  hidserv - ok
15:03:25.0486 3960  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:03:25.0517 3960  HidUsb - ok
15:03:25.0548 3960  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:03:25.0595 3960  hkmsvc - ok
15:03:25.0611 3960  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:03:25.0642 3960  HomeGroupListener - ok
15:03:25.0673 3960  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:03:25.0705 3960  HomeGroupProvider - ok
15:03:25.0736 3960  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:03:25.0751 3960  HpSAMD - ok
15:03:25.0814 3960  [ 4F6C514B6149E380B8C1EDEAC3D7AEC5 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:03:25.0845 3960  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:03:25.0845 3960  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:03:25.0892 3960  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:03:25.0939 3960  HTTP - ok
15:03:25.0955 3960  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:03:25.0970 3960  hwpolicy - ok
15:03:26.0017 3960  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:03:26.0048 3960  i8042prt - ok
15:03:26.0064 3960  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:03:26.0080 3960  iaStorV - ok
15:03:26.0126 3960  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:03:26.0158 3960  idsvc - ok
15:03:26.0173 3960  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:03:26.0189 3960  iirsp - ok
15:03:26.0236 3960  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:03:26.0298 3960  IKEEXT - ok
15:03:26.0314 3960  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:03:26.0330 3960  intelide - ok
15:03:26.0361 3960  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:03:26.0392 3960  intelppm - ok
15:03:26.0408 3960  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:03:26.0455 3960  IPBusEnum - ok
15:03:26.0486 3960  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:03:26.0517 3960  IpFilterDriver - ok
15:03:26.0548 3960  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:03:26.0595 3960  iphlpsvc - ok
15:03:26.0626 3960  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:03:26.0658 3960  IPMIDRV - ok
15:03:26.0689 3960  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:03:26.0736 3960  IPNAT - ok
15:03:26.0736 3960  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:03:26.0814 3960  IRENUM - ok
15:03:26.0845 3960  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:03:26.0845 3960  isapnp - ok
15:03:26.0876 3960  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:03:26.0892 3960  iScsiPrt - ok
15:03:26.0908 3960  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:03:26.0923 3960  kbdclass - ok
15:03:26.0939 3960  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:03:26.0986 3960  kbdhid - ok
15:03:27.0001 3960  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:03:27.0017 3960  KeyIso - ok
15:03:27.0048 3960  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:03:27.0064 3960  KSecDD - ok
15:03:27.0080 3960  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:03:27.0095 3960  KSecPkg - ok
15:03:27.0111 3960  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:03:27.0158 3960  ksthunk - ok
15:03:27.0189 3960  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:03:27.0314 3960  KtmRm - ok
15:03:27.0361 3960  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:03:27.0408 3960  LanmanServer - ok
15:03:27.0439 3960  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:03:27.0486 3960  LanmanWorkstation - ok
15:03:27.0517 3960  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:03:27.0564 3960  lltdio - ok
15:03:27.0595 3960  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:03:27.0642 3960  lltdsvc - ok
15:03:27.0658 3960  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:03:27.0689 3960  lmhosts - ok
15:03:27.0736 3960  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:03:27.0736 3960  LSI_FC - ok
15:03:27.0751 3960  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:03:27.0767 3960  LSI_SAS - ok
15:03:27.0783 3960  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:03:27.0798 3960  LSI_SAS2 - ok
15:03:27.0814 3960  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:03:27.0830 3960  LSI_SCSI - ok
15:03:27.0845 3960  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:03:27.0892 3960  luafv - ok
15:03:27.0908 3960  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:03:27.0939 3960  Mcx2Svc - ok
15:03:27.0955 3960  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:03:27.0970 3960  megasas - ok
15:03:27.0986 3960  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:03:28.0001 3960  MegaSR - ok
15:03:28.0033 3960  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:03:28.0080 3960  MMCSS - ok
15:03:28.0095 3960  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:03:28.0142 3960  Modem - ok
15:03:28.0173 3960  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:03:28.0189 3960  monitor - ok
15:03:28.0220 3960  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:03:28.0236 3960  mouclass - ok
15:03:28.0236 3960  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:03:28.0283 3960  mouhid - ok
15:03:28.0314 3960  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:03:28.0330 3960  mountmgr - ok
15:03:28.0376 3960  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:03:28.0392 3960  MozillaMaintenance - ok
15:03:28.0423 3960  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:03:28.0439 3960  MpFilter - ok
15:03:28.0455 3960  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:03:28.0470 3960  mpio - ok
15:03:28.0501 3960  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:03:28.0548 3960  mpsdrv - ok
15:03:28.0564 3960  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:03:28.0642 3960  MpsSvc - ok
15:03:28.0673 3960  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:03:28.0689 3960  MRxDAV - ok
15:03:28.0720 3960  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:03:28.0751 3960  mrxsmb - ok
15:03:28.0767 3960  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:03:28.0798 3960  mrxsmb10 - ok
15:03:28.0814 3960  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:03:28.0830 3960  mrxsmb20 - ok
15:03:28.0861 3960  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:03:28.0861 3960  msahci - ok
15:03:28.0892 3960  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:03:28.0908 3960  msdsm - ok
15:03:28.0939 3960  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:03:28.0970 3960  MSDTC - ok
15:03:29.0001 3960  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:03:29.0033 3960  Msfs - ok
15:03:29.0048 3960  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:03:29.0080 3960  mshidkmdf - ok
15:03:29.0111 3960  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:03:29.0126 3960  msisadrv - ok
15:03:29.0142 3960  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:03:29.0189 3960  MSiSCSI - ok
15:03:29.0205 3960  msiserver - ok
15:03:29.0236 3960  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:03:29.0267 3960  MSKSSRV - ok
15:03:29.0345 3960  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:03:29.0376 3960  MsMpSvc - ok
15:03:29.0392 3960  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:03:29.0439 3960  MSPCLOCK - ok
15:03:29.0455 3960  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:03:29.0501 3960  MSPQM - ok
15:03:29.0533 3960  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:03:29.0548 3960  MsRPC - ok
15:03:29.0580 3960  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:03:29.0580 3960  mssmbios - ok
15:03:29.0611 3960  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:03:29.0642 3960  MSTEE - ok
15:03:29.0658 3960  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:03:29.0689 3960  MTConfig - ok
15:03:29.0705 3960  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:03:29.0720 3960  Mup - ok
15:03:29.0751 3960  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:03:29.0798 3960  napagent - ok
15:03:29.0830 3960  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:03:29.0861 3960  NativeWifiP - ok
15:03:29.0908 3960  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:03:29.0939 3960  NDIS - ok
15:03:29.0955 3960  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:03:29.0986 3960  NdisCap - ok
15:03:30.0017 3960  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:03:30.0064 3960  NdisTapi - ok
15:03:30.0095 3960  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:03:30.0142 3960  Ndisuio - ok
15:03:30.0173 3960  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:03:30.0205 3960  NdisWan - ok
15:03:30.0236 3960  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:03:30.0267 3960  NDProxy - ok
15:03:30.0298 3960  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:03:30.0345 3960  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:03:30.0345 3960  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:03:30.0361 3960  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:03:30.0408 3960  NetBIOS - ok
15:03:30.0439 3960  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:03:30.0486 3960  NetBT - ok
15:03:30.0486 3960  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:03:30.0501 3960  Netlogon - ok
15:03:30.0548 3960  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:03:30.0595 3960  Netman - ok
15:03:30.0611 3960  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:03:30.0673 3960  netprofm - ok
15:03:30.0705 3960  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:03:30.0720 3960  NetTcpPortSharing - ok
15:03:30.0751 3960  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:03:30.0751 3960  nfrd960 - ok
15:03:30.0798 3960  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:03:30.0814 3960  NisDrv - ok
15:03:30.0830 3960  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:03:30.0861 3960  NisSrv - ok
15:03:30.0876 3960  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:03:30.0908 3960  NlaSvc - ok
15:03:30.0939 3960  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:03:30.0970 3960  Npfs - ok
15:03:30.0986 3960  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:03:31.0033 3960  nsi - ok
15:03:31.0048 3960  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:03:31.0080 3960  nsiproxy - ok
15:03:31.0142 3960  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:03:31.0173 3960  Ntfs - ok
15:03:31.0205 3960  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:03:31.0251 3960  Null - ok
15:03:31.0517 3960  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:03:31.0939 3960  nvlddmkm - ok
15:03:31.0970 3960  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:03:31.0986 3960  nvraid - ok
15:03:32.0001 3960  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:03:32.0001 3960  nvstor - ok
15:03:32.0048 3960  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:03:32.0080 3960  nvsvc - ok
15:03:32.0142 3960  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:03:32.0173 3960  nvUpdatusService - ok
15:03:32.0189 3960  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:03:32.0205 3960  nv_agp - ok
15:03:32.0236 3960  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:03:32.0251 3960  ohci1394 - ok
15:03:32.0283 3960  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:03:32.0345 3960  p2pimsvc - ok
15:03:32.0361 3960  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:03:32.0392 3960  p2psvc - ok
15:03:32.0423 3960  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:03:32.0439 3960  Parport - ok
15:03:32.0470 3960  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:03:32.0486 3960  partmgr - ok
15:03:32.0517 3960  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:03:32.0548 3960  PcaSvc - ok
15:03:32.0564 3960  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:03:32.0580 3960  pci - ok
15:03:32.0595 3960  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:03:32.0611 3960  pciide - ok
15:03:32.0642 3960  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:03:32.0658 3960  pcmcia - ok
15:03:32.0673 3960  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:03:32.0673 3960  pcw - ok
15:03:32.0705 3960  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:03:32.0751 3960  PEAUTH - ok
15:03:32.0798 3960  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:03:32.0845 3960  PeerDistSvc - ok
15:03:32.0908 3960  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:03:32.0923 3960  PerfHost - ok
15:03:32.0986 3960  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:03:33.0064 3960  pla - ok
15:03:33.0095 3960  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:03:33.0142 3960  PlugPlay - ok
15:03:33.0158 3960  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:03:33.0205 3960  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:03:33.0205 3960  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:03:33.0220 3960  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:03:33.0251 3960  PNRPAutoReg - ok
15:03:33.0267 3960  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:03:33.0283 3960  PNRPsvc - ok
15:03:33.0314 3960  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:03:33.0376 3960  PolicyAgent - ok
15:03:33.0408 3960  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:03:33.0439 3960  Power - ok
15:03:33.0470 3960  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:03:33.0501 3960  PptpMiniport - ok
15:03:33.0517 3960  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:03:33.0548 3960  Processor - ok
15:03:33.0580 3960  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:03:33.0626 3960  ProfSvc - ok
15:03:33.0626 3960  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:03:33.0642 3960  ProtectedStorage - ok
15:03:33.0673 3960  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:03:33.0736 3960  Psched - ok
15:03:33.0783 3960  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:03:33.0814 3960  ql2300 - ok
15:03:33.0830 3960  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:03:33.0845 3960  ql40xx - ok
15:03:33.0876 3960  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:03:33.0923 3960  QWAVE - ok
15:03:33.0923 3960  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:03:33.0939 3960  QWAVEdrv - ok
15:03:33.0970 3960  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:03:34.0001 3960  RasAcd - ok
15:03:34.0017 3960  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:03:34.0048 3960  RasAgileVpn - ok
15:03:34.0064 3960  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:03:34.0111 3960  RasAuto - ok
15:03:34.0142 3960  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:03:34.0189 3960  Rasl2tp - ok
15:03:34.0205 3960  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:03:34.0251 3960  RasMan - ok
15:03:34.0267 3960  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:03:34.0314 3960  RasPppoe - ok
15:03:34.0345 3960  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:03:34.0376 3960  RasSstp - ok
15:03:34.0408 3960  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:03:34.0455 3960  rdbss - ok
15:03:34.0486 3960  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:03:34.0517 3960  rdpbus - ok
15:03:34.0517 3960  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:03:34.0564 3960  RDPCDD - ok
15:03:34.0595 3960  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:03:34.0611 3960  RDPDR - ok
15:03:34.0642 3960  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:03:34.0689 3960  RDPENCDD - ok
15:03:34.0720 3960  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:03:34.0751 3960  RDPREFMP - ok
15:03:34.0798 3960  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:03:34.0830 3960  RdpVideoMiniport - ok
15:03:34.0845 3960  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:03:34.0892 3960  RDPWD - ok
15:03:34.0923 3960  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:03:34.0939 3960  rdyboost - ok
15:03:34.0955 3960  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:03:35.0001 3960  RemoteAccess - ok
15:03:35.0033 3960  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:03:35.0064 3960  RemoteRegistry - ok
15:03:35.0080 3960  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:03:35.0126 3960  RpcEptMapper - ok
15:03:35.0142 3960  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:03:35.0173 3960  RpcLocator - ok
15:03:35.0205 3960  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:03:35.0236 3960  RpcSs - ok
15:03:35.0267 3960  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:03:35.0298 3960  rspndr - ok
15:03:35.0345 3960  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:03:35.0423 3960  RTL8167 - ok
15:03:35.0455 3960  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:03:35.0470 3960  s3cap - ok
15:03:35.0486 3960  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:03:35.0501 3960  SamSs - ok
15:03:35.0517 3960  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:03:35.0533 3960  sbp2port - ok
15:03:35.0564 3960  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:03:35.0611 3960  SCardSvr - ok
15:03:35.0642 3960  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:03:35.0673 3960  scfilter - ok
15:03:35.0705 3960  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:03:35.0767 3960  Schedule - ok
15:03:35.0798 3960  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:03:35.0830 3960  SCPolicySvc - ok
15:03:35.0845 3960  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:03:35.0876 3960  SDRSVC - ok
15:03:35.0908 3960  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:03:35.0970 3960  secdrv - ok
15:03:36.0001 3960  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:03:36.0048 3960  seclogon - ok
15:03:36.0064 3960  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:03:36.0111 3960  SENS - ok
15:03:36.0126 3960  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:03:36.0158 3960  SensrSvc - ok
15:03:36.0189 3960  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:03:36.0220 3960  Serenum - ok
15:03:36.0236 3960  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:03:36.0267 3960  Serial - ok
15:03:36.0298 3960  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:03:36.0330 3960  sermouse - ok
15:03:36.0361 3960  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:03:36.0408 3960  SessionEnv - ok
15:03:36.0423 3960  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:03:36.0470 3960  sffdisk - ok
15:03:36.0486 3960  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:03:36.0501 3960  sffp_mmc - ok
15:03:36.0517 3960  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:03:36.0564 3960  sffp_sd - ok
15:03:36.0580 3960  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:03:36.0611 3960  sfloppy - ok
15:03:36.0658 3960  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:03:36.0705 3960  SharedAccess - ok
15:03:36.0736 3960  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:03:36.0767 3960  ShellHWDetection - ok
15:03:36.0798 3960  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:03:36.0814 3960  SiSRaid2 - ok
15:03:36.0845 3960  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:03:36.0845 3960  SiSRaid4 - ok
15:03:36.0876 3960  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:03:36.0923 3960  Smb - ok
15:03:36.0955 3960  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:03:36.0970 3960  SNMPTRAP - ok
15:03:36.0986 3960  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:03:37.0001 3960  spldr - ok
15:03:37.0033 3960  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:03:37.0080 3960  Spooler - ok
15:03:37.0173 3960  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:03:37.0267 3960  sppsvc - ok
15:03:37.0298 3960  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:03:37.0330 3960  sppuinotify - ok
15:03:37.0392 3960  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:03:37.0501 3960  srv - ok
15:03:37.0533 3960  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:03:37.0580 3960  srv2 - ok
15:03:37.0595 3960  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:03:37.0626 3960  srvnet - ok
15:03:37.0658 3960  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:03:37.0705 3960  SSDPSRV - ok
15:03:37.0720 3960  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:03:37.0767 3960  SstpSvc - ok
15:03:37.0814 3960  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:03:37.0830 3960  Stereo Service - ok
15:03:37.0845 3960  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:03:37.0861 3960  stexstor - ok
15:03:37.0876 3960  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:03:37.0939 3960  StillCam - ok
15:03:37.0986 3960  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:03:38.0048 3960  stisvc - ok
15:03:38.0080 3960  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:03:38.0080 3960  storflt - ok
15:03:38.0095 3960  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:03:38.0111 3960  storvsc - ok
15:03:38.0111 3960  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:03:38.0126 3960  swenum - ok
15:03:38.0158 3960  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:03:38.0205 3960  swprv - ok
15:03:38.0220 3960  Synth3dVsc - ok
15:03:38.0267 3960  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:03:38.0314 3960  SysMain - ok
15:03:38.0330 3960  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:03:38.0361 3960  TabletInputService - ok
15:03:38.0376 3960  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:03:38.0423 3960  TapiSrv - ok
15:03:38.0455 3960  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:03:38.0486 3960  TBS - ok
15:03:38.0533 3960  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:03:38.0564 3960  Tcpip - ok
15:03:38.0611 3960  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:03:38.0642 3960  TCPIP6 - ok
15:03:38.0658 3960  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:03:38.0689 3960  tcpipreg - ok
15:03:38.0720 3960  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:03:38.0751 3960  TDPIPE - ok
15:03:38.0767 3960  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:03:38.0783 3960  TDTCP - ok
15:03:38.0814 3960  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:03:38.0845 3960  tdx - ok
15:03:38.0861 3960  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:03:38.0876 3960  TermDD - ok
15:03:38.0908 3960  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:03:38.0955 3960  TermService - ok
15:03:38.0970 3960  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:03:39.0001 3960  Themes - ok
15:03:39.0017 3960  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:03:39.0048 3960  THREADORDER - ok
15:03:39.0064 3960  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:03:39.0095 3960  TrkWks - ok
15:03:39.0142 3960  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:03:39.0189 3960  TrustedInstaller - ok
15:03:39.0236 3960  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:03:39.0283 3960  tssecsrv - ok
15:03:39.0314 3960  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:03:39.0345 3960  TsUsbFlt - ok
15:03:39.0345 3960  tsusbhub - ok
15:03:39.0392 3960  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:03:39.0455 3960  tunnel - ok
15:03:39.0470 3960  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:03:39.0486 3960  uagp35 - ok
15:03:39.0517 3960  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:03:39.0564 3960  udfs - ok
15:03:39.0580 3960  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:03:39.0595 3960  UI0Detect - ok
15:03:39.0611 3960  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:03:39.0626 3960  uliagpkx - ok
15:03:39.0642 3960  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:03:39.0673 3960  umbus - ok
15:03:39.0705 3960  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:03:39.0720 3960  UmPass - ok
15:03:39.0751 3960  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:03:39.0767 3960  UmRdpService - ok
15:03:39.0798 3960  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:03:39.0845 3960  upnphost - ok
15:03:39.0876 3960  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
15:03:39.0908 3960  usbccgp - ok
15:03:39.0939 3960  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:03:39.0970 3960  usbcir - ok
15:03:39.0986 3960  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:03:40.0001 3960  usbehci - ok
15:03:40.0017 3960  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:03:40.0048 3960  usbhub - ok
15:03:40.0095 3960  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:03:40.0111 3960  usbohci - ok
15:03:40.0142 3960  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:03:40.0189 3960  usbprint - ok
15:03:40.0205 3960  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:03:40.0251 3960  USBSTOR - ok
15:03:40.0283 3960  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:03:40.0314 3960  usbuhci - ok
15:03:40.0330 3960  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:03:40.0376 3960  UxSms - ok
15:03:40.0392 3960  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:03:40.0408 3960  VaultSvc - ok
15:03:40.0439 3960  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:03:40.0439 3960  vdrvroot - ok
15:03:40.0470 3960  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:03:40.0517 3960  vds - ok
15:03:40.0548 3960  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:03:40.0564 3960  vga - ok
15:03:40.0595 3960  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:03:40.0626 3960  VgaSave - ok
15:03:40.0626 3960  VGPU - ok
15:03:40.0658 3960  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:03:40.0673 3960  vhdmp - ok
15:03:40.0689 3960  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:03:40.0705 3960  viaide - ok
15:03:40.0720 3960  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:03:40.0736 3960  vmbus - ok
15:03:40.0751 3960  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:03:40.0783 3960  VMBusHID - ok
15:03:40.0814 3960  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:03:40.0814 3960  volmgr - ok
15:03:40.0845 3960  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:03:40.0861 3960  volmgrx - ok
15:03:40.0892 3960  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:03:40.0908 3960  volsnap - ok
15:03:40.0939 3960  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:03:40.0955 3960  vsmraid - ok
15:03:41.0001 3960  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:03:41.0064 3960  VSS - ok
15:03:41.0064 3960  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:03:41.0095 3960  vwifibus - ok
15:03:41.0111 3960  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:03:41.0158 3960  W32Time - ok
15:03:41.0173 3960  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:03:41.0205 3960  WacomPen - ok
15:03:41.0251 3960  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:03:41.0283 3960  WANARP - ok
15:03:41.0283 3960  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:03:41.0314 3960  Wanarpv6 - ok
15:03:41.0376 3960  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:03:41.0423 3960  wbengine - ok
15:03:41.0455 3960  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:03:41.0470 3960  WbioSrvc - ok
15:03:41.0501 3960  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:03:41.0533 3960  wcncsvc - ok
15:03:41.0548 3960  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:03:41.0595 3960  WcsPlugInService - ok
15:03:41.0611 3960  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:03:41.0626 3960  Wd - ok
15:03:41.0658 3960  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:03:41.0673 3960  Wdf01000 - ok
15:03:41.0705 3960  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:03:41.0767 3960  WdiServiceHost - ok
15:03:41.0767 3960  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:03:41.0798 3960  WdiSystemHost - ok
15:03:41.0830 3960  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:03:41.0845 3960  WebClient - ok
15:03:41.0861 3960  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:03:41.0908 3960  Wecsvc - ok
15:03:41.0939 3960  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:03:41.0986 3960  wercplsupport - ok
15:03:42.0001 3960  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:03:42.0064 3960  WerSvc - ok
15:03:42.0080 3960  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:03:42.0111 3960  WfpLwf - ok
15:03:42.0126 3960  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:03:42.0142 3960  WIMMount - ok
15:03:42.0158 3960  WinDefend - ok
15:03:42.0173 3960  WinHttpAutoProxySvc - ok
15:03:42.0220 3960  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:03:42.0267 3960  Winmgmt - ok
15:03:42.0330 3960  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:03:42.0376 3960  WinRM - ok
15:03:42.0439 3960  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:03:42.0470 3960  Wlansvc - ok
15:03:42.0486 3960  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:03:42.0548 3960  WmiAcpi - ok
15:03:42.0595 3960  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:03:42.0611 3960  wmiApSrv - ok
15:03:42.0642 3960  WMPNetworkSvc - ok
15:03:42.0658 3960  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:03:42.0673 3960  WPCSvc - ok
15:03:42.0689 3960  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:03:42.0720 3960  WPDBusEnum - ok
15:03:42.0751 3960  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:03:42.0783 3960  ws2ifsl - ok
15:03:42.0798 3960  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:03:42.0830 3960  wscsvc - ok
15:03:42.0845 3960  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:03:42.0876 3960  WSDPrintDevice - ok
15:03:42.0876 3960  WSearch - ok
15:03:42.0955 3960  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:03:42.0986 3960  wuauserv - ok
15:03:43.0017 3960  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:03:43.0048 3960  WudfPf - ok
15:03:43.0064 3960  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:03:43.0095 3960  WUDFRd - ok
15:03:43.0126 3960  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:03:43.0142 3960  wudfsvc - ok
15:03:43.0158 3960  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:03:43.0189 3960  WwanSvc - ok
15:03:43.0205 3960  ================ Scan global ===============================
15:03:43.0220 3960  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:03:43.0236 3960  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:03:43.0236 3960  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:03:43.0267 3960  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:03:43.0298 3960  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:03:43.0298 3960  [Global] - ok
15:03:43.0298 3960  ================ Scan MBR ==================================
15:03:43.0330 3960  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:03:43.0705 3960  \Device\Harddisk0\DR0 - ok
15:03:43.0705 3960  ================ Scan VBR ==================================
15:03:43.0720 3960  [ D418FA79A45C91FB1F5B4057C861B0E0 ] \Device\Harddisk0\DR0\Partition1
15:03:43.0720 3960  \Device\Harddisk0\DR0\Partition1 - ok
15:03:43.0751 3960  [ 6BCE9E349B84DA374288F974431169A8 ] \Device\Harddisk0\DR0\Partition2
15:03:43.0751 3960  \Device\Harddisk0\DR0\Partition2 - ok
15:03:43.0783 3960  [ F47B1AE5DDD1BC05D594AD872CFFF854 ] \Device\Harddisk0\DR0\Partition3
15:03:43.0783 3960  \Device\Harddisk0\DR0\Partition3 - ok
15:03:43.0783 3960  ============================================================
15:03:43.0783 3960  Scan finished
15:03:43.0783 3960  ============================================================
15:03:43.0798 3780  Detected object count: 3
15:03:43.0798 3780  Actual detected object count: 3
15:04:08.0345 3780  C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - copied to quarantine
15:04:08.0408 3780  HKLM\SYSTEM\ControlSet001\services\HPSLPSVC - will be deleted on reboot
15:04:08.0423 3780  HKLM\SYSTEM\ControlSet002\services\HPSLPSVC - will be deleted on reboot
15:04:08.0580 3780  C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - will be deleted on reboot
15:04:08.0580 3780  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Delete 
15:04:08.0626 3780  C:\Windows\system32\HPZinw12.dll - copied to quarantine
15:04:08.0658 3780  HKLM\SYSTEM\ControlSet001\services\Net Driver HPZ12 - will be deleted on reboot
15:04:08.0673 3780  HKLM\SYSTEM\ControlSet002\services\Net Driver HPZ12 - will be deleted on reboot
15:04:08.0689 3780  C:\Windows\system32\HPZinw12.dll - will be deleted on reboot
15:04:08.0689 3780  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete 
15:04:08.0705 3780  C:\Windows\system32\HPZipm12.dll - copied to quarantine
15:04:08.0720 3780  HKLM\SYSTEM\ControlSet001\services\Pml Driver HPZ12 - will be deleted on reboot
15:04:08.0720 3780  HKLM\SYSTEM\ControlSet002\services\Pml Driver HPZ12 - will be deleted on reboot
15:04:08.0736 3780  C:\Windows\system32\HPZipm12.dll - will be deleted on reboot
15:04:08.0736 3780  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete 
15:04:22.0064 3600  Deinitialize success
         
Den Inhalt der zweiten Datei
TDSSKiller.2.8.15.0_18.01.2013_15.06.39_log
schreib ich in einem weiteren Beitrag, da ich hier das Zeichenlimit überschritten habe.


Den von OTL erstellten Ordner habe ich wie angewiesen auf eurem Upload-Channel hochgeladen.

Hier der Inhalt von summary-info:
Code:
ATTFilter
System volume information:	 dwHighDateTime = 0x1cdbb48,dwLowDateTime = 0x70f7c39c
System32:			 dwHighDateTime = 0x1ca0431,dwLowDateTime = 0xfec9a6f8
dwSerialNumber = 0x7011d448
         
Ich habe erneut getestet, ob das Problem weiterhin besteht: sowohl im Firefox als auch im IE ist das Problem behoben.

Gruß,
djjay
__________________

Alt 19.01.2013, 14:46   #4
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Hier der Inhalt von TDSSKiller.2.8.15.0_18.01.2013_15.06.39_log:
Code:
ATTFilter
15:06:39.0125 2716  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:06:39.0453 2716  ============================================================
15:06:39.0453 2716  Current date / time: 2013/01/18 15:06:39.0453
15:06:39.0453 2716  SystemInfo:
15:06:39.0453 2716  
15:06:39.0453 2716  OS Version: 6.1.7601 ServicePack: 1.0
15:06:39.0453 2716  Product type: Workstation
15:06:39.0453 2716  ComputerName: HASO-PC
15:06:39.0453 2716  UserName: HASO
15:06:39.0453 2716  Windows directory: C:\Windows
15:06:39.0453 2716  System windows directory: C:\Windows
15:06:39.0453 2716  Running under WOW64
15:06:39.0453 2716  Processor architecture: Intel x64
15:06:39.0453 2716  Number of processors: 2
15:06:39.0453 2716  Page size: 0x1000
15:06:39.0453 2716  Boot type: Normal boot
15:06:39.0453 2716  ============================================================
15:06:41.0031 2716  BG loaded
15:06:43.0968 2716  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
15:06:43.0984 2716  ============================================================
15:06:43.0984 2716  \Device\Harddisk0\DR0:
15:06:44.0000 2716  MBR partitions:
15:06:44.0000 2716  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:06:44.0000 2716  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC800000
15:06:44.0000 2716  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC832800, BlocksNum 0x10992800
15:06:44.0000 2716  ============================================================
15:06:44.0062 2716  C: <-> \Device\Harddisk0\DR0\Partition3
15:06:44.0187 2716  D: <-> \Device\Harddisk0\DR0\Partition2
15:06:44.0187 2716  ============================================================
15:06:44.0187 2716  Initialize success
15:06:44.0187 2716  ============================================================
15:06:55.0335 2800  ============================================================
15:06:55.0335 2800  Scan started
15:06:55.0335 2800  Mode: Manual; SigCheck; TDLFS; 
15:06:55.0335 2800  ============================================================
15:06:56.0757 2800  ================ Scan system memory ========================
15:06:56.0757 2800  System memory - ok
15:06:56.0757 2800  ================ Scan services =============================
15:06:56.0976 2800  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:06:57.0085 2800  1394ohci - ok
15:06:57.0101 2800  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:06:57.0117 2800  ACPI - ok
15:06:57.0148 2800  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:06:57.0242 2800  AcpiPmi - ok
15:06:57.0320 2800  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:06:57.0367 2800  AdobeARMservice - ok
15:06:57.0445 2800  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:06:57.0539 2800  AdobeFlashPlayerUpdateSvc - ok
15:06:57.0585 2800  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:06:57.0601 2800  adp94xx - ok
15:06:57.0648 2800  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:06:57.0679 2800  adpahci - ok
15:06:57.0679 2800  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:06:57.0695 2800  adpu320 - ok
15:06:57.0742 2800  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:06:57.0789 2800  AeLookupSvc - ok
15:06:57.0820 2800  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:06:57.0898 2800  AFD - ok
15:06:57.0929 2800  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:06:57.0945 2800  agp440 - ok
15:06:57.0960 2800  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:06:58.0023 2800  ALG - ok
15:06:58.0054 2800  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:06:58.0054 2800  aliide - ok
15:06:58.0070 2800  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:06:58.0085 2800  amdide - ok
15:06:58.0117 2800  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:06:58.0164 2800  AmdK8 - ok
15:06:58.0164 2800  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:06:58.0210 2800  AmdPPM - ok
15:06:58.0242 2800  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:06:58.0257 2800  amdsata - ok
15:06:58.0273 2800  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:06:58.0289 2800  amdsbs - ok
15:06:58.0304 2800  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:06:58.0320 2800  amdxata - ok
15:06:58.0351 2800  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:06:58.0414 2800  AppID - ok
15:06:58.0445 2800  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:06:58.0523 2800  AppIDSvc - ok
15:06:58.0554 2800  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:06:58.0617 2800  Appinfo - ok
15:06:58.0664 2800  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:06:58.0726 2800  AppMgmt - ok
15:06:58.0742 2800  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:06:58.0757 2800  arc - ok
15:06:58.0773 2800  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:06:58.0789 2800  arcsas - ok
15:06:58.0804 2800  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:06:58.0867 2800  AsyncMac - ok
15:06:58.0898 2800  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:06:58.0914 2800  atapi - ok
15:06:58.0945 2800  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:06:59.0023 2800  AudioEndpointBuilder - ok
15:06:59.0039 2800  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:06:59.0070 2800  AudioSrv - ok
15:06:59.0101 2800  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:06:59.0195 2800  AxInstSV - ok
15:06:59.0242 2800  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:06:59.0304 2800  b06bdrv - ok
15:06:59.0320 2800  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:06:59.0367 2800  b57nd60a - ok
15:06:59.0429 2800  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:06:59.0492 2800  BDESVC - ok
15:06:59.0507 2800  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:06:59.0554 2800  Beep - ok
15:06:59.0601 2800  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:06:59.0679 2800  BFE - ok
15:06:59.0773 2800  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:06:59.0851 2800  BITS - ok
15:06:59.0882 2800  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:06:59.0914 2800  blbdrive - ok
15:06:59.0945 2800  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:06:59.0960 2800  bowser - ok
15:06:59.0992 2800  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:07:00.0070 2800  BrFiltLo - ok
15:07:00.0085 2800  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:07:00.0101 2800  BrFiltUp - ok
15:07:00.0117 2800  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:07:00.0179 2800  Browser - ok
15:07:00.0210 2800  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:07:00.0242 2800  Brserid - ok
15:07:00.0257 2800  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:00.0289 2800  BrSerWdm - ok
15:07:00.0304 2800  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:00.0335 2800  BrUsbMdm - ok
15:07:00.0351 2800  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:00.0382 2800  BrUsbSer - ok
15:07:00.0382 2800  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:07:00.0429 2800  BTHMODEM - ok
15:07:00.0445 2800  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:07:00.0523 2800  bthserv - ok
15:07:00.0539 2800  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:07:00.0585 2800  cdfs - ok
15:07:00.0679 2800  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:07:00.0726 2800  cdrom - ok
15:07:00.0757 2800  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:07:00.0835 2800  CertPropSvc - ok
15:07:00.0867 2800  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:07:00.0914 2800  circlass - ok
15:07:00.0945 2800  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:07:00.0976 2800  CLFS - ok
15:07:01.0023 2800  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:01.0070 2800  clr_optimization_v2.0.50727_32 - ok
15:07:01.0101 2800  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:07:01.0132 2800  clr_optimization_v2.0.50727_64 - ok
15:07:01.0179 2800  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:01.0242 2800  clr_optimization_v4.0.30319_32 - ok
15:07:01.0273 2800  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:07:01.0289 2800  clr_optimization_v4.0.30319_64 - ok
15:07:01.0320 2800  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:07:01.0398 2800  CmBatt - ok
15:07:01.0429 2800  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:07:01.0460 2800  cmdide - ok
15:07:01.0492 2800  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:07:01.0539 2800  CNG - ok
15:07:01.0554 2800  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:07:01.0570 2800  Compbatt - ok
15:07:01.0601 2800  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:07:01.0648 2800  CompositeBus - ok
15:07:01.0664 2800  COMSysApp - ok
15:07:01.0679 2800  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:07:01.0695 2800  crcdisk - ok
15:07:01.0726 2800  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:07:01.0789 2800  CryptSvc - ok
15:07:01.0820 2800  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
15:07:01.0867 2800  CSC - ok
15:07:01.0914 2800  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:07:01.0960 2800  CscService - ok
15:07:02.0007 2800  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:07:02.0054 2800  DcomLaunch - ok
15:07:02.0070 2800  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:07:02.0148 2800  defragsvc - ok
15:07:02.0164 2800  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:07:02.0226 2800  DfsC - ok
15:07:02.0257 2800  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:07:02.0335 2800  Dhcp - ok
15:07:02.0351 2800  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:07:02.0414 2800  discache - ok
15:07:02.0445 2800  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:07:02.0445 2800  Disk - ok
15:07:02.0492 2800  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:07:02.0554 2800  Dnscache - ok
15:07:02.0585 2800  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:07:02.0664 2800  dot3svc - ok
15:07:02.0695 2800  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:07:02.0742 2800  DPS - ok
15:07:02.0773 2800  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:07:02.0804 2800  drmkaud - ok
15:07:02.0851 2800  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:07:02.0882 2800  DXGKrnl - ok
15:07:02.0914 2800  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:07:03.0007 2800  EapHost - ok
15:07:03.0117 2800  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:07:03.0242 2800  ebdrv - ok
15:07:03.0273 2800  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:07:03.0351 2800  EFS - ok
15:07:03.0414 2800  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:07:03.0476 2800  ehRecvr - ok
15:07:03.0492 2800  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:07:03.0554 2800  ehSched - ok
15:07:03.0632 2800  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:07:03.0648 2800  elxstor - ok
15:07:03.0695 2800  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:07:03.0710 2800  ErrDev - ok
15:07:03.0757 2800  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:07:03.0835 2800  EventSystem - ok
15:07:03.0867 2800  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:07:03.0914 2800  exfat - ok
15:07:03.0960 2800  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:07:04.0007 2800  fastfat - ok
15:07:04.0054 2800  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:07:04.0117 2800  Fax - ok
15:07:04.0132 2800  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:07:04.0164 2800  fdc - ok
15:07:04.0195 2800  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:07:04.0242 2800  fdPHost - ok
15:07:04.0257 2800  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:07:04.0289 2800  FDResPub - ok
15:07:04.0304 2800  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:07:04.0320 2800  FileInfo - ok
15:07:04.0320 2800  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:07:04.0382 2800  Filetrace - ok
15:07:04.0414 2800  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:04.0429 2800  flpydisk - ok
15:07:04.0460 2800  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:07:04.0476 2800  FltMgr - ok
15:07:04.0523 2800  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
15:07:04.0632 2800  FontCache - ok
15:07:04.0695 2800  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:07:04.0710 2800  FontCache3.0.0.0 - ok
15:07:04.0757 2800  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:07:04.0773 2800  FsDepends - ok
15:07:04.0804 2800  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:07:04.0835 2800  Fs_Rec - ok
15:07:04.0882 2800  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:07:04.0914 2800  fvevol - ok
15:07:04.0929 2800  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:07:04.0945 2800  gagp30kx - ok
15:07:04.0992 2800  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:07:05.0070 2800  gpsvc - ok
15:07:05.0085 2800  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:07:05.0132 2800  hcw85cir - ok
15:07:05.0179 2800  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:07:05.0210 2800  HdAudAddService - ok
15:07:05.0226 2800  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:07:05.0257 2800  HDAudBus - ok
15:07:05.0289 2800  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:07:05.0320 2800  HidBatt - ok
15:07:05.0320 2800  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:07:05.0351 2800  HidBth - ok
15:07:05.0367 2800  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:07:05.0414 2800  HidIr - ok
15:07:05.0445 2800  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:07:05.0554 2800  hidserv - ok
15:07:05.0601 2800  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:07:05.0679 2800  HidUsb - ok
15:07:05.0710 2800  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:07:05.0773 2800  hkmsvc - ok
15:07:05.0835 2800  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:07:05.0898 2800  HomeGroupListener - ok
15:07:05.0929 2800  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:07:05.0960 2800  HomeGroupProvider - ok
15:07:05.0992 2800  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:07:06.0007 2800  HpSAMD - ok
15:07:06.0054 2800  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:07:06.0101 2800  HTTP - ok
15:07:06.0117 2800  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:07:06.0132 2800  hwpolicy - ok
15:07:06.0179 2800  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:07:06.0195 2800  i8042prt - ok
15:07:06.0226 2800  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:07:06.0242 2800  iaStorV - ok
15:07:06.0304 2800  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:07:06.0335 2800  idsvc - ok
15:07:06.0367 2800  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:07:06.0367 2800  iirsp - ok
15:07:06.0429 2800  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:07:06.0539 2800  IKEEXT - ok
15:07:06.0570 2800  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:07:06.0585 2800  intelide - ok
15:07:06.0648 2800  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:07:06.0695 2800  intelppm - ok
15:07:06.0710 2800  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:07:06.0773 2800  IPBusEnum - ok
15:07:06.0804 2800  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:06.0867 2800  IpFilterDriver - ok
15:07:06.0898 2800  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:07:06.0976 2800  iphlpsvc - ok
15:07:07.0007 2800  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:07:07.0054 2800  IPMIDRV - ok
15:07:07.0085 2800  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:07:07.0148 2800  IPNAT - ok
15:07:07.0164 2800  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:07:07.0226 2800  IRENUM - ok
15:07:07.0273 2800  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:07:07.0273 2800  isapnp - ok
15:07:07.0304 2800  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:07:07.0320 2800  iScsiPrt - ok
15:07:07.0351 2800  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:07:07.0367 2800  kbdclass - ok
15:07:07.0382 2800  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:07:07.0414 2800  kbdhid - ok
15:07:07.0429 2800  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:07:07.0445 2800  KeyIso - ok
15:07:07.0476 2800  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:07:07.0492 2800  KSecDD - ok
15:07:07.0507 2800  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:07:07.0523 2800  KSecPkg - ok
15:07:07.0539 2800  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:07:07.0601 2800  ksthunk - ok
15:07:07.0664 2800  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:07:07.0757 2800  KtmRm - ok
15:07:07.0789 2800  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:07:07.0867 2800  LanmanServer - ok
15:07:07.0882 2800  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:07:07.0945 2800  LanmanWorkstation - ok
15:07:07.0976 2800  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:07:08.0039 2800  lltdio - ok
15:07:08.0070 2800  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:07:08.0132 2800  lltdsvc - ok
15:07:08.0132 2800  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:07:08.0179 2800  lmhosts - ok
15:07:08.0226 2800  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:07:08.0242 2800  LSI_FC - ok
15:07:08.0257 2800  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:07:08.0273 2800  LSI_SAS - ok
15:07:08.0289 2800  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:07:08.0304 2800  LSI_SAS2 - ok
15:07:08.0320 2800  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:07:08.0320 2800  LSI_SCSI - ok
15:07:08.0351 2800  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:07:08.0398 2800  luafv - ok
15:07:08.0429 2800  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:07:08.0476 2800  Mcx2Svc - ok
15:07:08.0476 2800  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:07:08.0492 2800  megasas - ok
15:07:08.0539 2800  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:07:08.0585 2800  MegaSR - ok
15:07:08.0648 2800  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:07:08.0726 2800  MMCSS - ok
15:07:08.0757 2800  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:07:08.0804 2800  Modem - ok
15:07:08.0835 2800  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:07:08.0851 2800  monitor - ok
15:07:08.0882 2800  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:07:08.0882 2800  mouclass - ok
15:07:08.0898 2800  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:07:08.0945 2800  mouhid - ok
15:07:08.0976 2800  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:07:08.0992 2800  mountmgr - ok
15:07:09.0070 2800  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:07:09.0117 2800  MozillaMaintenance - ok
15:07:09.0164 2800  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:07:09.0179 2800  MpFilter - ok
15:07:09.0210 2800  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:07:09.0226 2800  mpio - ok
15:07:09.0242 2800  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:07:09.0289 2800  mpsdrv - ok
15:07:09.0351 2800  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:07:09.0429 2800  MpsSvc - ok
15:07:09.0445 2800  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:07:09.0476 2800  MRxDAV - ok
15:07:09.0523 2800  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:09.0539 2800  mrxsmb - ok
15:07:09.0554 2800  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:09.0585 2800  mrxsmb10 - ok
15:07:09.0632 2800  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:09.0679 2800  mrxsmb20 - ok
15:07:09.0695 2800  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:07:09.0710 2800  msahci - ok
15:07:09.0742 2800  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:07:09.0757 2800  msdsm - ok
15:07:09.0789 2800  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:07:09.0835 2800  MSDTC - ok
15:07:09.0867 2800  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:07:09.0914 2800  Msfs - ok
15:07:09.0929 2800  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:07:09.0976 2800  mshidkmdf - ok
15:07:10.0007 2800  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:07:10.0007 2800  msisadrv - ok
15:07:10.0039 2800  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:07:10.0101 2800  MSiSCSI - ok
15:07:10.0101 2800  msiserver - ok
15:07:10.0132 2800  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:07:10.0179 2800  MSKSSRV - ok
15:07:10.0257 2800  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:07:10.0273 2800  MsMpSvc - ok
15:07:10.0304 2800  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:10.0351 2800  MSPCLOCK - ok
15:07:10.0367 2800  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:07:10.0414 2800  MSPQM - ok
15:07:10.0445 2800  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:07:10.0460 2800  MsRPC - ok
15:07:10.0492 2800  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:07:10.0492 2800  mssmbios - ok
15:07:10.0523 2800  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:07:10.0570 2800  MSTEE - ok
15:07:10.0570 2800  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:07:10.0601 2800  MTConfig - ok
15:07:10.0632 2800  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:07:10.0648 2800  Mup - ok
15:07:10.0679 2800  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:07:10.0742 2800  napagent - ok
15:07:10.0773 2800  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:07:10.0804 2800  NativeWifiP - ok
15:07:10.0867 2800  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:07:10.0898 2800  NDIS - ok
15:07:10.0929 2800  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:10.0960 2800  NdisCap - ok
15:07:10.0992 2800  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:11.0039 2800  NdisTapi - ok
15:07:11.0085 2800  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:11.0132 2800  Ndisuio - ok
15:07:11.0179 2800  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:11.0242 2800  NdisWan - ok
15:07:11.0273 2800  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:07:11.0320 2800  NDProxy - ok
15:07:11.0367 2800  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:07:11.0414 2800  NetBIOS - ok
15:07:11.0445 2800  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:07:11.0492 2800  NetBT - ok
15:07:11.0507 2800  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:07:11.0523 2800  Netlogon - ok
15:07:11.0570 2800  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:07:11.0617 2800  Netman - ok
15:07:11.0632 2800  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:07:11.0679 2800  netprofm - ok
15:07:11.0726 2800  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:07:11.0757 2800  NetTcpPortSharing - ok
15:07:11.0789 2800  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:07:11.0804 2800  nfrd960 - ok
15:07:11.0851 2800  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:07:11.0867 2800  NisDrv - ok
15:07:11.0882 2800  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:07:11.0898 2800  NisSrv - ok
15:07:11.0929 2800  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:07:11.0976 2800  NlaSvc - ok
15:07:12.0007 2800  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:07:12.0054 2800  Npfs - ok
15:07:12.0070 2800  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:07:12.0132 2800  nsi - ok
15:07:12.0148 2800  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:07:12.0195 2800  nsiproxy - ok
15:07:12.0492 2800  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:07:12.0539 2800  Ntfs - ok
15:07:12.0601 2800  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:07:12.0664 2800  Null - ok
15:07:13.0242 2800  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:13.0445 2800  nvlddmkm - ok
15:07:13.0492 2800  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:07:13.0554 2800  nvraid - ok
15:07:13.0585 2800  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:07:13.0601 2800  nvstor - ok
15:07:13.0648 2800  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:07:13.0664 2800  nvsvc - ok
15:07:13.0726 2800  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:13.0757 2800  nvUpdatusService - ok
15:07:13.0757 2800  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:07:13.0773 2800  nv_agp - ok
15:07:13.0804 2800  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:07:13.0820 2800  ohci1394 - ok
15:07:13.0867 2800  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:07:13.0914 2800  p2pimsvc - ok
15:07:13.0929 2800  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:07:13.0960 2800  p2psvc - ok
15:07:13.0992 2800  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:07:14.0023 2800  Parport - ok
15:07:14.0054 2800  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:07:14.0070 2800  partmgr - ok
15:07:14.0085 2800  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:07:14.0132 2800  PcaSvc - ok
15:07:14.0164 2800  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:07:14.0179 2800  pci - ok
15:07:14.0195 2800  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:07:14.0195 2800  pciide - ok
15:07:14.0242 2800  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:07:14.0257 2800  pcmcia - ok
15:07:14.0273 2800  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:07:14.0289 2800  pcw - ok
15:07:14.0304 2800  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:07:14.0351 2800  PEAUTH - ok
15:07:14.0414 2800  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:07:14.0476 2800  PeerDistSvc - ok
15:07:14.0539 2800  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:07:14.0585 2800  PerfHost - ok
15:07:14.0664 2800  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:07:14.0742 2800  pla - ok
15:07:14.0789 2800  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:07:14.0851 2800  PlugPlay - ok
15:07:14.0882 2800  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:07:14.0914 2800  PNRPAutoReg - ok
15:07:14.0945 2800  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:07:14.0960 2800  PNRPsvc - ok
15:07:14.0992 2800  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:07:15.0070 2800  PolicyAgent - ok
15:07:15.0101 2800  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:07:15.0164 2800  Power - ok
15:07:15.0195 2800  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:07:15.0242 2800  PptpMiniport - ok
15:07:15.0257 2800  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:07:15.0289 2800  Processor - ok
15:07:15.0320 2800  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:07:15.0382 2800  ProfSvc - ok
15:07:15.0414 2800  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:07:15.0429 2800  ProtectedStorage - ok
15:07:15.0460 2800  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:07:15.0523 2800  Psched - ok
15:07:15.0585 2800  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:07:15.0617 2800  ql2300 - ok
15:07:15.0648 2800  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:07:15.0664 2800  ql40xx - ok
15:07:15.0695 2800  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:07:15.0757 2800  QWAVE - ok
15:07:15.0789 2800  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:07:15.0804 2800  QWAVEdrv - ok
15:07:15.0851 2800  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:07:15.0914 2800  RasAcd - ok
15:07:15.0945 2800  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:15.0992 2800  RasAgileVpn - ok
15:07:16.0039 2800  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:07:16.0117 2800  RasAuto - ok
15:07:16.0132 2800  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:16.0179 2800  Rasl2tp - ok
15:07:16.0210 2800  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:07:16.0273 2800  RasMan - ok
15:07:16.0304 2800  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:16.0351 2800  RasPppoe - ok
15:07:16.0382 2800  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:07:16.0429 2800  RasSstp - ok
15:07:16.0476 2800  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:07:16.0539 2800  rdbss - ok
15:07:16.0585 2800  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:16.0632 2800  rdpbus - ok
15:07:16.0648 2800  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:16.0679 2800  RDPCDD - ok
15:07:16.0726 2800  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:07:16.0789 2800  RDPDR - ok
15:07:16.0820 2800  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:07:16.0867 2800  RDPENCDD - ok
15:07:16.0882 2800  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:07:16.0914 2800  RDPREFMP - ok
15:07:16.0976 2800  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:07:17.0023 2800  RdpVideoMiniport - ok
15:07:17.0023 2800  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:07:17.0085 2800  RDPWD - ok
15:07:17.0101 2800  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:07:17.0117 2800  rdyboost - ok
15:07:17.0148 2800  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:07:17.0210 2800  RemoteAccess - ok
15:07:17.0242 2800  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:07:17.0289 2800  RemoteRegistry - ok
15:07:17.0320 2800  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:07:17.0367 2800  RpcEptMapper - ok
15:07:17.0398 2800  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:07:17.0429 2800  RpcLocator - ok
15:07:17.0445 2800  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:07:17.0492 2800  RpcSs - ok
15:07:17.0523 2800  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:07:17.0554 2800  rspndr - ok
15:07:17.0601 2800  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:07:17.0664 2800  RTL8167 - ok
15:07:17.0679 2800  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:07:17.0710 2800  s3cap - ok
15:07:17.0726 2800  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:07:17.0742 2800  SamSs - ok
15:07:17.0757 2800  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:07:17.0773 2800  sbp2port - ok
15:07:17.0804 2800  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:07:17.0867 2800  SCardSvr - ok
15:07:17.0898 2800  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:07:17.0929 2800  scfilter - ok
15:07:17.0976 2800  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:07:18.0054 2800  Schedule - ok
15:07:18.0085 2800  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:07:18.0117 2800  SCPolicySvc - ok
15:07:18.0148 2800  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:07:18.0210 2800  SDRSVC - ok
15:07:18.0242 2800  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:07:18.0289 2800  secdrv - ok
15:07:18.0304 2800  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:07:18.0367 2800  seclogon - ok
15:07:18.0398 2800  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:07:18.0429 2800  SENS - ok
15:07:18.0445 2800  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:07:18.0507 2800  SensrSvc - ok
15:07:18.0523 2800  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:07:18.0554 2800  Serenum - ok
15:07:18.0585 2800  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:07:18.0617 2800  Serial - ok
15:07:18.0632 2800  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:07:18.0664 2800  sermouse - ok
15:07:18.0710 2800  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:07:18.0773 2800  SessionEnv - ok
15:07:18.0789 2800  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:07:18.0835 2800  sffdisk - ok
15:07:18.0851 2800  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:07:18.0867 2800  sffp_mmc - ok
15:07:18.0882 2800  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:07:18.0929 2800  sffp_sd - ok
15:07:18.0945 2800  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:18.0976 2800  sfloppy - ok
15:07:19.0023 2800  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:07:19.0085 2800  SharedAccess - ok
15:07:19.0117 2800  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:19.0179 2800  ShellHWDetection - ok
15:07:19.0210 2800  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:19.0226 2800  SiSRaid2 - ok
15:07:19.0242 2800  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:19.0257 2800  SiSRaid4 - ok
15:07:19.0289 2800  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:07:19.0335 2800  Smb - ok
15:07:19.0367 2800  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:07:19.0398 2800  SNMPTRAP - ok
15:07:19.0414 2800  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:07:19.0429 2800  spldr - ok
15:07:19.0460 2800  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:07:19.0523 2800  Spooler - ok
15:07:19.0617 2800  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:07:19.0695 2800  sppsvc - ok
15:07:19.0726 2800  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:07:19.0773 2800  sppuinotify - ok
15:07:19.0804 2800  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:07:19.0835 2800  srv - ok
15:07:19.0867 2800  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:07:19.0898 2800  srv2 - ok
15:07:19.0898 2800  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:07:19.0929 2800  srvnet - ok
15:07:19.0960 2800  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:07:20.0007 2800  SSDPSRV - ok
15:07:20.0023 2800  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:07:20.0070 2800  SstpSvc - ok
15:07:20.0117 2800  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:07:20.0132 2800  Stereo Service - ok
15:07:20.0148 2800  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:07:20.0164 2800  stexstor - ok
15:07:20.0179 2800  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:07:20.0226 2800  StillCam - ok
15:07:20.0257 2800  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:07:20.0320 2800  stisvc - ok
15:07:20.0351 2800  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:07:20.0382 2800  storflt - ok
15:07:20.0382 2800  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:07:20.0414 2800  storvsc - ok
15:07:20.0429 2800  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:07:20.0445 2800  swenum - ok
15:07:20.0492 2800  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:07:20.0554 2800  swprv - ok
15:07:20.0554 2800  Synth3dVsc - ok
15:07:20.0601 2800  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:07:20.0648 2800  SysMain - ok
15:07:20.0664 2800  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:20.0710 2800  TabletInputService - ok
15:07:20.0726 2800  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:07:20.0804 2800  TapiSrv - ok
15:07:20.0820 2800  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:07:20.0882 2800  TBS - ok
15:07:20.0929 2800  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:07:20.0976 2800  Tcpip - ok
15:07:21.0007 2800  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:07:21.0039 2800  TCPIP6 - ok
15:07:21.0054 2800  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:07:21.0085 2800  tcpipreg - ok
15:07:21.0117 2800  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:07:21.0148 2800  TDPIPE - ok
15:07:21.0164 2800  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:07:21.0195 2800  TDTCP - ok
15:07:21.0226 2800  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:07:21.0273 2800  tdx - ok
15:07:21.0289 2800  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:07:21.0304 2800  TermDD - ok
15:07:21.0335 2800  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:07:21.0398 2800  TermService - ok
15:07:21.0429 2800  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:07:21.0460 2800  Themes - ok
15:07:21.0476 2800  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:07:21.0507 2800  THREADORDER - ok
15:07:21.0523 2800  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:07:21.0570 2800  TrkWks - ok
15:07:21.0617 2800  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:21.0679 2800  TrustedInstaller - ok
15:07:21.0710 2800  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:21.0757 2800  tssecsrv - ok
15:07:21.0804 2800  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:07:21.0851 2800  TsUsbFlt - ok
15:07:21.0867 2800  tsusbhub - ok
15:07:21.0914 2800  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:07:21.0960 2800  tunnel - ok
15:07:21.0992 2800  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:07:21.0992 2800  uagp35 - ok
15:07:22.0023 2800  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:07:22.0085 2800  udfs - ok
15:07:22.0117 2800  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:07:22.0148 2800  UI0Detect - ok
15:07:22.0164 2800  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:07:22.0179 2800  uliagpkx - ok
15:07:22.0195 2800  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:07:22.0226 2800  umbus - ok
15:07:22.0257 2800  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:07:22.0273 2800  UmPass - ok
15:07:22.0304 2800  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:07:22.0335 2800  UmRdpService - ok
15:07:22.0367 2800  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:07:22.0429 2800  upnphost - ok
15:07:22.0460 2800  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
15:07:22.0507 2800  usbccgp - ok
15:07:22.0523 2800  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:07:22.0539 2800  usbcir - ok
15:07:22.0554 2800  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:07:22.0585 2800  usbehci - ok
15:07:22.0601 2800  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:07:22.0632 2800  usbhub - ok
15:07:22.0648 2800  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:07:22.0695 2800  usbohci - ok
15:07:22.0726 2800  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:07:22.0757 2800  usbprint - ok
15:07:22.0773 2800  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:07:22.0820 2800  USBSTOR - ok
15:07:22.0835 2800  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:07:22.0867 2800  usbuhci - ok
15:07:22.0882 2800  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:07:22.0945 2800  UxSms - ok
15:07:22.0976 2800  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:07:22.0976 2800  VaultSvc - ok
15:07:23.0007 2800  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:07:23.0023 2800  vdrvroot - ok
15:07:23.0054 2800  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:07:23.0117 2800  vds - ok
15:07:23.0148 2800  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:23.0179 2800  vga - ok
15:07:23.0179 2800  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:07:23.0242 2800  VgaSave - ok
15:07:23.0242 2800  VGPU - ok
15:07:23.0273 2800  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:07:23.0289 2800  vhdmp - ok
15:07:23.0304 2800  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:07:23.0304 2800  viaide - ok
15:07:23.0335 2800  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:07:23.0351 2800  vmbus - ok
15:07:23.0367 2800  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:07:23.0398 2800  VMBusHID - ok
15:07:23.0414 2800  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:07:23.0429 2800  volmgr - ok
15:07:23.0445 2800  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:07:23.0460 2800  volmgrx - ok
15:07:23.0492 2800  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:07:23.0507 2800  volsnap - ok
15:07:23.0539 2800  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:07:23.0554 2800  vsmraid - ok
15:07:23.0617 2800  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:07:23.0726 2800  VSS - ok
15:07:23.0726 2800  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:07:23.0757 2800  vwifibus - ok
15:07:23.0789 2800  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:07:23.0851 2800  W32Time - ok
15:07:23.0867 2800  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:07:23.0914 2800  WacomPen - ok
15:07:23.0945 2800  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:07:24.0007 2800  WANARP - ok
15:07:24.0007 2800  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:07:24.0039 2800  Wanarpv6 - ok
15:07:24.0085 2800  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:07:24.0179 2800  wbengine - ok
15:07:24.0210 2800  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:07:24.0242 2800  WbioSrvc - ok
15:07:24.0273 2800  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:07:24.0335 2800  wcncsvc - ok
15:07:24.0351 2800  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:24.0429 2800  WcsPlugInService - ok
15:07:24.0429 2800  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:07:24.0445 2800  Wd - ok
15:07:24.0476 2800  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:07:24.0507 2800  Wdf01000 - ok
15:07:24.0523 2800  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:07:24.0648 2800  WdiServiceHost - ok
15:07:24.0648 2800  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:07:24.0664 2800  WdiSystemHost - ok
15:07:24.0695 2800  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:07:24.0757 2800  WebClient - ok
15:07:24.0773 2800  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:07:24.0835 2800  Wecsvc - ok
15:07:24.0867 2800  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:07:24.0914 2800  wercplsupport - ok
15:07:24.0945 2800  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:07:25.0007 2800  WerSvc - ok
15:07:25.0039 2800  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:07:25.0070 2800  WfpLwf - ok
15:07:25.0085 2800  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:07:25.0101 2800  WIMMount - ok
15:07:25.0117 2800  WinDefend - ok
15:07:25.0132 2800  WinHttpAutoProxySvc - ok
15:07:25.0179 2800  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:07:25.0242 2800  Winmgmt - ok
15:07:25.0320 2800  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:07:25.0398 2800  WinRM - ok
15:07:25.0460 2800  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:07:25.0523 2800  Wlansvc - ok
15:07:25.0554 2800  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:07:25.0570 2800  WmiAcpi - ok
15:07:25.0617 2800  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:07:25.0648 2800  wmiApSrv - ok
15:07:25.0679 2800  WMPNetworkSvc - ok
15:07:25.0710 2800  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:07:25.0726 2800  WPCSvc - ok
15:07:25.0757 2800  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:07:25.0789 2800  WPDBusEnum - ok
15:07:25.0804 2800  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:07:25.0851 2800  ws2ifsl - ok
15:07:25.0867 2800  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:07:25.0914 2800  wscsvc - ok
15:07:25.0929 2800  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:07:25.0976 2800  WSDPrintDevice - ok
15:07:25.0976 2800  WSearch - ok
15:07:26.0039 2800  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:07:26.0101 2800  wuauserv - ok
15:07:26.0117 2800  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:07:26.0148 2800  WudfPf - ok
15:07:26.0195 2800  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:07:26.0226 2800  WUDFRd - ok
15:07:26.0257 2800  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:07:26.0289 2800  wudfsvc - ok
15:07:26.0320 2800  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:07:26.0351 2800  WwanSvc - ok
15:07:26.0367 2800  ================ Scan global ===============================
15:07:26.0382 2800  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:07:26.0429 2800  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:07:26.0445 2800  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:07:26.0476 2800  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:07:26.0507 2800  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:07:26.0523 2800  [Global] - ok
15:07:26.0539 2800  ================ Scan MBR ==================================
15:07:26.0554 2800  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:07:26.0929 2800  \Device\Harddisk0\DR0 - ok
15:07:26.0929 2800  ================ Scan VBR ==================================
15:07:26.0929 2800  [ D418FA79A45C91FB1F5B4057C861B0E0 ] \Device\Harddisk0\DR0\Partition1
15:07:26.0929 2800  \Device\Harddisk0\DR0\Partition1 - ok
15:07:26.0976 2800  [ 6BCE9E349B84DA374288F974431169A8 ] \Device\Harddisk0\DR0\Partition2
15:07:26.0992 2800  \Device\Harddisk0\DR0\Partition2 - ok
15:07:27.0007 2800  [ F47B1AE5DDD1BC05D594AD872CFFF854 ] \Device\Harddisk0\DR0\Partition3
15:07:27.0007 2800  \Device\Harddisk0\DR0\Partition3 - ok
15:07:27.0007 2800  ============================================================
15:07:27.0007 2800  Scan finished
15:07:27.0007 2800  ============================================================
15:07:27.0023 2848  Detected object count: 0
15:07:27.0023 2848  Actual detected object count: 0
15:07:29.0914 2692  Deinitialize success
         
Der Upload war übrigens problemlos, allerdings konnte ich eben den Inhalt der Datei nicht im Beitrag posten und als Dateianhang war sie auch zu groß.

Alt 19.01.2013, 15:46   #5
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



getinfo fehlt.
teste mal, ob alle eure hp produkte und programme funktionieren, die hast du nämlich mit der TDSS killer aktion evtl. "beschädigt"

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.01.2013, 17:50   #6
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



In der GetInfo steht:
Code:
ATTFilter
System volume information:	 dwHighDateTime = 0x1cdbb48,dwLowDateTime = 0x70f7c39c
System32:			 dwHighDateTime = 0x1ca0431,dwLowDateTime = 0xfec9a6f8
dwSerialNumber = 0x7011d448
         
Habe gerade geprüft, ob der Drucker noch funktioniert. Scheint alles einwandfrei zu klappen.

Ich danke Dir, für Deine Arbeit. Kann ich davon ausgehen, dass wir das Problem durch das Löschen mittels OTL gelöst haben? Ich habe Microsoft Security Essentials und Malewarebytes Anti-Malware beide vollständig überprüfen lassen - jeweils ohne Treffer.

Noch einen schönen Abend,
djjay

Alt 19.01.2013, 18:47   #7
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
bitte nur die angeforderten Prüfungen machen.

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.01.2013, 16:09   #8
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Hallo,

hier der Inhalt von TDSSKiller.2.8.15.0_20.01.2013_16.05.00_log

Code:
ATTFilter
16:05:00.0837 2388  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:05:01.0011 2388  ============================================================
16:05:01.0011 2388  Current date / time: 2013/01/20 16:05:01.0011
16:05:01.0011 2388  SystemInfo:
16:05:01.0011 2388  
16:05:01.0011 2388  OS Version: 6.1.7601 ServicePack: 1.0
16:05:01.0011 2388  Product type: Workstation
16:05:01.0011 2388  ComputerName: HASO-PC
16:05:01.0012 2388  UserName: HASO
16:05:01.0012 2388  Windows directory: C:\Windows
16:05:01.0012 2388  System windows directory: C:\Windows
16:05:01.0012 2388  Running under WOW64
16:05:01.0012 2388  Processor architecture: Intel x64
16:05:01.0012 2388  Number of processors: 2
16:05:01.0012 2388  Page size: 0x1000
16:05:01.0012 2388  Boot type: Normal boot
16:05:01.0012 2388  ============================================================
16:05:02.0480 2388  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
16:05:02.0486 2388  ============================================================
16:05:02.0486 2388  \Device\Harddisk0\DR0:
16:05:02.0486 2388  MBR partitions:
16:05:02.0486 2388  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:05:02.0486 2388  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC800000
16:05:02.0486 2388  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC832800, BlocksNum 0x10992800
16:05:02.0486 2388  ============================================================
16:05:02.0524 2388  C: <-> \Device\Harddisk0\DR0\Partition3
16:05:02.0644 2388  D: <-> \Device\Harddisk0\DR0\Partition2
16:05:02.0644 2388  ============================================================
16:05:02.0644 2388  Initialize success
16:05:02.0645 2388  ============================================================
16:05:54.0075 1228  ============================================================
16:05:54.0075 1228  Scan started
16:05:54.0075 1228  Mode: Manual; SigCheck; TDLFS; 
16:05:54.0075 1228  ============================================================
16:05:55.0825 1228  ================ Scan system memory ========================
16:05:55.0825 1228  System memory - ok
16:05:55.0825 1228  ================ Scan services =============================
16:05:55.0965 1228  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:05:56.0090 1228  1394ohci - ok
16:05:56.0122 1228  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:05:56.0137 1228  ACPI - ok
16:05:56.0153 1228  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:05:56.0247 1228  AcpiPmi - ok
16:05:56.0293 1228  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:05:56.0340 1228  AdobeARMservice - ok
16:05:56.0403 1228  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:05:56.0418 1228  AdobeFlashPlayerUpdateSvc - ok
16:05:56.0465 1228  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:05:56.0481 1228  adp94xx - ok
16:05:56.0512 1228  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:05:56.0528 1228  adpahci - ok
16:05:56.0543 1228  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:05:56.0559 1228  adpu320 - ok
16:05:56.0590 1228  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:05:56.0731 1228  AeLookupSvc - ok
16:05:56.0778 1228  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:05:56.0840 1228  AFD - ok
16:05:56.0872 1228  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:05:56.0887 1228  agp440 - ok
16:05:56.0903 1228  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:05:56.0965 1228  ALG - ok
16:05:56.0981 1228  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:05:56.0997 1228  aliide - ok
16:05:56.0997 1228  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:05:57.0012 1228  amdide - ok
16:05:57.0043 1228  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:05:57.0090 1228  AmdK8 - ok
16:05:57.0106 1228  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:05:57.0137 1228  AmdPPM - ok
16:05:57.0168 1228  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:05:57.0184 1228  amdsata - ok
16:05:57.0200 1228  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:05:57.0215 1228  amdsbs - ok
16:05:57.0247 1228  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:05:57.0247 1228  amdxata - ok
16:05:57.0293 1228  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:05:57.0418 1228  AppID - ok
16:05:57.0434 1228  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:05:57.0512 1228  AppIDSvc - ok
16:05:57.0543 1228  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:05:57.0590 1228  Appinfo - ok
16:05:57.0653 1228  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:05:57.0684 1228  AppMgmt - ok
16:05:57.0715 1228  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:05:57.0731 1228  arc - ok
16:05:57.0747 1228  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:05:57.0762 1228  arcsas - ok
16:05:57.0778 1228  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:05:57.0825 1228  AsyncMac - ok
16:05:57.0856 1228  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:05:57.0856 1228  atapi - ok
16:05:57.0903 1228  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:05:57.0965 1228  AudioEndpointBuilder - ok
16:05:57.0981 1228  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:05:58.0012 1228  AudioSrv - ok
16:05:58.0059 1228  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:05:58.0122 1228  AxInstSV - ok
16:05:58.0168 1228  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:05:58.0215 1228  b06bdrv - ok
16:05:58.0231 1228  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:05:58.0278 1228  b57nd60a - ok
16:05:58.0309 1228  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:05:58.0340 1228  BDESVC - ok
16:05:58.0356 1228  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:05:58.0418 1228  Beep - ok
16:05:58.0465 1228  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:05:58.0528 1228  BFE - ok
16:05:58.0559 1228  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:05:58.0606 1228  BITS - ok
16:05:58.0637 1228  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:05:58.0653 1228  blbdrive - ok
16:05:58.0700 1228  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:05:58.0731 1228  bowser - ok
16:05:58.0747 1228  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:05:58.0825 1228  BrFiltLo - ok
16:05:58.0840 1228  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:05:58.0856 1228  BrFiltUp - ok
16:05:58.0872 1228  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:05:58.0903 1228  Browser - ok
16:05:58.0934 1228  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:05:58.0965 1228  Brserid - ok
16:05:58.0965 1228  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:05:58.0997 1228  BrSerWdm - ok
16:05:59.0012 1228  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:05:59.0043 1228  BrUsbMdm - ok
16:05:59.0043 1228  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:05:59.0075 1228  BrUsbSer - ok
16:05:59.0090 1228  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:05:59.0122 1228  BTHMODEM - ok
16:05:59.0137 1228  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:05:59.0184 1228  bthserv - ok
16:05:59.0231 1228  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:05:59.0278 1228  cdfs - ok
16:05:59.0309 1228  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:05:59.0340 1228  cdrom - ok
16:05:59.0387 1228  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:05:59.0450 1228  CertPropSvc - ok
16:05:59.0481 1228  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:05:59.0512 1228  circlass - ok
16:05:59.0528 1228  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:05:59.0543 1228  CLFS - ok
16:05:59.0637 1228  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:05:59.0653 1228  clr_optimization_v2.0.50727_32 - ok
16:05:59.0700 1228  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:05:59.0700 1228  clr_optimization_v2.0.50727_64 - ok
16:05:59.0762 1228  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:05:59.0825 1228  clr_optimization_v4.0.30319_32 - ok
16:05:59.0872 1228  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:05:59.0887 1228  clr_optimization_v4.0.30319_64 - ok
16:05:59.0903 1228  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:05:59.0934 1228  CmBatt - ok
16:05:59.0965 1228  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:05:59.0981 1228  cmdide - ok
16:06:00.0012 1228  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:06:00.0043 1228  CNG - ok
16:06:00.0059 1228  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:06:00.0090 1228  Compbatt - ok
16:06:00.0122 1228  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:06:00.0153 1228  CompositeBus - ok
16:06:00.0168 1228  COMSysApp - ok
16:06:00.0184 1228  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:06:00.0184 1228  crcdisk - ok
16:06:00.0231 1228  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:06:00.0278 1228  CryptSvc - ok
16:06:00.0309 1228  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
16:06:00.0356 1228  CSC - ok
16:06:00.0418 1228  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
16:06:00.0450 1228  CscService - ok
16:06:00.0512 1228  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:06:00.0575 1228  DcomLaunch - ok
16:06:00.0653 1228  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:06:00.0715 1228  defragsvc - ok
16:06:00.0747 1228  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:06:00.0793 1228  DfsC - ok
16:06:00.0825 1228  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:06:00.0887 1228  Dhcp - ok
16:06:00.0903 1228  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:06:00.0950 1228  discache - ok
16:06:00.0965 1228  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:06:00.0981 1228  Disk - ok
16:06:01.0012 1228  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:06:01.0075 1228  Dnscache - ok
16:06:01.0122 1228  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:06:01.0200 1228  dot3svc - ok
16:06:01.0215 1228  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:06:01.0262 1228  DPS - ok
16:06:01.0293 1228  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:06:01.0309 1228  drmkaud - ok
16:06:01.0356 1228  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:06:01.0387 1228  DXGKrnl - ok
16:06:01.0418 1228  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:06:01.0465 1228  EapHost - ok
16:06:01.0668 1228  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:06:01.0793 1228  ebdrv - ok
16:06:01.0825 1228  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:06:01.0887 1228  EFS - ok
16:06:01.0934 1228  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:06:01.0965 1228  ehRecvr - ok
16:06:01.0997 1228  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:06:02.0028 1228  ehSched - ok
16:06:02.0075 1228  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:06:02.0090 1228  elxstor - ok
16:06:02.0122 1228  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:06:02.0153 1228  ErrDev - ok
16:06:02.0184 1228  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:06:02.0215 1228  EventSystem - ok
16:06:02.0231 1228  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:06:02.0278 1228  exfat - ok
16:06:02.0293 1228  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:06:02.0340 1228  fastfat - ok
16:06:02.0403 1228  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:06:02.0450 1228  Fax - ok
16:06:02.0465 1228  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:06:02.0481 1228  fdc - ok
16:06:02.0512 1228  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:06:02.0575 1228  fdPHost - ok
16:06:02.0590 1228  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:06:02.0684 1228  FDResPub - ok
16:06:02.0715 1228  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:06:02.0762 1228  FileInfo - ok
16:06:02.0793 1228  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:06:02.0856 1228  Filetrace - ok
16:06:02.0856 1228  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:06:02.0887 1228  flpydisk - ok
16:06:02.0918 1228  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:06:02.0934 1228  FltMgr - ok
16:06:02.0981 1228  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
16:06:03.0043 1228  FontCache - ok
16:06:03.0090 1228  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:06:03.0106 1228  FontCache3.0.0.0 - ok
16:06:03.0137 1228  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:06:03.0137 1228  FsDepends - ok
16:06:03.0168 1228  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:06:03.0168 1228  Fs_Rec - ok
16:06:03.0200 1228  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:06:03.0215 1228  fvevol - ok
16:06:03.0247 1228  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:06:03.0247 1228  gagp30kx - ok
16:06:03.0278 1228  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:06:03.0340 1228  gpsvc - ok
16:06:03.0356 1228  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:06:03.0403 1228  hcw85cir - ok
16:06:03.0434 1228  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:06:03.0450 1228  HdAudAddService - ok
16:06:03.0465 1228  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:06:03.0497 1228  HDAudBus - ok
16:06:03.0528 1228  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:06:03.0575 1228  HidBatt - ok
16:06:03.0622 1228  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:06:03.0684 1228  HidBth - ok
16:06:03.0700 1228  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:06:03.0731 1228  HidIr - ok
16:06:03.0762 1228  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:06:03.0809 1228  hidserv - ok
16:06:03.0856 1228  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:06:03.0872 1228  HidUsb - ok
16:06:03.0903 1228  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:06:03.0965 1228  hkmsvc - ok
16:06:03.0981 1228  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:06:04.0012 1228  HomeGroupListener - ok
16:06:04.0043 1228  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:06:04.0075 1228  HomeGroupProvider - ok
16:06:04.0106 1228  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:06:04.0137 1228  HpSAMD - ok
16:06:04.0168 1228  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:06:04.0215 1228  HTTP - ok
16:06:04.0247 1228  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:06:04.0262 1228  hwpolicy - ok
16:06:04.0293 1228  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:06:04.0309 1228  i8042prt - ok
16:06:04.0340 1228  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:06:04.0356 1228  iaStorV - ok
16:06:04.0434 1228  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:06:04.0450 1228  idsvc - ok
16:06:04.0497 1228  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:06:04.0497 1228  iirsp - ok
16:06:04.0559 1228  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:06:04.0637 1228  IKEEXT - ok
16:06:04.0684 1228  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:06:04.0684 1228  intelide - ok
16:06:04.0731 1228  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:06:04.0762 1228  intelppm - ok
16:06:04.0809 1228  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:06:04.0840 1228  IPBusEnum - ok
16:06:04.0872 1228  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:06:04.0918 1228  IpFilterDriver - ok
16:06:04.0950 1228  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:06:04.0981 1228  iphlpsvc - ok
16:06:05.0028 1228  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:06:05.0043 1228  IPMIDRV - ok
16:06:05.0090 1228  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:06:05.0122 1228  IPNAT - ok
16:06:05.0137 1228  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:06:05.0200 1228  IRENUM - ok
16:06:05.0231 1228  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:06:05.0247 1228  isapnp - ok
16:06:05.0293 1228  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:06:05.0325 1228  iScsiPrt - ok
16:06:05.0340 1228  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:06:05.0356 1228  kbdclass - ok
16:06:05.0403 1228  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:06:05.0418 1228  kbdhid - ok
16:06:05.0450 1228  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:06:05.0450 1228  KeyIso - ok
16:06:05.0497 1228  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:06:05.0497 1228  KSecDD - ok
16:06:05.0559 1228  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:06:05.0590 1228  KSecPkg - ok
16:06:05.0653 1228  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:06:05.0700 1228  ksthunk - ok
16:06:05.0747 1228  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:06:05.0793 1228  KtmRm - ok
16:06:05.0840 1228  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:06:05.0887 1228  LanmanServer - ok
16:06:05.0934 1228  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:06:06.0012 1228  LanmanWorkstation - ok
16:06:06.0075 1228  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:06:06.0137 1228  lltdio - ok
16:06:06.0200 1228  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:06:06.0293 1228  lltdsvc - ok
16:06:06.0325 1228  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:06:06.0356 1228  lmhosts - ok
16:06:06.0418 1228  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:06:06.0497 1228  LSI_FC - ok
16:06:06.0543 1228  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:06:06.0606 1228  LSI_SAS - ok
16:06:06.0700 1228  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:06:06.0747 1228  LSI_SAS2 - ok
16:06:06.0778 1228  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:06:06.0809 1228  LSI_SCSI - ok
16:06:06.0887 1228  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:06:06.0981 1228  luafv - ok
16:06:07.0012 1228  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:06:07.0043 1228  Mcx2Svc - ok
16:06:07.0075 1228  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:06:07.0090 1228  megasas - ok
16:06:07.0137 1228  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:06:07.0231 1228  MegaSR - ok
16:06:07.0262 1228  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:06:07.0325 1228  MMCSS - ok
16:06:07.0340 1228  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:06:07.0387 1228  Modem - ok
16:06:07.0450 1228  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:06:07.0481 1228  monitor - ok
16:06:07.0528 1228  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
16:06:07.0543 1228  mouclass - ok
16:06:07.0653 1228  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:06:07.0731 1228  mouhid - ok
16:06:07.0778 1228  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:06:07.0840 1228  mountmgr - ok
16:06:08.0043 1228  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:06:08.0075 1228  MozillaMaintenance - ok
16:06:08.0106 1228  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:06:08.0153 1228  MpFilter - ok
16:06:08.0184 1228  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:06:08.0200 1228  mpio - ok
16:06:08.0247 1228  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:06:08.0278 1228  mpsdrv - ok
16:06:08.0309 1228  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:06:08.0387 1228  MpsSvc - ok
16:06:08.0403 1228  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:06:08.0450 1228  MRxDAV - ok
16:06:08.0481 1228  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:06:08.0512 1228  mrxsmb - ok
16:06:08.0543 1228  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:06:08.0590 1228  mrxsmb10 - ok
16:06:08.0622 1228  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:06:08.0653 1228  mrxsmb20 - ok
16:06:08.0668 1228  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:06:08.0700 1228  msahci - ok
16:06:08.0747 1228  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:06:08.0825 1228  msdsm - ok
16:06:08.0856 1228  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:06:08.0887 1228  MSDTC - ok
16:06:08.0934 1228  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:06:08.0981 1228  Msfs - ok
16:06:09.0012 1228  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:06:09.0075 1228  mshidkmdf - ok
16:06:09.0122 1228  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:06:09.0137 1228  msisadrv - ok
16:06:09.0200 1228  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:06:09.0262 1228  MSiSCSI - ok
16:06:09.0278 1228  msiserver - ok
16:06:09.0309 1228  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:06:09.0372 1228  MSKSSRV - ok
16:06:09.0497 1228  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:06:09.0512 1228  MsMpSvc - ok
16:06:09.0559 1228  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:06:09.0622 1228  MSPCLOCK - ok
16:06:09.0637 1228  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:06:09.0684 1228  MSPQM - ok
16:06:09.0715 1228  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:06:09.0747 1228  MsRPC - ok
16:06:09.0809 1228  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:06:09.0840 1228  mssmbios - ok
16:06:09.0887 1228  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:06:09.0950 1228  MSTEE - ok
16:06:09.0965 1228  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:06:09.0981 1228  MTConfig - ok
16:06:10.0059 1228  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:06:10.0075 1228  Mup - ok
16:06:10.0122 1228  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:06:10.0200 1228  napagent - ok
16:06:10.0247 1228  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:06:10.0293 1228  NativeWifiP - ok
16:06:10.0372 1228  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:06:10.0418 1228  NDIS - ok
16:06:10.0465 1228  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:06:10.0528 1228  NdisCap - ok
16:06:10.0575 1228  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:06:10.0715 1228  NdisTapi - ok
16:06:10.0762 1228  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:06:10.0825 1228  Ndisuio - ok
16:06:10.0856 1228  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:06:10.0918 1228  NdisWan - ok
16:06:10.0965 1228  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:06:11.0043 1228  NDProxy - ok
16:06:11.0075 1228  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:06:11.0137 1228  NetBIOS - ok
16:06:11.0168 1228  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:06:11.0215 1228  NetBT - ok
16:06:11.0247 1228  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:06:11.0247 1228  Netlogon - ok
16:06:11.0356 1228  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:06:11.0434 1228  Netman - ok
16:06:11.0465 1228  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:06:11.0528 1228  netprofm - ok
16:06:11.0575 1228  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:06:11.0606 1228  NetTcpPortSharing - ok
16:06:11.0684 1228  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:06:11.0700 1228  nfrd960 - ok
16:06:11.0778 1228  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:06:11.0793 1228  NisDrv - ok
16:06:11.0825 1228  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
16:06:11.0856 1228  NisSrv - ok
16:06:11.0950 1228  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:06:12.0012 1228  NlaSvc - ok
16:06:12.0059 1228  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:06:12.0090 1228  Npfs - ok
16:06:12.0122 1228  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:06:12.0184 1228  nsi - ok
16:06:12.0200 1228  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:06:12.0231 1228  nsiproxy - ok
16:06:12.0622 1228  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:06:12.0715 1228  Ntfs - ok
16:06:12.0747 1228  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:06:12.0793 1228  Null - ok
16:06:14.0012 1228  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:06:14.0247 1228  nvlddmkm - ok
16:06:14.0325 1228  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:06:14.0325 1228  nvraid - ok
16:06:14.0403 1228  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:06:14.0450 1228  nvstor - ok
16:06:14.0653 1228  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:06:14.0715 1228  nvsvc - ok
16:06:14.0950 1228  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:06:15.0028 1228  nvUpdatusService - ok
16:06:15.0043 1228  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:06:15.0075 1228  nv_agp - ok
16:06:15.0106 1228  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:06:15.0137 1228  ohci1394 - ok
16:06:15.0215 1228  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:06:15.0293 1228  p2pimsvc - ok
16:06:15.0387 1228  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:06:15.0418 1228  p2psvc - ok
16:06:15.0465 1228  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:06:15.0512 1228  Parport - ok
16:06:15.0543 1228  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:06:15.0575 1228  partmgr - ok
16:06:15.0684 1228  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:06:15.0747 1228  PcaSvc - ok
16:06:15.0778 1228  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:06:15.0793 1228  pci - ok
16:06:15.0809 1228  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:06:15.0825 1228  pciide - ok
16:06:15.0872 1228  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:06:15.0903 1228  pcmcia - ok
16:06:15.0934 1228  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:06:15.0965 1228  pcw - ok
16:06:16.0090 1228  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:06:16.0200 1228  PEAUTH - ok
16:06:16.0372 1228  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:06:16.0481 1228  PeerDistSvc - ok
16:06:16.0762 1228  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:06:16.0809 1228  PerfHost - ok
16:06:16.0965 1228  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:06:17.0043 1228  pla - ok
16:06:17.0090 1228  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:06:17.0153 1228  PlugPlay - ok
16:06:17.0200 1228  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:06:17.0247 1228  PNRPAutoReg - ok
16:06:17.0278 1228  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:06:17.0293 1228  PNRPsvc - ok
16:06:17.0325 1228  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:06:17.0387 1228  PolicyAgent - ok
16:06:17.0418 1228  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:06:17.0497 1228  Power - ok
16:06:17.0528 1228  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:06:17.0559 1228  PptpMiniport - ok
16:06:17.0590 1228  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:06:17.0653 1228  Processor - ok
16:06:17.0684 1228  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:06:17.0747 1228  ProfSvc - ok
16:06:17.0778 1228  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:06:17.0793 1228  ProtectedStorage - ok
16:06:17.0887 1228  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:06:17.0934 1228  Psched - ok
16:06:17.0997 1228  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:06:18.0043 1228  ql2300 - ok
16:06:18.0059 1228  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:06:18.0075 1228  ql40xx - ok
16:06:18.0137 1228  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:06:18.0168 1228  QWAVE - ok
16:06:18.0184 1228  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:06:18.0200 1228  QWAVEdrv - ok
16:06:18.0215 1228  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:06:18.0247 1228  RasAcd - ok
16:06:18.0293 1228  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:06:18.0325 1228  RasAgileVpn - ok
16:06:18.0356 1228  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:06:18.0403 1228  RasAuto - ok
16:06:18.0543 1228  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:06:18.0622 1228  Rasl2tp - ok
16:06:18.0653 1228  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:06:18.0700 1228  RasMan - ok
16:06:18.0731 1228  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:06:18.0778 1228  RasPppoe - ok
16:06:18.0809 1228  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:06:18.0856 1228  RasSstp - ok
16:06:18.0872 1228  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:06:18.0918 1228  rdbss - ok
16:06:18.0950 1228  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:06:18.0981 1228  rdpbus - ok
16:06:18.0997 1228  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:06:19.0043 1228  RDPCDD - ok
16:06:19.0106 1228  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:06:19.0153 1228  RDPDR - ok
16:06:19.0184 1228  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:06:19.0231 1228  RDPENCDD - ok
16:06:19.0247 1228  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:06:19.0293 1228  RDPREFMP - ok
16:06:19.0356 1228  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:06:19.0434 1228  RdpVideoMiniport - ok
16:06:19.0465 1228  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:06:19.0559 1228  RDPWD - ok
16:06:19.0622 1228  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:06:19.0637 1228  rdyboost - ok
16:06:19.0684 1228  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:06:19.0747 1228  RemoteAccess - ok
16:06:19.0809 1228  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:06:19.0856 1228  RemoteRegistry - ok
16:06:19.0872 1228  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:06:19.0934 1228  RpcEptMapper - ok
16:06:19.0950 1228  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:06:19.0965 1228  RpcLocator - ok
16:06:20.0012 1228  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:06:20.0059 1228  RpcSs - ok
16:06:20.0090 1228  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:06:20.0122 1228  rspndr - ok
16:06:20.0153 1228  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:06:20.0200 1228  RTL8167 - ok
16:06:20.0215 1228  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:06:20.0231 1228  s3cap - ok
16:06:20.0247 1228  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:06:20.0262 1228  SamSs - ok
16:06:20.0293 1228  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:06:20.0325 1228  sbp2port - ok
16:06:20.0372 1228  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:06:20.0434 1228  SCardSvr - ok
16:06:20.0465 1228  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:06:20.0528 1228  scfilter - ok
16:06:20.0559 1228  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:06:20.0622 1228  Schedule - ok
16:06:20.0668 1228  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:06:20.0700 1228  SCPolicySvc - ok
16:06:20.0747 1228  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:06:20.0809 1228  SDRSVC - ok
16:06:20.0856 1228  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:06:20.0903 1228  secdrv - ok
16:06:20.0934 1228  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:06:20.0981 1228  seclogon - ok
16:06:21.0012 1228  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:06:21.0090 1228  SENS - ok
16:06:21.0106 1228  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:06:21.0122 1228  SensrSvc - ok
16:06:21.0137 1228  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:06:21.0168 1228  Serenum - ok
16:06:21.0184 1228  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:06:21.0215 1228  Serial - ok
16:06:21.0231 1228  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:06:21.0262 1228  sermouse - ok
16:06:21.0293 1228  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:06:21.0356 1228  SessionEnv - ok
16:06:21.0372 1228  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:06:21.0418 1228  sffdisk - ok
16:06:21.0434 1228  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:06:21.0450 1228  sffp_mmc - ok
16:06:21.0465 1228  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:06:21.0481 1228  sffp_sd - ok
16:06:21.0512 1228  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:06:21.0528 1228  sfloppy - ok
16:06:21.0606 1228  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:06:21.0653 1228  SharedAccess - ok
16:06:21.0700 1228  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:06:21.0747 1228  ShellHWDetection - ok
16:06:21.0778 1228  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:06:21.0778 1228  SiSRaid2 - ok
16:06:21.0809 1228  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:06:21.0840 1228  SiSRaid4 - ok
16:06:21.0872 1228  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:06:21.0903 1228  Smb - ok
16:06:21.0950 1228  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:06:21.0965 1228  SNMPTRAP - ok
16:06:21.0997 1228  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:06:21.0997 1228  spldr - ok
16:06:22.0028 1228  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:06:22.0090 1228  Spooler - ok
16:06:22.0200 1228  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:06:22.0325 1228  sppsvc - ok
16:06:22.0356 1228  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:06:22.0418 1228  sppuinotify - ok
16:06:22.0481 1228  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:06:22.0543 1228  srv - ok
16:06:22.0559 1228  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:06:22.0606 1228  srv2 - ok
16:06:22.0637 1228  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:06:22.0653 1228  srvnet - ok
16:06:22.0684 1228  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:06:22.0731 1228  SSDPSRV - ok
16:06:22.0762 1228  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:06:22.0793 1228  SstpSvc - ok
16:06:22.0840 1228  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:06:22.0856 1228  Stereo Service - ok
16:06:22.0872 1228  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:06:22.0887 1228  stexstor - ok
16:06:22.0903 1228  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:06:22.0934 1228  StillCam - ok
16:06:22.0981 1228  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:06:23.0028 1228  stisvc - ok
16:06:23.0043 1228  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:06:23.0059 1228  storflt - ok
16:06:23.0075 1228  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:06:23.0075 1228  storvsc - ok
16:06:23.0090 1228  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:06:23.0106 1228  swenum - ok
16:06:23.0137 1228  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:06:23.0200 1228  swprv - ok
16:06:23.0200 1228  Synth3dVsc - ok
16:06:23.0247 1228  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:06:23.0293 1228  SysMain - ok
16:06:23.0325 1228  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:06:23.0340 1228  TabletInputService - ok
16:06:23.0356 1228  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:06:23.0418 1228  TapiSrv - ok
16:06:23.0434 1228  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:06:23.0465 1228  TBS - ok
16:06:23.0528 1228  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:06:23.0575 1228  Tcpip - ok
16:06:23.0606 1228  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:06:23.0653 1228  TCPIP6 - ok
16:06:23.0668 1228  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:06:23.0684 1228  tcpipreg - ok
16:06:23.0731 1228  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:06:23.0747 1228  TDPIPE - ok
16:06:23.0778 1228  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:06:23.0793 1228  TDTCP - ok
16:06:23.0825 1228  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:06:23.0856 1228  tdx - ok
16:06:23.0872 1228  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:06:23.0887 1228  TermDD - ok
16:06:23.0918 1228  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:06:23.0965 1228  TermService - ok
16:06:23.0981 1228  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:06:24.0012 1228  Themes - ok
16:06:24.0028 1228  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:06:24.0059 1228  THREADORDER - ok
16:06:24.0075 1228  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:06:24.0106 1228  TrkWks - ok
16:06:24.0153 1228  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:06:24.0200 1228  TrustedInstaller - ok
16:06:24.0231 1228  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:06:24.0293 1228  tssecsrv - ok
16:06:24.0325 1228  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:06:24.0356 1228  TsUsbFlt - ok
16:06:24.0372 1228  tsusbhub - ok
16:06:24.0418 1228  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:06:24.0465 1228  tunnel - ok
16:06:24.0497 1228  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:06:24.0497 1228  uagp35 - ok
16:06:24.0528 1228  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:06:24.0575 1228  udfs - ok
16:06:24.0622 1228  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:06:24.0637 1228  UI0Detect - ok
16:06:24.0653 1228  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:06:24.0653 1228  uliagpkx - ok
16:06:24.0668 1228  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:06:24.0700 1228  umbus - ok
16:06:24.0731 1228  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:06:24.0731 1228  UmPass - ok
16:06:24.0762 1228  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
16:06:24.0793 1228  UmRdpService - ok
16:06:24.0825 1228  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:06:24.0856 1228  upnphost - ok
16:06:24.0887 1228  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:06:24.0918 1228  usbccgp - ok
16:06:24.0950 1228  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:06:24.0965 1228  usbcir - ok
16:06:24.0981 1228  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:06:24.0997 1228  usbehci - ok
16:06:25.0012 1228  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:06:25.0028 1228  usbhub - ok
16:06:25.0059 1228  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:06:25.0075 1228  usbohci - ok
16:06:25.0106 1228  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:06:25.0122 1228  usbprint - ok
16:06:25.0153 1228  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:06:25.0184 1228  USBSTOR - ok
16:06:25.0200 1228  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:06:25.0231 1228  usbuhci - ok
16:06:25.0247 1228  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:06:25.0293 1228  UxSms - ok
16:06:25.0309 1228  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:06:25.0325 1228  VaultSvc - ok
16:06:25.0356 1228  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:06:25.0356 1228  vdrvroot - ok
16:06:25.0403 1228  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:06:25.0450 1228  vds - ok
16:06:25.0481 1228  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:06:25.0497 1228  vga - ok
16:06:25.0512 1228  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:06:25.0559 1228  VgaSave - ok
16:06:25.0559 1228  VGPU - ok
16:06:25.0590 1228  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:06:25.0606 1228  vhdmp - ok
16:06:25.0637 1228  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:06:25.0653 1228  viaide - ok
16:06:25.0684 1228  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:06:25.0700 1228  vmbus - ok
16:06:25.0715 1228  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:06:25.0731 1228  VMBusHID - ok
16:06:25.0747 1228  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:06:25.0778 1228  volmgr - ok
16:06:25.0793 1228  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:06:25.0809 1228  volmgrx - ok
16:06:25.0840 1228  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:06:25.0856 1228  volsnap - ok
16:06:25.0903 1228  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:06:25.0918 1228  vsmraid - ok
16:06:25.0965 1228  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:06:26.0043 1228  VSS - ok
16:06:26.0059 1228  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:06:26.0090 1228  vwifibus - ok
16:06:26.0122 1228  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:06:26.0168 1228  W32Time - ok
16:06:26.0184 1228  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:06:26.0215 1228  WacomPen - ok
16:06:26.0247 1228  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:06:26.0309 1228  WANARP - ok
16:06:26.0309 1228  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:06:26.0340 1228  Wanarpv6 - ok
16:06:26.0403 1228  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:06:26.0465 1228  wbengine - ok
16:06:26.0497 1228  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:06:26.0512 1228  WbioSrvc - ok
16:06:26.0543 1228  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:06:26.0606 1228  wcncsvc - ok
16:06:26.0622 1228  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:06:26.0668 1228  WcsPlugInService - ok
16:06:26.0700 1228  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:06:26.0700 1228  Wd - ok
16:06:26.0747 1228  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:06:26.0778 1228  Wdf01000 - ok
16:06:26.0809 1228  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:06:26.0903 1228  WdiServiceHost - ok
16:06:26.0903 1228  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:06:26.0918 1228  WdiSystemHost - ok
16:06:26.0950 1228  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:06:26.0997 1228  WebClient - ok
16:06:27.0028 1228  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:06:27.0075 1228  Wecsvc - ok
16:06:27.0090 1228  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:06:27.0122 1228  wercplsupport - ok
16:06:27.0153 1228  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:06:27.0200 1228  WerSvc - ok
16:06:27.0231 1228  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:06:27.0262 1228  WfpLwf - ok
16:06:27.0262 1228  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:06:27.0278 1228  WIMMount - ok
16:06:27.0309 1228  WinDefend - ok
16:06:27.0309 1228  WinHttpAutoProxySvc - ok
16:06:27.0356 1228  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:06:27.0418 1228  Winmgmt - ok
16:06:27.0481 1228  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:06:27.0528 1228  WinRM - ok
16:06:27.0590 1228  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:06:27.0637 1228  Wlansvc - ok
16:06:27.0668 1228  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:06:27.0700 1228  WmiAcpi - ok
16:06:27.0731 1228  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:06:27.0747 1228  wmiApSrv - ok
16:06:27.0778 1228  WMPNetworkSvc - ok
16:06:27.0793 1228  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:06:27.0825 1228  WPCSvc - ok
16:06:27.0840 1228  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:06:27.0856 1228  WPDBusEnum - ok
16:06:27.0872 1228  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:06:27.0918 1228  ws2ifsl - ok
16:06:27.0934 1228  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:06:27.0965 1228  wscsvc - ok
16:06:27.0981 1228  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:06:28.0012 1228  WSDPrintDevice - ok
16:06:28.0012 1228  WSearch - ok
16:06:28.0090 1228  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:06:28.0153 1228  wuauserv - ok
16:06:28.0168 1228  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:06:28.0200 1228  WudfPf - ok
16:06:28.0231 1228  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:06:28.0262 1228  WUDFRd - ok
16:06:28.0278 1228  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:06:28.0293 1228  wudfsvc - ok
16:06:28.0325 1228  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:06:28.0356 1228  WwanSvc - ok
16:06:28.0372 1228  ================ Scan global ===============================
16:06:28.0387 1228  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:06:28.0403 1228  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:06:28.0418 1228  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:06:28.0434 1228  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:06:28.0465 1228  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:06:28.0481 1228  [Global] - ok
16:06:28.0481 1228  ================ Scan MBR ==================================
16:06:28.0497 1228  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:06:28.0965 1228  \Device\Harddisk0\DR0 - ok
16:06:28.0965 1228  ================ Scan VBR ==================================
16:06:28.0965 1228  [ D418FA79A45C91FB1F5B4057C861B0E0 ] \Device\Harddisk0\DR0\Partition1
16:06:28.0965 1228  \Device\Harddisk0\DR0\Partition1 - ok
16:06:28.0997 1228  [ 6BCE9E349B84DA374288F974431169A8 ] \Device\Harddisk0\DR0\Partition2
16:06:28.0997 1228  \Device\Harddisk0\DR0\Partition2 - ok
16:06:29.0028 1228  [ F47B1AE5DDD1BC05D594AD872CFFF854 ] \Device\Harddisk0\DR0\Partition3
16:06:29.0028 1228  \Device\Harddisk0\DR0\Partition3 - ok
16:06:29.0028 1228  ============================================================
16:06:29.0028 1228  Scan finished
16:06:29.0028 1228  ============================================================
16:06:29.0043 1872  Detected object count: 0
16:06:29.0043 1872  Actual detected object count: 0
16:06:38.0465 2392  Deinitialize success
         
Grüße,
djjay

Alt 20.01.2013, 19:56   #9
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.01.2013, 16:34   #10
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Hi,

ComboFix hat mir eine Log-Datei mit diesem Inhalt ausgegeben:

Code:
ATTFilter
ComboFix 13-01-21.01 - HASO 21.01.2013  16:18:45.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1033.18.2047.1117 [GMT 1:00]
ausgeführt von:: c:\users\HASO\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\HASO\Desktop\Scanner.lnk
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-21 bis 2013-01-21  ))))))))))))))))))))))))))))))
.
.
2013-01-21 15:23 . 2013-01-21 15:23	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-01-21 15:23 . 2013-01-21 15:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-21 15:14 . 2013-01-07 20:32	9161176	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B79527FF-E92C-4609-98B8-209A1A09D44D}\mpengine.dll
2013-01-19 16:43 . 2013-01-07 20:32	9161176	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-19 13:13 . 2013-01-19 13:24	--------	d-----w-	C:\_OTL
2013-01-18 14:15 . 2013-01-18 14:15	--------	d-----w-	c:\program files\CCleaner
2013-01-18 14:04 . 2013-01-18 14:04	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-01-17 15:01 . 2013-01-17 15:01	--------	d-----w-	c:\users\HASO\AppData\Roaming\Malwarebytes
2013-01-17 15:01 . 2013-01-17 15:01	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-17 15:01 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-01-17 15:01 . 2013-01-17 15:01	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-17 15:00 . 2013-01-17 15:00	--------	d-----w-	c:\users\HASO\AppData\Local\Programs
2013-01-17 14:59 . 2013-01-17 14:59	972264	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6908F49B-6507-4366-ACC0-24B3CA7AFCA9}\gapaengine.dll
2013-01-17 14:57 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9EB11E7-4EB5-4151-983F-B2DC91913B6E}\mpengine.dll
2013-01-17 14:57 . 2013-01-17 14:57	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2013-01-17 14:57 . 2013-01-17 14:57	--------	d-----w-	c:\program files\Microsoft Security Client
2013-01-12 13:36 . 2013-01-12 14:26	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-01-12 12:28 . 2012-11-09 05:45	750592	----a-w-	c:\windows\system32\win32spl.dll
2013-01-12 12:28 . 2012-11-09 04:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-12 12:26 . 2012-11-01 05:43	2002432	----a-w-	c:\windows\system32\msxml6.dll
2013-01-12 12:26 . 2012-11-01 05:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2013-01-12 12:26 . 2012-11-01 04:47	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2013-01-12 12:26 . 2012-11-01 04:47	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2013-01-12 12:26 . 2012-11-20 05:48	307200	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-12 12:26 . 2012-11-20 04:51	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2013-01-12 12:26 . 2012-11-22 05:44	800768	----a-w-	c:\windows\system32\usp10.dll
2013-01-12 12:26 . 2012-11-22 04:45	626688	----a-w-	c:\windows\SysWow64\usp10.dll
2013-01-12 12:24 . 2012-11-30 02:44	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-01-12 12:24 . 2012-11-23 03:26	3149824	----a-w-	c:\windows\system32\win32k.sys
2012-12-23 14:34 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-23 14:34 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-23 14:34 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-23 14:34 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-18 13:29 . 2012-11-05 17:02	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-18 13:29 . 2012-11-05 17:02	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-12 14:36 . 2012-11-05 14:57	67599240	----a-w-	c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-12 12:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-15 11:49	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-15 11:49	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-15 11:49	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-15 11:49	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-15 11:49	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-15 11:49	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-15 11:49	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-15 11:49	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-15 11:49	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-15 11:49	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-15 11:49	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-15 11:49	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-15 11:49	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-15 11:49	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-15 11:49	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-15 11:49	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-15 11:49	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-15 11:49	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-15 11:49	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-15 11:49	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-15 11:49	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-15 11:49	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 17:02 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2012-11-09 17:02 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2012-11-09 05:45 . 2012-12-15 10:38	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-15 10:38	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-05 13:48 . 2012-11-05 13:48	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-11-05 13:48 . 2012-11-05 13:48	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-05 13:48 . 2012-11-05 13:48	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-05 13:48 . 2012-11-05 13:48	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-11-05 13:48 . 2012-11-05 13:48	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-11-05 13:48 . 2012-11-05 13:48	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-11-05 13:48 . 2012-11-05 13:48	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-11-05 13:48 . 2012-11-05 13:48	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2012-11-05 13:48 . 2012-11-05 13:48	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-11-05 13:48 . 2012-11-05 13:48	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-11-05 13:48 . 2012-11-05 13:48	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-11-05 13:48 . 2012-11-05 13:48	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-11-05 13:47 . 2012-11-05 13:47	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2012-11-05 13:47 . 2012-11-05 13:47	65024	----a-w-	c:\windows\system32\pngfilt.dll
2012-11-05 13:47 . 2012-11-05 13:47	55296	----a-w-	c:\windows\system32\msfeedsbs.dll
2012-11-05 13:47 . 2012-11-05 13:47	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-11-05 13:47 . 2012-11-05 13:47	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-11-05 13:47 . 2012-11-05 13:47	267776	----a-w-	c:\windows\system32\ieaksie.dll
2012-11-05 13:47 . 2012-11-05 13:47	222208	----a-w-	c:\windows\system32\msls31.dll
2012-11-05 13:47 . 2012-11-05 13:47	197120	----a-w-	c:\windows\system32\msrating.dll
2012-11-05 13:47 . 2012-11-05 13:47	163840	----a-w-	c:\windows\system32\ieakui.dll
2012-11-05 13:47 . 2012-11-05 13:47	149504	----a-w-	c:\windows\system32\occache.dll
2012-11-05 13:47 . 2012-11-05 13:47	145920	----a-w-	c:\windows\system32\iepeers.dll
2012-11-05 13:47 . 2012-11-05 13:47	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-11-05 13:47 . 2012-11-05 13:47	12288	----a-w-	c:\windows\system32\mshta.exe
2012-11-05 13:47 . 2012-11-05 13:47	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-11-05 13:47 . 2012-11-05 13:47	114176	----a-w-	c:\windows\system32\admparse.dll
2012-11-05 13:47 . 2012-11-05 13:47	10752	----a-w-	c:\windows\system32\msfeedssync.exe
2012-11-05 13:47 . 2012-11-05 13:47	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-11-05 13:47 . 2012-11-05 13:47	160256	----a-w-	c:\windows\system32\ieakeng.dll
2012-11-05 13:47 . 2012-11-05 13:47	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-11-05 13:47 . 2012-11-05 13:47	89088	----a-w-	c:\windows\system32\ie4uinit.exe
2012-11-05 13:47 . 2012-11-05 13:47	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-11-05 13:47 . 2012-11-05 13:47	82432	----a-w-	c:\windows\system32\icardie.dll
2012-11-05 13:47 . 2012-11-05 13:47	76800	----a-w-	c:\windows\system32\tdc.ocx
2012-11-05 13:47 . 2012-11-05 13:47	534528	----a-w-	c:\windows\system32\ieapfltr.dll
2012-11-05 13:47 . 2012-11-05 13:47	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-11-05 13:47 . 2012-11-05 13:47	452608	----a-w-	c:\windows\system32\dxtmsft.dll
2012-11-05 13:47 . 2012-11-05 13:47	448512	----a-w-	c:\windows\system32\html.iec
2012-11-05 13:47 . 2012-11-05 13:47	403248	----a-w-	c:\windows\system32\iedkcs32.dll
2012-11-05 13:47 . 2012-11-05 13:47	39936	----a-w-	c:\windows\system32\iernonce.dll
2012-11-05 13:47 . 2012-11-05 13:47	3695416	----a-w-	c:\windows\system32\ieapfltr.dat
2012-11-05 13:47 . 2012-11-05 13:47	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-11-05 13:47 . 2012-11-05 13:47	282112	----a-w-	c:\windows\system32\dxtrans.dll
2012-11-05 13:47 . 2012-11-05 13:47	249344	----a-w-	c:\windows\system32\webcheck.dll
2012-11-05 13:47 . 2012-11-05 13:47	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-11-05 13:47 . 2012-11-05 13:47	160256	----a-w-	c:\windows\system32\wextract.exe
2012-11-05 13:47 . 2012-11-05 13:47	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-11-05 13:47 . 2012-11-05 13:47	103936	----a-w-	c:\windows\system32\inseng.dll
2012-11-02 05:59 . 2012-12-15 10:37	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-15 10:37	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-05 13:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\HASO\AppData\Roaming\Mozilla\Firefox\Profiles\ea72eqd2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-96538435.sys
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-21  16:25:50
ComboFix-quarantined-files.txt  2013-01-21 15:25
.
Vor Suchlauf: 8 Verzeichnis(se), 106.300.424.192 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 107.311.218.688 Bytes frei
.
- - End Of File - - D2E6C0AECA618EAACDC665686E44188E
         
Gruß,
djjay

Alt 21.01.2013, 18:37   #11
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.01.2013, 17:45   #12
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Guten Abend,
hier der Inhalt der Liste des CCleaners:

Code:
ATTFilter
Adobe Flash Player 11 Plugin			Adobe Systems Incorporated	18.01.2013	6,00MB	11.5.502.146	notwendig
Adobe Reader XI (11.0.01) - Deutsch		Adobe Systems Incorporated	12.01.2013	133MB	11.0.01		notwendig
CCleaner					Piriform			19.12.2012		3.26		notwendig
CDBurnerXP					CDBurnerXP			17.01.2013	11,5MB	4.5.0.3717	notwendig
Franzis 3D-Eisenbahnplaner 10.0			Franzis				16.12.2012				nicht notwendig
HP Officejet 4500 G510n-z			HP				05.11.2012		13.0		notwendig
LibreOffice 3.6					The Document Foundation		05.11.2012	425MB	3.6.3.2		notwendig
Malwarebytes Anti-Malware Version 1.70.0.1100	Malwarebytes Corporation	17.01.2013	18,4MB	1.70.0.1100	notwendig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation		06.11.2012	38,8MB	4.0.30319	- unbekannt -
Microsoft Security Essentials			Microsoft Corporation		17.01.2013		4.1.522.0	notwendig
Mozilla Firefox 18.0.1 (x86 de)			Mozilla				21.01.2013	43,2MB	18.0.1		notwendig
Mozilla Maintenance Service			Mozilla				21.01.2013	330KB	18.0.1		- unbekannt -
Mozilla Thunderbird 17.0.2 (x86 de)		Mozilla				12.01.2013	41,9MB	17.0.2		notwendig
MSXML 4.0 SP2 (KB954430)			Microsoft Corporation		08.11.2012	1,27MB	4.20.9870.0	- unbekannt -
MSXML 4.0 SP2 (KB973688)			Microsoft Corporation		10.11.2012	1,33MB	4.20.9876.0	- unbekannt -
NVIDIA 3D Vision Driver 306.97			NVIDIA Corporation		05.11.2012		306.97		- unbekannt -
NVIDIA Graphics Driver 306.97			NVIDIA Corporation		05.11.2012		306.97		notwendig
NVIDIA Update 1.10.8				NVIDIA Corporation		05.11.2012		1.10.8		- unbekannt -
VLC media player 2.0.4				VideoLAN			05.11.2012		2.0.4		notwendig
         
Gruß,
djjay

Alt 22.01.2013, 17:59   #13
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.02.2013, 14:00   #14
djjay
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



Hi,
sorry, ich hatte beruflich viel zu tun die letzten Tage.
Hier der Inhalt der Textdatei:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.110 - Logfile created 02/04/2013 at 13:59:03
# Updated 03/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : HASO - HASO-PC
# Boot Mode : Normal
# Running from : C:\Users\HASO\Downloads\adwcleaner2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (de)

File : C:\Users\HASO\AppData\Roaming\Mozilla\Firefox\Profiles\ea72eqd2.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [665 octets] - [04/02/2013 13:59:03]

########## EOF - C:\AdwCleaner[R1].txt - [724 octets] ##########
         
--- --- ---

Gruß, djjay

Alt 04.02.2013, 14:08   #15
markusg
/// Malware-holic
 
Firefox ungewollte Linkumleitung - Standard

Firefox ungewollte Linkumleitung



hi
Noch probleme festzustellen?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Firefox ungewollte Linkumleitung
.com, adobe, autorun, defender, entfernen, explorer, firefox, format, google, ihavenet.com, linkweiterleitung, logfile, mozilla, nvidia update, problem, programm, realtek, registry, rundll, scan, security, seiten, software, svchost.exe, taskhost.exe, temp, windows, winlogon.exe, öffnet




Ähnliche Themen: Firefox ungewollte Linkumleitung


  1. Windows 8.1 64bit: Ungewollte Werbe-Tabs in Mozilla Firefox
    Log-Analyse und Auswertung - 08.04.2015 (15)
  2. WIN 8.1 (64Bit) Firefox zeigt ungewollte Ads
    Plagegeister aller Art und deren Bekämpfung - 25.02.2015 (11)
  3. Windows 7: Yawtix ads - ungewollte Werbung in Firefox
    Log-Analyse und Auswertung - 02.07.2014 (7)
  4. Windows 7 - Firefox 24.0 - Nach unbestimmter Zeit ohne Aktivität öffnen sich ungewollte Werbeseiten
    Log-Analyse und Auswertung - 09.10.2013 (3)
  5. Firefox ungewollte umleitungen auf verdächtige Seiten
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (21)
  6. Ungewollte Popups (adserveplus) und Videotrailer bei Firefox u. IE
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (17)
  7. Firefox Add-Ons und ungewollte Verknüpfungen auf dem Desktop
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (18)
  8. w*w.searchqu.com/403 ungewollte "Startseite" in Firefox
    Plagegeister aller Art und deren Bekämpfung - 27.01.2011 (17)
  9. AV Security Nachwehen - Windows Firewall deaktiviert und Google-Linkumleitung
    Plagegeister aller Art und deren Bekämpfung - 21.07.2010 (12)
  10. Ungewollte pop-ups/ungewollte links aus Google -PLEASE HELP -log inside
    Log-Analyse und Auswertung - 25.01.2010 (13)
  11. ungewollte werbung IE8
    Log-Analyse und Auswertung - 03.01.2010 (1)
  12. ungewollte Popups bei IE und Firefox
    Log-Analyse und Auswertung - 13.05.2008 (1)
  13. ungewollte USA-IP
    Plagegeister aller Art und deren Bekämpfung - 01.04.2007 (2)
  14. Ungewollte Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 26.02.2006 (22)
  15. linkumleitung, adware ohne ergebnis
    Log-Analyse und Auswertung - 10.02.2006 (1)
  16. ungewollte hilfe
    Plagegeister aller Art und deren Bekämpfung - 20.09.2004 (11)
  17. ungewollte weiterleitung mit IE6
    Plagegeister aller Art und deren Bekämpfung - 07.06.2004 (5)

Zum Thema Firefox ungewollte Linkumleitung - Guten Abend liebe Helfer, seit einigen Tagen muss ich mit dem Problem kämpfen, dass Links, welche ich in Google anklicke, direkt zu merkwürdigen Seiten wie ihavenet.com weiterleiten. Dies gilt sowohl - Firefox ungewollte Linkumleitung...
Archiv
Du betrachtest: Firefox ungewollte Linkumleitung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.