Wie werde ich Incredibar los?

cosinus · 12.07.2012, 08:10

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

mno7 · 12.07.2012, 16:13

Code:

ATTFilter

 # AdwCleaner v1.701 - Logfile created 07/11/2012 at 16:48:42
# Updated 02/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Marius - MARIUS-PC
# Running from : C:\Users\Marius\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Folder Deleted : C:\Users\Marius\AppData\LocalLow\Incredibar.com
Folder Deleted : C:\Program Files\Incredibar.com
Folder Deleted : C:\Program Files\Web Assistant
File Deleted : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\MyStart Search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb155?a=6R8x8XDHrF&i=26 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default 
File : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\prefs.js

C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\user.js ... Deleted !

Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb155?a=6R8x8XDHrF&loc=FF_NT");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.cntry", "DE");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "10657");
Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "D8240CD10457DF4A0EF8216C0CFA99BE");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "4a7b16bf000000000000001c26f1e699");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15517");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8x8XDHrF&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6R8x8XDHrF");
Deleted : user_pref("extensions.incredibar.upn2n", "92824600408533015");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10657");
Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Deleted : user_pref("extensions.incredibar_i.id", "4a7b16bf000000000000001c26f1e699");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15517");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8x8XDHrF&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6R8x8XDHrF");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92824600408533015");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Deleted : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb155/?loc=IB_DS&a=6R8x8XDHrF&&i=26&search="[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[R1].txt - [10736 octets] - [10/07/2012 17:56:01]
AdwCleaner[S1].txt - [11078 octets] - [11/07/2012 16:48:42]

########## EOF - C:\AdwCleaner[S1].txt - [11207 octets] ##########

cosinus · 12.07.2012, 18:48

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

mno7 · 12.07.2012, 19:26

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12.07.2012 19:54:31 - Run 2
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Marius\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,82% Memory free
4,00 Gb Paging File | 3,12 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,28 Gb Total Space | 154,90 Gb Free Space | 70,32% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,14 Gb Free Space | 61,41% Space Free | Partition Type: NTFS
 
Computer Name: MARIUS-PC | User Name: Marius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.02 21:03:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.16 16:21:06 | 001,500,160 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011.06.08 15:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.03.31 15:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.21 14:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 19:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007.06.07 12:27:56 | 000,020,480 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2007.06.07 12:14:36 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\DELL\DELL Webcam Manager\DellWMgr.exe
PRC - [2007.05.10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.07 17:43:24 | 008,191,488 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011.04.07 17:43:22 | 002,296,320 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011.02.22 21:13:22 | 000,022,016 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.02.22 21:12:54 | 000,196,608 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011.02.22 18:39:06 | 000,276,480 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011.02.22 18:07:20 | 000,339,968 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2007.06.07 12:31:00 | 000,425,984 | ---- | M] () -- C:\Programme\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.12 19:34:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:20:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.05.18 11:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 11:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 11:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 11:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.12.07 13:24:56 | 000,401,016 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusbu.sys -- (PRESONUS_AUDIOBOX_USB)
DRV - [2009.12.07 13:24:56 | 000,040,568 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusba.sys -- (PRESONUS_AUDIOBOX_WDM)
DRV - [2009.12.07 13:24:56 | 000,031,864 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusbm.sys -- (PRESONUS_AUDIOBOX_MIDI)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.14 00:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.09 08:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.10.24 10:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007.10.11 02:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.03.05 19:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 5E B5 D0 D5 E0 CC 01  [binary data]
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "t-onlien.de"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.03 18:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.18 17:39:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.03 18:20:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.18 17:39:32 | 000,000,000 | ---D | M]
 
[2011.09.09 20:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Extensions
[2012.07.01 23:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Firefox\Profiles\j56hwbrk.default\extensions
[2011.12.19 13:23:40 | 000,000,933 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\11-suche.xml
[2011.12.19 13:23:41 | 000,002,419 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 13:23:40 | 000,010,525 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\gmx-suche.xml
[2011.12.19 13:23:40 | 000,002,457 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\lastminute.xml
[2011.12.19 13:23:40 | 000,005,508 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\webde-suche.xml
[2012.02.18 18:27:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.03 18:20:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.18 17:39:18 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.03 18:20:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.03 18:20:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.03 18:20:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.03 18:20:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.03 18:20:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.03 18:20:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [DELL Webcam Manager] C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [ICQ] C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F8934C1-6E99-4326-A4E0-E22641463D17}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.12 18:19:22 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{8F0287FD-051A-48DF-B37C-20E1899C7CAA}
[2012.07.12 18:19:07 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{82C297AF-B096-4153-886B-19448E2919D1}
[2012.07.08 20:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.08 20:50:38 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Marius\Desktop\esetsmartinstaller_enu.exe
[2012.07.03 18:09:42 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{E1EB5775-3BA1-4A79-B477-7299A4D9F7A9}
[2012.07.03 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{00CA68C4-FC8A-4F2D-88BD-2CF1152F6EB2}
[2012.07.02 21:03:35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
[2012.07.02 19:13:09 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.01 23:13:21 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Malwarebytes
[2012.07.01 23:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.01 23:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.01 23:13:01 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.01 23:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.01 20:33:41 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{64D2CDDD-2B02-4E42-98C2-E11F17E3D141}
[2012.07.01 20:33:28 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{687F836A-9CF4-48BD-998A-2C59383D06DC}
[2012.07.01 20:26:56 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{5431F8F3-0BA7-4A24-9931-035D2F5C9BFE}
[2012.07.01 20:26:44 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{CD021801-0199-4D0B-8ADC-5A259B2435BB}
[2012.06.25 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Macromedia
[2012.06.19 19:27:13 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{97882CF1-6145-43F6-A715-434A0C826EBC}
[2012.06.19 19:26:54 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{22EF44FC-ED8D-4749-80AF-ED222E7CB0CF}
[2012.06.18 21:39:18 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{B968EE3A-E51A-47AB-8B26-F49786DF5EF1}
[2012.06.17 20:23:40 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{059A1A01-7076-45B3-B0BC-F2187DBC9322}
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.12 19:34:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.12 18:25:45 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:25:45 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:24:12 | 000,645,966 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.12 18:24:12 | 000,609,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.12 18:24:12 | 000,127,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.12 18:24:12 | 000,104,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.12 18:18:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.07.12 18:18:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.07.12 18:17:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.12 18:16:55 | 1609,187,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.12 17:08:45 | 000,410,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.10 17:55:48 | 000,618,655 | ---- | M] () -- C:\Users\Marius\Desktop\adwcleaner.exe
[2012.07.08 20:50:41 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Marius\Desktop\esetsmartinstaller_enu.exe
[2012.07.02 21:03:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
[2012.07.02 21:02:28 | 000,000,000 | ---- | M] () -- C:\Users\Marius\defogger_reenable
[2012.07.02 19:12:57 | 247,640,923 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.01 23:16:00 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.26 08:20:35 | 000,000,447 | ---- | M] () -- C:\user.js
 
========== Files Created - No Company Name ==========
 
[2012.07.10 17:55:41 | 000,618,655 | ---- | C] () -- C:\Users\Marius\Desktop\adwcleaner.exe
[2012.07.02 21:02:28 | 000,000,000 | ---- | C] () -- C:\Users\Marius\defogger_reenable
[2012.07.02 19:12:57 | 247,640,923 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.01 23:13:10 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.26 08:20:35 | 000,000,447 | ---- | C] () -- C:\user.js
[2012.03.22 21:48:41 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012.03.22 21:48:32 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.12.06 19:58:55 | 000,014,336 | ---- | C] () -- C:\Users\Marius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.06 19:55:25 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011.09.12 22:12:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== LOP Check ==========
 
[2012.07.01 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
[2011.12.17 01:44:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Nokia
[2011.12.17 01:21:25 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PC Suite
[2012.03.19 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PreSonus
[2011.12.17 14:50:16 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Sony
[2011.09.11 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Steinberg
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\tmp
[2012.07.04 22:57:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.09.13 01:54:44 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Adobe
[2012.06.03 23:45:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Apple Computer
[2011.12.06 19:57:51 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Creative
[2012.07.01 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
[2011.09.09 19:27:43 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Identities
[2011.12.06 19:54:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\InstallShield
[2011.09.11 20:54:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Macromedia
[2012.07.01 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Media Center Programs
[2012.03.20 22:39:27 | 000,000,000 | --SD | M] -- C:\Users\Marius\AppData\Roaming\Microsoft
[2011.09.09 20:35:44 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Mozilla
[2011.12.17 01:44:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Nokia
[2011.12.17 01:21:25 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PC Suite
[2012.03.19 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PreSonus
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Reallusion
[2011.12.17 14:50:16 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Sony
[2011.09.11 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Steinberg
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\tmp
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

--- --- ---

cosinus · 12.07.2012, 19:51

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "t-onlien.de"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
[2012.06.26 08:20:35 | 000,000,447 | ---- | M] () -- C:\user.js
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
:Files
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

mno7 · 14.07.2012, 09:07

Code:

ATTFilter

All processes killed
========== OTL ==========
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "t-onlien.de" removed from browser.startup.homepage
Prefs.js: 0 removed from network.proxy.type
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
File F:\Startme.exe not found.
C:\user.js moved successfully.
C:\Users\Marius\AppData\Roaming\ICQ Search folder moved successfully.
========== FILES ==========
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Marius
->Temp folder emptied: 237184509 bytes
->Temporary Internet Files folder emptied: 65010040 bytes
->FireFox cache emptied: 699553836 bytes
->Flash cache emptied: 46983 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11397586 bytes
RecycleBin emptied: 9085121660 bytes
 
Total Files Cleaned = 9.631,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Marius
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07142012_095958

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ok,

müssen jetzt noch weitere Schritte durchgeführt werden?

cosinus · 14.07.2012, 14:50

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

mno7 · 15.07.2012, 21:14

Code:

ATTFilter

22:02:29.0926 2676	TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
22:02:30.0516 2676	============================================================
22:02:30.0516 2676	Current date / time: 2012/07/15 22:02:30.0516
22:02:30.0516 2676	SystemInfo:
22:02:30.0516 2676	
22:02:30.0516 2676	OS Version: 6.1.7601 ServicePack: 1.0
22:02:30.0516 2676	Product type: Workstation
22:02:30.0516 2676	ComputerName: MARIUS-PC
22:02:30.0516 2676	UserName: Marius
22:02:30.0516 2676	Windows directory: C:\Windows
22:02:30.0516 2676	System windows directory: C:\Windows
22:02:30.0516 2676	Processor architecture: Intel x86
22:02:30.0516 2676	Number of processors: 2
22:02:30.0516 2676	Page size: 0x1000
22:02:30.0516 2676	Boot type: Normal boot
22:02:30.0516 2676	============================================================
22:02:32.0587 2676	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:02:32.0587 2676	============================================================
22:02:32.0587 2676	\Device\Harddisk0\DR0:
22:02:32.0587 2676	MBR partitions:
22:02:32.0587 2676	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x1400000
22:02:32.0587 2676	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1437000, BlocksNum 0x1B88E000
22:02:32.0617 2676	============================================================
22:02:32.0677 2676	C: <-> \Device\Harddisk0\DR0\Partition1
22:02:32.0697 2676	D: <-> \Device\Harddisk0\DR0\Partition0
22:02:32.0697 2676	============================================================
22:02:32.0697 2676	Initialize success
22:02:32.0697 2676	============================================================
22:03:34.0758 0580	============================================================
22:03:34.0758 0580	Scan started
22:03:34.0758 0580	Mode: Manual; SigCheck; TDLFS; 
22:03:34.0758 0580	============================================================
22:03:36.0599 0580	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:03:37.0052 0580	1394ohci - ok
22:03:37.0102 0580	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:03:37.0122 0580	ACPI - ok
22:03:37.0162 0580	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:03:37.0252 0580	AcpiPmi - ok
22:03:37.0382 0580	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:37.0412 0580	AdobeARMservice - ok
22:03:37.0512 0580	AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:37.0552 0580	AdobeFlashPlayerUpdateSvc - ok
22:03:37.0642 0580	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:03:37.0692 0580	adp94xx - ok
22:03:37.0732 0580	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:03:37.0772 0580	adpahci - ok
22:03:37.0792 0580	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:03:37.0832 0580	adpu320 - ok
22:03:37.0872 0580	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:03:37.0932 0580	AeLookupSvc - ok
22:03:38.0072 0580	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:03:38.0142 0580	AFD - ok
22:03:38.0172 0580	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:03:38.0212 0580	agp440 - ok
22:03:38.0242 0580	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:03:38.0272 0580	aic78xx - ok
22:03:38.0332 0580	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:03:38.0382 0580	ALG - ok
22:03:38.0412 0580	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:03:38.0432 0580	aliide - ok
22:03:38.0452 0580	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:03:38.0482 0580	amdagp - ok
22:03:38.0492 0580	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:03:38.0502 0580	amdide - ok
22:03:38.0532 0580	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:03:38.0572 0580	AmdK8 - ok
22:03:38.0592 0580	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:03:38.0642 0580	AmdPPM - ok
22:03:38.0672 0580	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:03:38.0702 0580	amdsata - ok
22:03:38.0722 0580	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:03:38.0752 0580	amdsbs - ok
22:03:38.0772 0580	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:03:38.0792 0580	amdxata - ok
22:03:38.0842 0580	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:03:39.0055 0580	AppID - ok
22:03:39.0102 0580	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:03:39.0180 0580	AppIDSvc - ok
22:03:39.0211 0580	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:03:39.0242 0580	Appinfo - ok
22:03:39.0351 0580	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:03:39.0367 0580	Apple Mobile Device - ok
22:03:39.0429 0580	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:03:39.0507 0580	AppMgmt - ok
22:03:39.0538 0580	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:03:39.0585 0580	arc - ok
22:03:39.0616 0580	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:03:39.0648 0580	arcsas - ok
22:03:39.0679 0580	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:03:39.0772 0580	AsyncMac - ok
22:03:39.0804 0580	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:03:39.0804 0580	atapi - ok
22:03:39.0886 0580	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:03:39.0936 0580	AudioEndpointBuilder - ok
22:03:39.0946 0580	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:03:39.0976 0580	Audiosrv - ok
22:03:40.0026 0580	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:03:40.0106 0580	AxInstSV - ok
22:03:40.0176 0580	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:03:40.0236 0580	b06bdrv - ok
22:03:40.0276 0580	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:03:40.0316 0580	b57nd60x - ok
22:03:40.0386 0580	bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:03:40.0436 0580	bcm4sbxp - ok
22:03:40.0466 0580	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:03:40.0536 0580	BDESVC - ok
22:03:40.0546 0580	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:03:40.0626 0580	Beep - ok
22:03:40.0706 0580	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:03:40.0796 0580	BFE - ok
22:03:40.0876 0580	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:03:41.0006 0580	BITS - ok
22:03:41.0036 0580	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:03:41.0066 0580	blbdrive - ok
22:03:41.0186 0580	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:03:41.0226 0580	Bonjour Service - ok
22:03:41.0276 0580	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:03:41.0326 0580	bowser - ok
22:03:41.0356 0580	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:03:41.0436 0580	BrFiltLo - ok
22:03:41.0446 0580	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:03:41.0476 0580	BrFiltUp - ok
22:03:41.0516 0580	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:03:41.0586 0580	Browser - ok
22:03:41.0626 0580	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:03:41.0716 0580	Brserid - ok
22:03:41.0756 0580	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:03:41.0816 0580	BrSerWdm - ok
22:03:41.0866 0580	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:03:41.0916 0580	BrUsbMdm - ok
22:03:41.0966 0580	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:03:42.0006 0580	BrUsbSer - ok
22:03:42.0066 0580	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:03:42.0146 0580	BthEnum - ok
22:03:42.0216 0580	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:03:42.0266 0580	BTHMODEM - ok
22:03:42.0326 0580	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:03:42.0366 0580	BthPan - ok
22:03:42.0406 0580	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:03:42.0456 0580	BTHPORT - ok
22:03:42.0496 0580	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:03:42.0556 0580	bthserv - ok
22:03:42.0576 0580	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:03:42.0596 0580	BTHUSB - ok
22:03:42.0626 0580	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:03:42.0696 0580	cdfs - ok
22:03:42.0766 0580	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:03:42.0816 0580	cdrom - ok
22:03:42.0856 0580	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:03:42.0886 0580	CertPropSvc - ok
22:03:42.0946 0580	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:03:42.0966 0580	circlass - ok
22:03:43.0026 0580	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:03:43.0046 0580	CLFS - ok
22:03:43.0306 0580	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:43.0436 0580	clr_optimization_v2.0.50727_32 - ok
22:03:43.0526 0580	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:03:43.0576 0580	CmBatt - ok
22:03:43.0616 0580	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:03:43.0666 0580	cmdide - ok
22:03:43.0816 0580	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:03:43.0866 0580	CNG - ok
22:03:43.0936 0580	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:03:43.0966 0580	Compbatt - ok
22:03:44.0036 0580	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:03:44.0066 0580	CompositeBus - ok
22:03:44.0096 0580	COMSysApp - ok
22:03:44.0146 0580	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:03:44.0166 0580	crcdisk - ok
22:03:44.0246 0580	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:03:44.0336 0580	CryptSvc - ok
22:03:44.0506 0580	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:03:44.0586 0580	CSC - ok
22:03:44.0687 0580	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:03:44.0737 0580	CscService - ok
22:03:44.0797 0580	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:03:44.0877 0580	DcomLaunch - ok
22:03:44.0947 0580	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:03:44.0997 0580	defragsvc - ok
22:03:45.0067 0580	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:03:45.0107 0580	DfsC - ok
22:03:45.0257 0580	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:03:45.0357 0580	Dhcp - ok
22:03:45.0407 0580	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:03:45.0477 0580	discache - ok
22:03:45.0587 0580	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:03:45.0607 0580	Disk - ok
22:03:45.0647 0580	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:03:45.0717 0580	Dnscache - ok
22:03:45.0797 0580	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:03:45.0857 0580	dot3svc - ok
22:03:45.0987 0580	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:03:46.0077 0580	DPS - ok
22:03:46.0107 0580	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:03:46.0157 0580	drmkaud - ok
22:03:46.0227 0580	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:03:46.0267 0580	DXGKrnl - ok
22:03:46.0387 0580	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:03:46.0467 0580	EapHost - ok
22:03:46.0953 0580	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:03:47.0093 0580	ebdrv - ok
22:03:47.0202 0580	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:03:47.0249 0580	EFS - ok
22:03:47.0436 0580	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:03:47.0514 0580	ehRecvr - ok
22:03:47.0546 0580	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:03:47.0608 0580	ehSched - ok
22:03:47.0795 0580	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:03:47.0826 0580	elxstor - ok
22:03:47.0858 0580	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:03:47.0904 0580	ErrDev - ok
22:03:48.0014 0580	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:03:48.0092 0580	EventSystem - ok
22:03:48.0185 0580	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:03:48.0232 0580	exfat - ok
22:03:48.0263 0580	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:03:48.0310 0580	fastfat - ok
22:03:48.0388 0580	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:03:48.0466 0580	Fax - ok
22:03:48.0497 0580	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:03:48.0528 0580	fdc - ok
22:03:48.0544 0580	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:03:48.0606 0580	fdPHost - ok
22:03:48.0622 0580	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:03:48.0669 0580	FDResPub - ok
22:03:48.0700 0580	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:03:48.0716 0580	FileInfo - ok
22:03:48.0731 0580	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:03:48.0794 0580	Filetrace - ok
22:03:48.0809 0580	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:03:48.0840 0580	flpydisk - ok
22:03:48.0996 0580	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:03:49.0043 0580	FltMgr - ok
22:03:49.0262 0580	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:03:49.0414 0580	FontCache - ok
22:03:49.0564 0580	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:03:49.0594 0580	FontCache3.0.0.0 - ok
22:03:49.0644 0580	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:03:49.0654 0580	FsDepends - ok
22:03:49.0694 0580	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:03:49.0714 0580	Fs_Rec - ok
22:03:49.0814 0580	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:03:49.0854 0580	fvevol - ok
22:03:49.0894 0580	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:03:49.0934 0580	gagp30kx - ok
22:03:50.0024 0580	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:03:50.0044 0580	GEARAspiWDM - ok
22:03:50.0134 0580	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:03:50.0204 0580	gpsvc - ok
22:03:50.0274 0580	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:03:50.0344 0580	hcw85cir - ok
22:03:50.0434 0580	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:03:50.0494 0580	HdAudAddService - ok
22:03:50.0554 0580	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:03:50.0604 0580	HDAudBus - ok
22:03:50.0644 0580	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:03:50.0664 0580	HidBatt - ok
22:03:50.0685 0580	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:03:50.0705 0580	HidBth - ok
22:03:50.0725 0580	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:03:50.0755 0580	HidIr - ok
22:03:50.0795 0580	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:03:50.0865 0580	hidserv - ok
22:03:50.0945 0580	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:03:50.0965 0580	HidUsb - ok
22:03:51.0025 0580	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:03:51.0105 0580	hkmsvc - ok
22:03:51.0135 0580	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:03:51.0195 0580	HomeGroupListener - ok
22:03:51.0305 0580	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:03:51.0365 0580	HomeGroupProvider - ok
22:03:51.0425 0580	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:03:51.0455 0580	HpSAMD - ok
22:03:51.0675 0580	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:03:51.0735 0580	HTTP - ok
22:03:51.0765 0580	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:03:51.0795 0580	hwpolicy - ok
22:03:51.0835 0580	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:03:51.0875 0580	i8042prt - ok
22:03:52.0055 0580	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:03:52.0125 0580	iaStorV - ok
22:03:52.0335 0580	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:03:52.0375 0580	idsvc - ok
22:03:52.0435 0580	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:03:52.0465 0580	iirsp - ok
22:03:52.0645 0580	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:03:52.0745 0580	IKEEXT - ok
22:03:52.0785 0580	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:03:52.0805 0580	intelide - ok
22:03:52.0845 0580	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:03:52.0875 0580	intelppm - ok
22:03:52.0945 0580	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:03:53.0015 0580	IPBusEnum - ok
22:03:53.0045 0580	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:53.0095 0580	IpFilterDriver - ok
22:03:53.0175 0580	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:03:53.0215 0580	iphlpsvc - ok
22:03:53.0265 0580	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:03:53.0335 0580	IPMIDRV - ok
22:03:53.0365 0580	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:03:53.0445 0580	IPNAT - ok
22:03:53.0595 0580	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:03:53.0655 0580	iPod Service - ok
22:03:53.0715 0580	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:03:53.0845 0580	IRENUM - ok
22:03:53.0875 0580	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:03:53.0905 0580	isapnp - ok
22:03:53.0945 0580	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:03:54.0035 0580	iScsiPrt - ok
22:03:54.0085 0580	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:03:54.0105 0580	kbdclass - ok
22:03:54.0245 0580	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:03:54.0295 0580	kbdhid - ok
22:03:54.0315 0580	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:54.0335 0580	KeyIso - ok
22:03:54.0385 0580	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:03:54.0415 0580	KSecDD - ok
22:03:54.0445 0580	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:03:54.0475 0580	KSecPkg - ok
22:03:54.0535 0580	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:03:54.0605 0580	KtmRm - ok
22:03:54.0665 0580	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:03:54.0725 0580	LanmanServer - ok
22:03:54.0765 0580	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:03:54.0805 0580	LanmanWorkstation - ok
22:03:54.0855 0580	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:03:54.0945 0580	lltdio - ok
22:03:55.0015 0580	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:03:55.0075 0580	lltdsvc - ok
22:03:55.0095 0580	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:03:55.0135 0580	lmhosts - ok
22:03:55.0175 0580	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:03:55.0195 0580	LSI_FC - ok
22:03:55.0215 0580	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:03:55.0225 0580	LSI_SAS - ok
22:03:55.0245 0580	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:03:55.0265 0580	LSI_SAS2 - ok
22:03:55.0275 0580	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:03:55.0295 0580	LSI_SCSI - ok
22:03:55.0315 0580	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:03:55.0355 0580	luafv - ok
22:03:55.0425 0580	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:03:56.0095 0580	MBAMProtector - ok
22:03:56.0265 0580	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:03:56.0335 0580	MBAMService - ok
22:03:56.0375 0580	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:03:56.0395 0580	Mcx2Svc - ok
22:03:56.0415 0580	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:03:56.0435 0580	megasas - ok
22:03:56.0461 0580	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:03:56.0492 0580	MegaSR - ok
22:03:56.0570 0580	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:03:56.0585 0580	Microsoft Office Groove Audit Service - ok
22:03:56.0710 0580	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:03:56.0788 0580	MMCSS - ok
22:03:56.0839 0580	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:03:56.0919 0580	Modem - ok
22:03:57.0019 0580	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:03:57.0059 0580	monitor - ok
22:03:57.0109 0580	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:03:57.0139 0580	mouclass - ok
22:03:57.0169 0580	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:03:57.0219 0580	mouhid - ok
22:03:57.0259 0580	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:03:57.0279 0580	mountmgr - ok
22:03:57.0439 0580	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:03:57.0489 0580	MozillaMaintenance - ok
22:03:57.0599 0580	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:03:57.0629 0580	MpFilter - ok
22:03:57.0679 0580	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:03:57.0699 0580	mpio - ok
22:03:57.0749 0580	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:03:57.0799 0580	mpsdrv - ok
22:03:57.0899 0580	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:03:58.0009 0580	MpsSvc - ok
22:03:58.0089 0580	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:03:58.0159 0580	MRxDAV - ok
22:03:58.0209 0580	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:58.0259 0580	mrxsmb - ok
22:03:58.0289 0580	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:58.0319 0580	mrxsmb10 - ok
22:03:58.0339 0580	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

Code:

ATTFilter

22:03:58.0369 0580	mrxsmb20 - ok
22:03:58.0439 0580	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:03:58.0459 0580	msahci - ok
22:03:58.0559 0580	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:03:58.0619 0580	msdsm - ok
22:03:58.0719 0580	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:03:58.0759 0580	MSDTC - ok
22:03:58.0885 0580	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:03:58.0947 0580	Msfs - ok
22:03:58.0994 0580	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:03:59.0025 0580	mshidkmdf - ok
22:03:59.0088 0580	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:03:59.0103 0580	msisadrv - ok
22:03:59.0181 0580	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:03:59.0275 0580	MSiSCSI - ok
22:03:59.0275 0580	msiserver - ok
22:03:59.0353 0580	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:03:59.0400 0580	MSKSSRV - ok
22:03:59.0556 0580	MsMpSvc         (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:03:59.0587 0580	MsMpSvc - ok
22:03:59.0649 0580	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:59.0727 0580	MSPCLOCK - ok
22:03:59.0774 0580	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:03:59.0971 0580	MSPQM - ok
22:04:00.0021 0580	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:04:00.0041 0580	MsRPC - ok
22:04:00.0091 0580	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:04:00.0121 0580	mssmbios - ok
22:04:00.0131 0580	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:04:00.0171 0580	MSTEE - ok
22:04:00.0181 0580	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:04:00.0221 0580	MTConfig - ok
22:04:00.0261 0580	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:04:00.0281 0580	Mup - ok
22:04:00.0381 0580	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:04:00.0461 0580	napagent - ok
22:04:00.0531 0580	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:04:00.0581 0580	NativeWifiP - ok
22:04:00.0711 0580	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:04:00.0751 0580	NDIS - ok
22:04:00.0791 0580	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:00.0861 0580	NdisCap - ok
22:04:00.0891 0580	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:00.0941 0580	NdisTapi - ok
22:04:01.0021 0580	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:01.0071 0580	Ndisuio - ok
22:04:01.0181 0580	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:01.0241 0580	NdisWan - ok
22:04:01.0301 0580	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:04:01.0351 0580	NDProxy - ok
22:04:01.0421 0580	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:04:01.0471 0580	NetBIOS - ok
22:04:01.0551 0580	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:04:01.0631 0580	NetBT - ok
22:04:01.0691 0580	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:01.0721 0580	Netlogon - ok
22:04:01.0811 0580	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:04:01.0901 0580	Netman - ok
22:04:02.0031 0580	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:04:02.0111 0580	netprofm - ok
22:04:02.0231 0580	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:04:02.0251 0580	NetTcpPortSharing - ok
22:04:03.0091 0580	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:04:03.0261 0580	netw5v32 - ok
22:04:03.0551 0580	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:04:03.0581 0580	nfrd960 - ok
22:04:03.0651 0580	NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:04:03.0671 0580	NisDrv - ok
22:04:03.0811 0580	NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:04:03.0841 0580	NisSrv - ok
22:04:03.0901 0580	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:04:04.0021 0580	NlaSvc - ok
22:04:04.0061 0580	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:04:04.0161 0580	nmwcd - ok
22:04:04.0223 0580	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:04:04.0270 0580	nmwcdc - ok
22:04:04.0286 0580	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:04:04.0348 0580	Npfs - ok
22:04:04.0395 0580	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:04:04.0426 0580	nsi - ok
22:04:04.0457 0580	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:04:04.0535 0580	nsiproxy - ok
22:04:04.0754 0580	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:04:04.0816 0580	Ntfs - ok
22:04:04.0832 0580	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:04:04.0910 0580	Null - ok
22:04:06.0314 0580	nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:04:06.0688 0580	nvlddmkm - ok
22:04:07.0000 0580	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:04:07.0016 0580	nvraid - ok
22:04:07.0265 0580	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:04:07.0312 0580	nvstor - ok
22:04:07.0343 0580	nvsvc           (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:04:07.0385 0580	nvsvc - ok
22:04:07.0405 0580	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:04:07.0425 0580	nv_agp - ok
22:04:07.0795 0580	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:04:07.0835 0580	odserv - ok
22:04:08.0015 0580	OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:04:08.0075 0580	OEM02Dev - ok
22:04:08.0115 0580	OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:04:08.0145 0580	OEM02Vfx - ok
22:04:08.0205 0580	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:04:08.0255 0580	ohci1394 - ok
22:04:08.0295 0580	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:04:08.0335 0580	ose - ok
22:04:08.0635 0580	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:04:08.0715 0580	p2pimsvc - ok
22:04:08.0775 0580	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:04:08.0795 0580	p2psvc - ok
22:04:08.0955 0580	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:04:09.0005 0580	Parport - ok
22:04:09.0045 0580	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:04:09.0075 0580	partmgr - ok
22:04:09.0135 0580	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:04:09.0235 0580	Parvdm - ok
22:04:09.0345 0580	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:04:09.0425 0580	PcaSvc - ok
22:04:09.0505 0580	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:04:09.0545 0580	pccsmcfd - ok
22:04:09.0575 0580	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:04:09.0595 0580	pci - ok
22:04:09.0615 0580	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:04:09.0635 0580	pciide - ok
22:04:09.0725 0580	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:04:09.0755 0580	pcmcia - ok
22:04:09.0796 0580	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:04:09.0816 0580	pcw - ok
22:04:09.0906 0580	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:04:10.0056 0580	PEAUTH - ok
22:04:10.0306 0580	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:04:10.0376 0580	PeerDistSvc - ok
22:04:10.0766 0580	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:04:10.0896 0580	pla - ok
22:04:11.0286 0580	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:04:11.0376 0580	PlugPlay - ok
22:04:11.0406 0580	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:04:11.0446 0580	PNRPAutoReg - ok
22:04:11.0486 0580	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:04:11.0506 0580	PNRPsvc - ok
22:04:11.0566 0580	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:04:11.0636 0580	PolicyAgent - ok
22:04:11.0666 0580	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:04:11.0716 0580	Power - ok
22:04:11.0877 0580	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:04:11.0939 0580	PptpMiniport - ok
22:04:12.0001 0580	PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:04:12.0048 0580	PRESONUS_AUDIOBOX_MIDI - ok
22:04:12.0189 0580	PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:04:12.0235 0580	PRESONUS_AUDIOBOX_USB - ok
22:04:12.0267 0580	PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:04:12.0267 0580	PRESONUS_AUDIOBOX_WDM - ok
22:04:12.0313 0580	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:04:12.0376 0580	Processor - ok
22:04:12.0438 0580	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:04:12.0485 0580	ProfSvc - ok
22:04:12.0516 0580	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:12.0547 0580	ProtectedStorage - ok
22:04:12.0610 0580	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:04:12.0672 0580	Psched - ok
22:04:12.0875 0580	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:04:12.0953 0580	ql2300 - ok
22:04:13.0218 0580	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:04:13.0234 0580	ql40xx - ok
22:04:13.0296 0580	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:04:13.0359 0580	QWAVE - ok
22:04:13.0421 0580	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:04:13.0437 0580	QWAVEdrv - ok
22:04:13.0452 0580	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:04:13.0483 0580	RasAcd - ok
22:04:13.0546 0580	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:13.0593 0580	RasAgileVpn - ok
22:04:13.0655 0580	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:04:13.0702 0580	RasAuto - ok
22:04:13.0733 0580	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:13.0795 0580	Rasl2tp - ok
22:04:13.0873 0580	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:04:13.0936 0580	RasMan - ok
22:04:13.0998 0580	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:14.0076 0580	RasPppoe - ok
22:04:14.0107 0580	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:04:14.0170 0580	RasSstp - ok
22:04:14.0263 0580	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:04:14.0341 0580	rdbss - ok
22:04:14.0388 0580	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:14.0419 0580	rdpbus - ok
22:04:14.0887 0580	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:14.0965 0580	RDPCDD - ok
22:04:15.0012 0580	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:04:15.0028 0580	RDPDR - ok
22:04:15.0073 0580	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:04:15.0133 0580	RDPENCDD - ok
22:04:15.0143 0580	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:04:15.0173 0580	RDPREFMP - ok
22:04:15.0723 0580	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:04:15.0793 0580	RDPWD - ok
22:04:15.0853 0580	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:04:15.0863 0580	rdyboost - ok
22:04:15.0893 0580	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:04:15.0923 0580	RemoteAccess - ok
22:04:15.0983 0580	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:04:16.0063 0580	RemoteRegistry - ok
22:04:16.0113 0580	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:04:16.0153 0580	RFCOMM - ok
22:04:16.0193 0580	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:04:16.0233 0580	RpcEptMapper - ok
22:04:16.0273 0580	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:04:16.0323 0580	RpcLocator - ok
22:04:16.0373 0580	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:04:16.0423 0580	RpcSs - ok
22:04:16.0583 0580	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:04:16.0623 0580	rspndr - ok
22:04:16.0673 0580	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:04:16.0743 0580	s3cap - ok
22:04:16.0773 0580	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:16.0803 0580	SamSs - ok
22:04:16.0843 0580	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:04:16.0863 0580	sbp2port - ok
22:04:16.0983 0580	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:04:17.0033 0580	SCardSvr - ok
22:04:17.0063 0580	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:04:17.0103 0580	scfilter - ok
22:04:17.0213 0580	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:04:17.0273 0580	Schedule - ok
22:04:17.0323 0580	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:04:17.0373 0580	SCPolicySvc - ok
22:04:17.0413 0580	sdbus           (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:04:17.0453 0580	sdbus - ok
22:04:17.0493 0580	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:04:17.0553 0580	SDRSVC - ok
22:04:17.0583 0580	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:04:17.0643 0580	secdrv - ok
22:04:17.0693 0580	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:04:17.0753 0580	seclogon - ok
22:04:17.0843 0580	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:04:17.0903 0580	SENS - ok
22:04:18.0013 0580	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:04:18.0053 0580	SensrSvc - ok
22:04:18.0083 0580	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:04:18.0123 0580	Serenum - ok
22:04:18.0173 0580	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:04:18.0223 0580	Serial - ok
22:04:18.0283 0580	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:04:18.0303 0580	sermouse - ok
22:04:18.0493 0580	ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:04:18.0513 0580	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:04:18.0513 0580	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:04:18.0563 0580	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:04:18.0613 0580	SessionEnv - ok
22:04:18.0673 0580	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:04:18.0743 0580	sffdisk - ok
22:04:18.0773 0580	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:04:18.0793 0580	sffp_mmc - ok
22:04:18.0813 0580	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:04:18.0833 0580	sffp_sd - ok
22:04:18.0873 0580	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:04:18.0903 0580	sfloppy - ok
22:04:19.0113 0580	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:04:19.0193 0580	SharedAccess - ok
22:04:19.0263 0580	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:04:19.0323 0580	ShellHWDetection - ok
22:04:19.0353 0580	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:04:19.0363 0580	sisagp - ok
22:04:19.0413 0580	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:04:19.0423 0580	SiSRaid2 - ok
22:04:19.0463 0580	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:04:19.0483 0580	SiSRaid4 - ok
22:04:19.0523 0580	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:04:19.0553 0580	Smb - ok
22:04:19.0583 0580	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:04:19.0613 0580	SNMPTRAP - ok
22:04:19.0723 0580	Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:04:19.0733 0580	Sony Ericsson PCCompanion - ok
22:04:19.0763 0580	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:04:19.0773 0580	spldr - ok
22:04:19.0853 0580	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:04:19.0883 0580	Spooler - ok
22:04:20.0303 0580	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:04:20.0483 0580	sppsvc - ok
22:04:20.0653 0580	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:04:20.0703 0580	sppuinotify - ok
22:04:20.0843 0580	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:04:20.0873 0580	srv - ok
22:04:20.0953 0580	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:04:21.0013 0580	srv2 - ok
22:04:21.0053 0580	SrvHsfHDA       (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:04:21.0093 0580	SrvHsfHDA - ok
22:04:21.0223 0580	SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:04:21.0263 0580	SrvHsfV92 - ok
22:04:21.0443 0580	SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:04:21.0483 0580	SrvHsfWinac - ok
22:04:21.0543 0580	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:04:21.0553 0580	srvnet - ok
22:04:21.0613 0580	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:04:21.0693 0580	SSDPSRV - ok
22:04:21.0763 0580	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:04:21.0793 0580	SstpSvc - ok
22:04:21.0874 0580	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:04:21.0884 0580	stexstor - ok
22:04:22.0024 0580	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:04:22.0064 0580	StiSvc - ok
22:04:22.0144 0580	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:04:22.0174 0580	storflt - ok
22:04:22.0224 0580	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:04:22.0284 0580	StorSvc - ok
22:04:22.0324 0580	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:04:22.0334 0580	storvsc - ok
22:04:22.0344 0580	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:04:22.0364 0580	swenum - ok
22:04:22.0424 0580	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:04:22.0504 0580	swprv - ok
22:04:22.0554 0580	SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:04:22.0584 0580	SynasUSB - ok
22:04:22.0814 0580	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:04:22.0874 0580	SysMain - ok
22:04:22.0954 0580	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:04:23.0004 0580	TabletInputService - ok
22:04:23.0154 0580	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:04:23.0214 0580	TapiSrv - ok
22:04:23.0264 0580	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:04:23.0304 0580	TBS - ok
22:04:23.0605 0580	Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:04:23.0652 0580	Tcpip - ok
22:04:23.0683 0580	TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:04:23.0714 0580	TCPIP6 - ok
22:04:23.0746 0580	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:04:23.0807 0580	tcpipreg - ok
22:04:23.0937 0580	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:04:23.0997 0580	TDPIPE - ok
22:04:24.0097 0580	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:04:24.0177 0580	TDTCP - ok
22:04:24.0247 0580	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:04:24.0317 0580	tdx - ok
22:04:24.0417 0580	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:04:24.0447 0580	TermDD - ok
22:04:24.0577 0580	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:04:24.0667 0580	TermService - ok
22:04:24.0807 0580	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:04:24.0837 0580	Themes - ok
22:04:24.0877 0580	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:04:24.0907 0580	THREADORDER - ok
22:04:24.0997 0580	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:04:25.0087 0580	TrkWks - ok
22:04:25.0267 0580	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:04:25.0337 0580	TrustedInstaller - ok
22:04:25.0427 0580	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:25.0477 0580	tssecsrv - ok
22:04:25.0547 0580	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:04:25.0607 0580	TsUsbFlt - ok
22:04:25.0657 0580	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:04:25.0717 0580	tunnel - ok
22:04:25.0827 0580	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:04:25.0858 0580	uagp35 - ok
22:04:25.0967 0580	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:04:26.0045 0580	udfs - ok
22:04:26.0092 0580	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:04:26.0138 0580	UI0Detect - ok
22:04:26.0168 0580	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:04:26.0208 0580	uliagpkx - ok
22:04:26.0238 0580	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:04:26.0268 0580	umbus - ok
22:04:26.0308 0580	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:04:26.0358 0580	UmPass - ok
22:04:26.0458 0580	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:04:26.0508 0580	UmRdpService - ok
22:04:26.0648 0580	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:04:26.0728 0580	upnphost - ok
22:04:26.0808 0580	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:04:26.0848 0580	upperdev - ok
22:04:26.0938 0580	USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:04:27.0008 0580	USBAAPL - ok
22:04:27.0058 0580	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:04:27.0108 0580	usbaudio - ok
22:04:27.0318 0580	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:27.0378 0580	usbccgp - ok
22:04:27.0388 0580	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:04:27.0428 0580	usbcir - ok
22:04:27.0458 0580	usbehci         (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:04:27.0508 0580	usbehci - ok
22:04:27.0638 0580	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:04:27.0668 0580	usbhub - ok
22:04:27.0728 0580	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:04:27.0758 0580	usbohci - ok
22:04:27.0798 0580	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:04:27.0838 0580	usbprint - ok
22:04:27.0898 0580	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:04:27.0988 0580	usbscan - ok
22:04:28.0058 0580	usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:04:28.0098 0580	usbser - ok
22:04:28.0118 0580	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:04:28.0158 0580	UsbserFilt - ok
22:04:28.0248 0580	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:04:28.0278 0580	USBSTOR - ok
22:04:28.0298 0580	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:04:28.0328 0580	usbuhci - ok
22:04:28.0398 0580	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:04:28.0458 0580	usbvideo - ok
22:04:28.0588 0580	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:04:28.0658 0580	UxSms - ok
22:04:28.0782 0580	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:28.0814 0580	VaultSvc - ok
22:04:28.0938 0580	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:04:28.0970 0580	vdrvroot - ok
22:04:29.0313 0580	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:04:29.0406 0580	vds - ok
22:04:29.0438 0580	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:29.0484 0580	vga - ok
22:04:29.0516 0580	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:04:29.0547 0580	VgaSave - ok
22:04:29.0594 0580	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:04:29.0625 0580	vhdmp - ok
22:04:29.0672 0580	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:04:29.0703 0580	viaagp - ok
22:04:29.0734 0580	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:04:29.0796 0580	ViaC7 - ok
22:04:29.0812 0580	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:04:29.0828 0580	viaide - ok
22:04:29.0859 0580	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:04:29.0890 0580	vmbus - ok
22:04:29.0937 0580	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:04:29.0968 0580	VMBusHID - ok
22:04:29.0999 0580	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:04:30.0030 0580	volmgr - ok
22:04:30.0171 0580	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:04:30.0249 0580	volmgrx - ok
22:04:30.0311 0580	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:04:30.0347 0580	volsnap - ok
22:04:30.0407 0580	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:04:30.0447 0580	vsmraid - ok
22:04:30.0667 0580	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:04:30.0767 0580	VSS - ok
22:04:30.0807 0580	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:04:30.0887 0580	vwifibus - ok
22:04:31.0027 0580	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:04:31.0097 0580	W32Time - ok
22:04:31.0137 0580	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:04:31.0157 0580	WacomPen - ok
22:04:31.0197 0580	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:31.0257 0580	WANARP - ok
22:04:31.0257 0580	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:31.0287 0580	Wanarpv6 - ok
22:04:31.0527 0580	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:04:31.0627 0580	wbengine - ok
22:04:31.0677 0580	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:04:31.0747 0580	WbioSrvc - ok
22:04:31.0857 0580	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:04:31.0928 0580	wcncsvc - ok
22:04:31.0998 0580	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:04:32.0068 0580	WcsPlugInService - ok
22:04:32.0128 0580	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:04:32.0158 0580	Wd - ok
22:04:32.0238 0580	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:04:32.0278 0580	Wdf01000 - ok
22:04:32.0378 0580	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:04:32.0503 0580	WdiServiceHost - ok
22:04:32.0518 0580	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:04:32.0534 0580	WdiSystemHost - ok
22:04:32.0632 0580	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:04:32.0722 0580	WebClient - ok
22:04:32.0822 0580	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:04:32.0872 0580	Wecsvc - ok
22:04:32.0912 0580	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:04:32.0962 0580	wercplsupport - ok
22:04:33.0022 0580	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:04:33.0052 0580	WerSvc - ok
22:04:33.0072 0580	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:04:33.0102 0580	WfpLwf - ok
22:04:33.0132 0580	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:04:33.0142 0580	WIMMount - ok
22:04:33.0292 0580	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:04:33.0362 0580	WinDefend - ok
22:04:33.0382 0580	WinHttpAutoProxySvc - ok
22:04:33.0672 0580	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:04:33.0732 0580	Winmgmt - ok
22:04:34.0132 0580	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:04:34.0232 0580	WinRM - ok
22:04:34.0352 0580	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:04:34.0382 0580	WinUsb - ok
22:04:34.0592 0580	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:04:34.0702 0580	Wlansvc - ok
22:04:35.0082 0580	wlidsvc         (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:04:35.0162 0580	wlidsvc - ok
22:04:35.0392 0580	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:04:35.0412 0580	WmiAcpi - ok
22:04:35.0592 0580	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:04:35.0632 0580	wmiApSrv - ok
22:04:35.0892 0580	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:04:36.0012 0580	WMPNetworkSvc - ok
22:04:36.0042 0580	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:04:36.0102 0580	WPCSvc - ok
22:04:36.0312 0580	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:04:36.0372 0580	WPDBusEnum - ok
22:04:36.0617 0580	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:04:36.0695 0580	ws2ifsl - ok
22:04:36.0726 0580	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:04:36.0757 0580	wscsvc - ok
22:04:36.0773 0580	WSearch - ok
22:04:37.0662 0580	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:04:37.0740 0580	wuauserv - ok
22:04:38.0067 0580	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:04:38.0130 0580	WudfPf - ok
22:04:38.0161 0580	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:04:38.0192 0580	WUDFRd - ok
22:04:38.0338 0580	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:04:38.0408 0580	wudfsvc - ok
22:04:38.0468 0580	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:04:38.0578 0580	WwanSvc - ok
22:04:38.0648 0580	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:04:39.0328 0580	\Device\Harddisk0\DR0 - ok
22:04:39.0348 0580	Boot (0x1200)   (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:04:39.0368 0580	\Device\Harddisk0\DR0\Partition0 - ok
22:04:39.0378 0580	Boot (0x1200)   (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:04:39.0388 0580	\Device\Harddisk0\DR0\Partition1 - ok
22:04:39.0388 0580	============================================================
22:04:39.0388 0580	Scan finished
22:04:39.0388 0580	============================================================
22:04:39.0418 3456	Detected object count: 1
22:04:39.0418 3456	Actual detected object count: 1
22:04:48.0005 3456	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:48.0005 3456	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:04:56.0164 1500	============================================================
22:04:56.0164 1500	Scan started
22:04:56.0164 1500	Mode: Manual; SigCheck; TDLFS; 
22:04:56.0164 1500	============================================================
22:04:57.0334 1500	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:04:57.0381 1500	1394ohci - ok
22:04:57.0677 1500	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:04:57.0724 1500	ACPI - ok
22:04:57.0755 1500	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:04:57.0787 1500	AcpiPmi - ok
22:04:57.0974 1500	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:04:58.0005 1500	AdobeARMservice - ok
22:04:58.0364 1500	AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:04:58.0395 1500	AdobeFlashPlayerUpdateSvc - ok
22:04:58.0879 1500	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:04:58.0925 1500	adp94xx - ok
22:04:59.0003 1500	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:04:59.0050 1500	adpahci - ok
22:04:59.0066 1500	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:04:59.0113 1500	adpu320 - ok
22:04:59.0191 1500	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:04:59.0222 1500	AeLookupSvc - ok
22:04:59.0534 1500	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:04:59.0565 1500	AFD - ok
22:04:59.0612 1500	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:04:59.0627 1500	agp440 - ok
22:04:59.0749 1500	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:04:59.0779 1500	aic78xx - ok
22:04:59.0879 1500	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:04:59.0919 1500	ALG - ok
22:04:59.0979 1500	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:05:00.0009 1500	aliide - ok
22:05:00.0039 1500	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:05:00.0069 1500	amdagp - ok
22:05:00.0119 1500	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:05:00.0129 1500	amdide - ok
22:05:00.0149 1500	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:05:00.0169 1500	AmdK8 - ok
22:05:00.0249 1500	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:05:00.0279 1500	AmdPPM - ok
22:05:00.0399 1500	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:05:00.0429 1500	amdsata - ok
22:05:00.0619 1500	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:05:00.0649 1500	amdsbs - ok
22:05:00.0719 1500	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:05:00.0749 1500	amdxata - ok
22:05:00.0799 1500	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:05:00.0869 1500	AppID - ok
22:05:00.0989 1500	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:05:01.0039 1500	AppIDSvc - ok
22:05:01.0069 1500	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:05:01.0099 1500	Appinfo - ok
22:05:01.0269 1500	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:05:01.0299 1500	Apple Mobile Device - ok
22:05:01.0389 1500	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:05:01.0419 1500	AppMgmt - ok
22:05:01.0499 1500	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:05:01.0529 1500	arc - ok
22:05:01.0609 1500	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:05:01.0639 1500	arcsas - ok
22:05:01.0659 1500	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:01.0689 1500	AsyncMac - ok
22:05:01.0769 1500	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:05:01.0799 1500	atapi - ok
22:05:01.0909 1500	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:01.0949 1500	AudioEndpointBuilder - ok
22:05:01.0959 1500	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:01.0989 1500	Audiosrv - ok
22:05:02.0029 1500	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:05:02.0049 1500	AxInstSV - ok
22:05:02.0129 1500	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:05:02.0159 1500	b06bdrv - ok
22:05:02.0189 1500	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:05:02.0199 1500	b57nd60x - ok
22:05:02.0279 1500	bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:05:02.0309 1500	bcm4sbxp - ok
22:05:02.0349 1500	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:05:02.0369 1500	BDESVC - ok
22:05:02.0389 1500	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:05:02.0429 1500	Beep - ok
22:05:02.0559 1500	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:05:02.0619 1500	BFE - ok
22:05:02.0769 1500	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:05:02.0819 1500	BITS - ok
22:05:02.0889 1500	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:02.0919 1500	blbdrive - ok
22:05:03.0079 1500	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:05:03.0129 1500	Bonjour Service - ok
22:05:03.0189 1500	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:05:03.0219 1500	bowser - ok
22:05:03.0249 1500	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:05:03.0269 1500	BrFiltLo - ok
22:05:03.0309 1500	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:05:03.0329 1500	BrFiltUp - ok
22:05:03.0359 1500	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:05:03.0399 1500	Browser - ok
22:05:03.0469 1500	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:05:03.0489 1500	Brserid - ok
22:05:03.0509 1500	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:03.0539 1500	BrSerWdm - ok
22:05:03.0549 1500	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:03.0569 1500	BrUsbMdm - ok
22:05:03.0579 1500	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:03.0589 1500	BrUsbSer - ok
22:05:03.0639 1500	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:05:03.0669 1500	BthEnum - ok
22:05:03.0679 1500	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:03.0699 1500	BTHMODEM - ok
22:05:03.0759 1500	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:05:03.0789 1500	BthPan - ok
22:05:03.0879 1500	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:05:03.0909 1500	BTHPORT - ok
22:05:04.0009 1500	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:05:04.0049 1500	bthserv - ok
22:05:04.0069 1500	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:05:04.0079 1500	BTHUSB - ok
22:05:04.0169 1500	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:05:04.0209 1500	cdfs - ok
22:05:04.0309 1500	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:05:04.0329 1500	cdrom - ok
22:05:04.0359 1500	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:04.0389 1500	CertPropSvc - ok
22:05:04.0449 1500	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:05:04.0469 1500	circlass - ok
22:05:04.0519 1500	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:05:04.0529 1500	CLFS - ok
22:05:04.0679 1500	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:04.0709 1500	clr_optimization_v2.0.50727_32 - ok
22:05:04.0789 1500	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:05:04.0819 1500	CmBatt - ok
22:05:04.0879 1500	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:05:04.0909 1500	cmdide - ok
22:05:05.0039 1500	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:05:05.0089 1500	CNG - ok
22:05:05.0139 1500	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:05:05.0169 1500	Compbatt - ok
22:05:05.0209 1500	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:05:05.0239 1500	CompositeBus - ok
22:05:05.0249 1500	COMSysApp - ok
22:05:05.0299 1500	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:05:05.0329 1500	crcdisk - ok
22:05:05.0449 1500	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:05:05.0479 1500	CryptSvc - ok
22:05:05.0639 1500	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:05:05.0659 1500	CSC - ok
22:05:05.0779 1500	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:05:05.0809 1500	CscService - ok
22:05:06.0129 1500	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:06.0169 1500	DcomLaunch - ok
22:05:06.0209 1500	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:05:06.0249 1500	defragsvc - ok
22:05:06.0429 1500	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:05:06.0479 1500	DfsC - ok
22:05:06.0609 1500	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:05:06.0671 1500	Dhcp - ok
22:05:06.0687 1500	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:05:06.0718 1500	discache - ok
22:05:06.0733 1500	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:05:06.0749 1500	Disk - ok
22:05:06.0796 1500	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:05:06.0837 1500	Dnscache - ok
22:05:06.0967 1500	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:05:07.0027 1500	dot3svc - ok
22:05:07.0177 1500	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:05:07.0237 1500	DPS - ok
22:05:07.0267 1500	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:05:07.0297 1500	drmkaud - ok
22:05:07.0407 1500	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:05:07.0447 1500	DXGKrnl - ok
22:05:07.0467 1500	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:05:07.0497 1500	EapHost - ok
22:05:08.0047 1500	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:05:08.0187 1500	ebdrv - ok
22:05:08.0487 1500	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:05:08.0527 1500	EFS - ok
22:05:08.0727 1500	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:05:08.0767 1500	ehRecvr - ok
22:05:08.0827 1500	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:05:08.0877 1500	ehSched - ok
22:05:09.0258 1500	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:05:09.0298 1500	elxstor - ok
22:05:09.0328 1500	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:05:09.0338 1500	ErrDev - ok
22:05:09.0398 1500	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:05:09.0438 1500	EventSystem - ok
22:05:09.0468 1500	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:05:09.0498 1500	exfat - ok
22:05:09.0608 1500	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:05:09.0668 1500	fastfat - ok
22:05:09.0808 1500	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:05:09.0838 1500	Fax - ok
22:05:09.0888 1500	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:05:09.0908 1500	fdc - ok
22:05:09.0968 1500	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:05:10.0018 1500	fdPHost - ok
22:05:10.0048 1500	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:05:10.0078 1500	FDResPub - ok
22:05:10.0108 1500	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:05:10.0118 1500	FileInfo - ok
22:05:10.0128 1500	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:05:10.0158 1500	Filetrace - ok
22:05:10.0168 1500	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:05:10.0178 1500	flpydisk - ok
22:05:10.0258 1500	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:05:10.0288 1500	FltMgr - ok
22:05:10.0443 1500	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:05:10.0521 1500	FontCache - ok
22:05:10.0778 1500	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:05:10.0798 1500	FontCache3.0.0.0 - ok
22:05:10.0828 1500	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:05:10.0838 1500	FsDepends - ok
22:05:10.0868 1500	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:05:10.0878 1500	Fs_Rec - ok
22:05:10.0958 1500	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:05:10.0988 1500	fvevol - ok
22:05:11.0028 1500	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:05:11.0048 1500	gagp30kx - ok
22:05:11.0068 1500	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:05:11.0078 1500	GEARAspiWDM - ok
22:05:11.0158 1500	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:05:11.0218 1500	gpsvc - ok
22:05:11.0238 1500	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:05:11.0258 1500	hcw85cir - ok
22:05:11.0298 1500	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:05:11.0348 1500	HdAudAddService - ok
22:05:11.0368 1500	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:05:11.0388 1500	HDAudBus - ok
22:05:11.0398 1500	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:05:11.0408 1500	HidBatt - ok
22:05:11.0428 1500	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:05:11.0448 1500	HidBth - ok
22:05:11.0458 1500	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:05:11.0478 1500	HidIr - ok
22:05:11.0508 1500	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:05:11.0528 1500	hidserv - ok
22:05:11.0558 1500	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:05:11.0568 1500	HidUsb - ok
22:05:11.0608 1500	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:05:11.0648 1500	hkmsvc - ok
22:05:11.0678 1500	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:05:11.0728 1500	HomeGroupListener - ok
22:05:11.0778 1500	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:05:11.0798 1500	HomeGroupProvider - ok
22:05:11.0818 1500	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:05:11.0838 1500	HpSAMD - ok
22:05:11.0958 1500	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:05:12.0028 1500	HTTP - ok
22:05:12.0058 1500	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:05:12.0068 1500	hwpolicy - ok
22:05:12.0088 1500	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:05:12.0108 1500	i8042prt - ok
22:05:12.0138 1500	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:05:12.0158 1500	iaStorV - ok
22:05:12.0318 1500	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:05:12.0358 1500	idsvc - ok
22:05:12.0398 1500	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:05:12.0418 1500	iirsp - ok
22:05:12.0518 1500	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:05:12.0568 1500	IKEEXT - ok
22:05:12.0608 1500	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:05:12.0628 1500	intelide - ok
22:05:12.0648 1500	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:05:12.0668 1500	intelppm - ok
22:05:12.0688 1500	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:05:12.0738 1500	IPBusEnum - ok
22:05:12.0748 1500	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:12.0778 1500	IpFilterDriver - ok
22:05:12.0825 1500	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:05:12.0856 1500	iphlpsvc - ok
22:05:12.0887 1500	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:05:12.0903 1500	IPMIDRV - ok
22:05:12.0950 1500	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:05:13.0012 1500	IPNAT - ok
22:05:13.0152 1500	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:05:13.0215 1500	iPod Service - ok
22:05:13.0230 1500	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:05:13.0262 1500	IRENUM - ok
22:05:13.0293 1500	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:05:13.0324 1500	isapnp - ok
22:05:13.0355 1500	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:05:13.0402 1500	iScsiPrt - ok
22:05:13.0418 1500	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:05:13.0433 1500	kbdclass - ok
22:05:13.0449 1500	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:05:13.0464 1500	kbdhid - ok
22:05:13.0496 1500	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:13.0511 1500	KeyIso - ok
22:05:13.0542 1500	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:05:13.0558 1500	KSecDD - ok
22:05:13.0574 1500	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:05:13.0589 1500	KSecPkg - ok
22:05:13.0636 1500	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:05:13.0698 1500	KtmRm - ok
22:05:13.0730 1500	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:05:13.0776 1500	LanmanServer - ok
22:05:13.0823 1500	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:05:13.0854 1500	LanmanWorkstation - ok
22:05:13.0870 1500	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:05:13.0917 1500	lltdio - ok
22:05:13.0995 1500	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:05:14.0042 1500	lltdsvc - ok
22:05:14.0042 1500	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:05:14.0073 1500	lmhosts - ok
22:05:14.0104 1500	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:05:14.0120 1500	LSI_FC - ok
22:05:14.0135 1500	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:05:14.0151 1500	LSI_SAS - ok
22:05:14.0166 1500	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:05:14.0182 1500	LSI_SAS2 - ok
22:05:14.0198 1500	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:05:14.0213 1500	LSI_SCSI - ok
22:05:14.0229 1500	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:05:14.0260 1500	luafv - ok
22:05:14.0291 1500	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:05:14.0307 1500	MBAMProtector - ok
22:05:14.0400 1500	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:14.0447 1500	MBAMService - ok
22:05:14.0478 1500	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:05:14.0510 1500	Mcx2Svc - ok
22:05:14.0525 1500	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:05:14.0541 1500	megasas - ok
22:05:14.0572 1500	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:05:14.0588 1500	MegaSR - ok
22:05:14.0650 1500	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:05:14.0681 1500	Microsoft Office Groove Audit Service - ok
22:05:14.0712 1500	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:05:14.0775 1500	MMCSS - ok
22:05:14.0775 1500	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:05:14.0806 1500	Modem - ok
22:05:14.0822 1500	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:05:14.0837 1500	monitor - ok
22:05:14.0853 1500	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:05:14.0868 1500	mouclass - ok
22:05:14.0884 1500	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:05:14.0900 1500	mouhid - ok
22:05:14.0993 1500	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:05:15.0024 1500	mountmgr - ok
22:05:15.0071 1500	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:05:15.0102 1500	MozillaMaintenance - ok
22:05:15.0149 1500	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:05:15.0180 1500	MpFilter - ok
22:05:15.0212 1500	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:05:15.0243 1500	mpio - ok
22:05:15.0274 1500	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:05:15.0321 1500	mpsdrv - ok
22:05:15.0399 1500	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:05:15.0461 1500	MpsSvc - ok
22:05:15.0493 1500	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:05:15.0508 1500	MRxDAV - ok
22:05:15.0539 1500	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:15.0571 1500	mrxsmb - ok
22:05:15.0586 1500	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:15.0602 1500	mrxsmb10 - ok
22:05:15.0617 1500	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

mno7 · 15.07.2012, 21:16

Code:

ATTFilter

22:05:15.0633 1500	mrxsmb20 - ok
22:05:15.0664 1500	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:05:15.0680 1500	msahci - ok
22:05:15.0711 1500	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:05:15.0727 1500	msdsm - ok
22:05:15.0758 1500	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:05:15.0773 1500	MSDTC - ok
22:05:15.0805 1500	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:05:15.0820 1500	Msfs - ok
22:05:15.0851 1500	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:05:15.0867 1500	mshidkmdf - ok
22:05:15.0883 1500	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:05:15.0898 1500	msisadrv - ok
22:05:15.0961 1500	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:05:16.0023 1500	MSiSCSI - ok
22:05:16.0023 1500	msiserver - ok
22:05:16.0054 1500	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:05:16.0085 1500	MSKSSRV - ok
22:05:16.0148 1500	MsMpSvc         (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:16.0179 1500	MsMpSvc - ok
22:05:16.0195 1500	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:16.0241 1500	MSPCLOCK - ok
22:05:16.0241 1500	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:05:16.0273 1500	MSPQM - ok
22:05:16.0288 1500	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:05:16.0319 1500	MsRPC - ok
22:05:16.0351 1500	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:05:16.0366 1500	mssmbios - ok
22:05:16.0382 1500	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:05:16.0397 1500	MSTEE - ok
22:05:16.0413 1500	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:05:16.0429 1500	MTConfig - ok
22:05:16.0444 1500	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:05:16.0460 1500	Mup - ok
22:05:16.0507 1500	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:05:16.0569 1500	napagent - ok
22:05:16.0585 1500	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:05:16.0616 1500	NativeWifiP - ok
22:05:16.0678 1500	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:05:16.0709 1500	NDIS - ok
22:05:16.0725 1500	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:16.0756 1500	NdisCap - ok
22:05:16.0772 1500	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:16.0803 1500	NdisTapi - ok
22:05:16.0834 1500	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:16.0865 1500	Ndisuio - ok
22:05:16.0897 1500	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:16.0928 1500	NdisWan - ok
22:05:16.0990 1500	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:05:17.0037 1500	NDProxy - ok
22:05:17.0053 1500	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:05:17.0099 1500	NetBIOS - ok
22:05:17.0131 1500	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:05:17.0162 1500	NetBT - ok
22:05:17.0193 1500	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:17.0209 1500	Netlogon - ok
22:05:17.0240 1500	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:05:17.0287 1500	Netman - ok
22:05:17.0318 1500	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:05:17.0349 1500	netprofm - ok
22:05:17.0427 1500	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:05:17.0458 1500	NetTcpPortSharing - ok
22:05:17.0895 1500	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:05:18.0113 1500	netw5v32 - ok
22:05:18.0254 1500	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:05:18.0285 1500	nfrd960 - ok
22:05:18.0316 1500	NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:05:18.0332 1500	NisDrv - ok
22:05:18.0425 1500	NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:18.0472 1500	NisSrv - ok
22:05:18.0550 1500	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:05:18.0613 1500	NlaSvc - ok
22:05:18.0628 1500	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:05:18.0675 1500	nmwcd - ok
22:05:18.0691 1500	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:05:18.0722 1500	nmwcdc - ok
22:05:18.0753 1500	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:05:18.0784 1500	Npfs - ok
22:05:18.0815 1500	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:05:18.0847 1500	nsi - ok
22:05:18.0862 1500	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:05:18.0893 1500	nsiproxy - ok
22:05:19.0049 1500	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:05:19.0127 1500	Ntfs - ok
22:05:19.0143 1500	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:05:19.0174 1500	Null - ok
22:05:19.0939 1500	nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:05:20.0219 1500	nvlddmkm - ok
22:05:20.0391 1500	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:05:20.0422 1500	nvraid - ok
22:05:20.0438 1500	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:05:20.0469 1500	nvstor - ok
22:05:20.0500 1500	nvsvc           (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:05:20.0547 1500	nvsvc - ok
22:05:20.0547 1500	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:05:20.0563 1500	nv_agp - ok
22:05:20.0703 1500	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:20.0765 1500	odserv - ok
22:05:20.0797 1500	OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:05:20.0828 1500	OEM02Dev - ok
22:05:20.0843 1500	OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:05:20.0859 1500	OEM02Vfx - ok
22:05:20.0875 1500	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:05:20.0890 1500	ohci1394 - ok
22:05:20.0984 1500	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:21.0015 1500	ose - ok
22:05:21.0077 1500	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:21.0124 1500	p2pimsvc - ok
22:05:21.0171 1500	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:05:21.0218 1500	p2psvc - ok
22:05:21.0249 1500	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:05:21.0280 1500	Parport - ok
22:05:21.0311 1500	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:05:21.0327 1500	partmgr - ok
22:05:21.0343 1500	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:05:21.0358 1500	Parvdm - ok
22:05:21.0389 1500	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:05:21.0436 1500	PcaSvc - ok
22:05:21.0452 1500	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:05:21.0467 1500	pccsmcfd - ok
22:05:21.0530 1500	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:05:21.0555 1500	pci - ok
22:05:21.0565 1500	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:05:21.0585 1500	pciide - ok
22:05:21.0605 1500	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:05:21.0625 1500	pcmcia - ok
22:05:21.0645 1500	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:05:21.0655 1500	pcw - ok
22:05:21.0695 1500	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:05:21.0755 1500	PEAUTH - ok
22:05:21.0875 1500	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:05:21.0985 1500	PeerDistSvc - ok
22:05:22.0175 1500	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:05:22.0235 1500	pla - ok
22:05:22.0365 1500	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:05:22.0395 1500	PlugPlay - ok
22:05:22.0425 1500	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:05:22.0435 1500	PNRPAutoReg - ok
22:05:22.0465 1500	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:22.0485 1500	PNRPsvc - ok
22:05:22.0515 1500	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:05:22.0555 1500	PolicyAgent - ok
22:05:22.0585 1500	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:05:22.0635 1500	Power - ok
22:05:22.0685 1500	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:05:22.0735 1500	PptpMiniport - ok
22:05:22.0765 1500	PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:05:22.0785 1500	PRESONUS_AUDIOBOX_MIDI - ok
22:05:22.0855 1500	PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:05:22.0895 1500	PRESONUS_AUDIOBOX_USB - ok
22:05:22.0965 1500	PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:05:22.0975 1500	PRESONUS_AUDIOBOX_WDM - ok
22:05:22.0995 1500	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:05:23.0015 1500	Processor - ok
22:05:23.0065 1500	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:05:23.0115 1500	ProfSvc - ok
22:05:23.0145 1500	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:23.0155 1500	ProtectedStorage - ok
22:05:23.0175 1500	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:05:23.0205 1500	Psched - ok
22:05:23.0345 1500	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:05:23.0425 1500	ql2300 - ok
22:05:23.0585 1500	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:05:23.0635 1500	ql40xx - ok
22:05:23.0685 1500	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:05:23.0715 1500	QWAVE - ok
22:05:23.0735 1500	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:05:23.0755 1500	QWAVEdrv - ok
22:05:23.0765 1500	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:05:23.0795 1500	RasAcd - ok
22:05:23.0825 1500	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:23.0855 1500	RasAgileVpn - ok
22:05:23.0875 1500	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:05:23.0905 1500	RasAuto - ok
22:05:23.0975 1500	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:24.0045 1500	Rasl2tp - ok
22:05:24.0105 1500	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:05:24.0145 1500	RasMan - ok
22:05:24.0175 1500	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:24.0195 1500	RasPppoe - ok
22:05:24.0235 1500	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:05:24.0285 1500	RasSstp - ok
22:05:24.0345 1500	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:05:24.0405 1500	rdbss - ok
22:05:24.0425 1500	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:05:24.0435 1500	rdpbus - ok
22:05:24.0545 1500	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:24.0591 1500	RDPCDD - ok
22:05:24.0638 1500	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:05:24.0685 1500	RDPDR - ok
22:05:24.0685 1500	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:05:24.0716 1500	RDPENCDD - ok
22:05:24.0732 1500	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:05:24.0747 1500	RDPREFMP - ok
22:05:24.0794 1500	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:05:24.0841 1500	RDPWD - ok
22:05:24.0888 1500	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:05:24.0919 1500	rdyboost - ok
22:05:24.0981 1500	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:05:25.0028 1500	RemoteAccess - ok
22:05:25.0059 1500	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:05:25.0091 1500	RemoteRegistry - ok
22:05:25.0106 1500	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:25.0137 1500	RFCOMM - ok
22:05:25.0153 1500	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:05:25.0184 1500	RpcEptMapper - ok
22:05:25.0200 1500	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:05:25.0215 1500	RpcLocator - ok
22:05:25.0262 1500	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:25.0325 1500	RpcSs - ok
22:05:25.0356 1500	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:05:25.0403 1500	rspndr - ok
22:05:25.0434 1500	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:05:25.0465 1500	s3cap - ok
22:05:25.0481 1500	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:25.0512 1500	SamSs - ok
22:05:25.0527 1500	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:05:25.0559 1500	sbp2port - ok
22:05:25.0574 1500	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:05:25.0621 1500	SCardSvr - ok
22:05:25.0652 1500	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:05:25.0699 1500	scfilter - ok
22:05:25.0839 1500	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:05:25.0886 1500	Schedule - ok
22:05:26.0011 1500	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:26.0073 1500	SCPolicySvc - ok
22:05:26.0105 1500	sdbus           (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:05:26.0136 1500	sdbus - ok
22:05:26.0167 1500	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:05:26.0198 1500	SDRSVC - ok
22:05:26.0214 1500	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:05:26.0245 1500	secdrv - ok
22:05:26.0276 1500	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:05:26.0307 1500	seclogon - ok
22:05:26.0323 1500	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:05:26.0354 1500	SENS - ok
22:05:26.0385 1500	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:05:26.0401 1500	SensrSvc - ok
22:05:26.0417 1500	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:05:26.0432 1500	Serenum - ok
22:05:26.0448 1500	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:05:26.0463 1500	Serial - ok
22:05:26.0479 1500	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:05:26.0479 1500	sermouse - ok
22:05:26.0604 1500	ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:05:26.0651 1500	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:05:26.0651 1500	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:05:26.0697 1500	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:05:26.0744 1500	SessionEnv - ok
22:05:26.0760 1500	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:05:26.0775 1500	sffdisk - ok
22:05:26.0791 1500	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:05:26.0807 1500	sffp_mmc - ok
22:05:26.0822 1500	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:05:26.0838 1500	sffp_sd - ok
22:05:26.0853 1500	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:05:26.0869 1500	sfloppy - ok
22:05:26.0963 1500	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:05:27.0041 1500	SharedAccess - ok
22:05:27.0087 1500	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:05:27.0150 1500	ShellHWDetection - ok
22:05:27.0150 1500	Scan interrupted by user!
22:05:27.0150 1500	Scan interrupted by user!
22:05:27.0150 1500	Scan interrupted by user!
22:05:27.0150 1500	============================================================
22:05:27.0150 1500	Scan finished
22:05:27.0150 1500	============================================================
22:05:27.0150 2844	Detected object count: 1
22:05:27.0150 2844	Actual detected object count: 1
22:05:30.0535 2844	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:05:30.0535 2844	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:05:35.0745 0776	============================================================
22:05:35.0745 0776	Scan started
22:05:35.0745 0776	Mode: Manual; SigCheck; TDLFS; 
22:05:35.0745 0776	============================================================
22:05:36.0525 0776	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:05:36.0572 0776	1394ohci - ok
22:05:36.0619 0776	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:05:36.0666 0776	ACPI - ok
22:05:36.0697 0776	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:05:36.0728 0776	AcpiPmi - ok
22:05:36.0822 0776	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:36.0853 0776	AdobeARMservice - ok
22:05:36.0993 0776	AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:37.0040 0776	AdobeFlashPlayerUpdateSvc - ok
22:05:37.0103 0776	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:05:37.0149 0776	adp94xx - ok
22:05:37.0181 0776	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:05:37.0212 0776	adpahci - ok
22:05:37.0227 0776	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:05:37.0243 0776	adpu320 - ok
22:05:37.0274 0776	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:05:37.0337 0776	AeLookupSvc - ok
22:05:37.0399 0776	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:05:37.0446 0776	AFD - ok
22:05:37.0477 0776	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:05:37.0493 0776	agp440 - ok
22:05:37.0508 0776	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:05:37.0539 0776	aic78xx - ok
22:05:37.0539 0776	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:05:37.0571 0776	ALG - ok
22:05:37.0586 0776	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:05:37.0602 0776	aliide - ok
22:05:37.0633 0776	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:05:37.0649 0776	amdagp - ok
22:05:37.0649 0776	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:05:37.0664 0776	amdide - ok
22:05:37.0680 0776	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:05:37.0695 0776	AmdK8 - ok
22:05:37.0711 0776	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:05:37.0727 0776	AmdPPM - ok
22:05:37.0758 0776	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:05:37.0773 0776	amdsata - ok
22:05:37.0789 0776	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:05:37.0805 0776	amdsbs - ok
22:05:37.0820 0776	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:05:37.0836 0776	amdxata - ok
22:05:37.0867 0776	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:05:37.0898 0776	AppID - ok
22:05:37.0976 0776	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:05:38.0023 0776	AppIDSvc - ok
22:05:38.0054 0776	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:05:38.0085 0776	Appinfo - ok
22:05:38.0163 0776	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:05:38.0195 0776	Apple Mobile Device - ok
22:05:38.0226 0776	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:05:38.0273 0776	AppMgmt - ok
22:05:38.0319 0776	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:05:38.0335 0776	arc - ok
22:05:38.0351 0776	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:05:38.0366 0776	arcsas - ok
22:05:38.0382 0776	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:38.0429 0776	AsyncMac - ok
22:05:38.0460 0776	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:05:38.0491 0776	atapi - ok
22:05:38.0569 0776	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:38.0631 0776	AudioEndpointBuilder - ok
22:05:38.0631 0776	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:38.0663 0776	Audiosrv - ok
22:05:38.0709 0776	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:05:38.0741 0776	AxInstSV - ok
22:05:38.0772 0776	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:05:38.0803 0776	b06bdrv - ok
22:05:38.0819 0776	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:05:38.0834 0776	b57nd60x - ok
22:05:38.0881 0776	bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:05:38.0912 0776	bcm4sbxp - ok
22:05:38.0990 0776	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:05:39.0006 0776	BDESVC - ok
22:05:39.0021 0776	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:05:39.0068 0776	Beep - ok
22:05:39.0115 0776	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:05:39.0162 0776	BFE - ok
22:05:39.0224 0776	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:05:39.0271 0776	BITS - ok
22:05:39.0287 0776	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:39.0302 0776	blbdrive - ok
22:05:39.0396 0776	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:05:39.0427 0776	Bonjour Service - ok
22:05:39.0458 0776	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:05:39.0489 0776	bowser - ok
22:05:39.0505 0776	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:05:39.0521 0776	BrFiltLo - ok
22:05:39.0536 0776	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:05:39.0552 0776	BrFiltUp - ok
22:05:39.0583 0776	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:05:39.0614 0776	Browser - ok
22:05:39.0645 0776	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:05:39.0661 0776	Brserid - ok
22:05:39.0677 0776	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:39.0692 0776	BrSerWdm - ok
22:05:39.0708 0776	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:39.0723 0776	BrUsbMdm - ok
22:05:39.0723 0776	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:39.0739 0776	BrUsbSer - ok
22:05:39.0770 0776	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:05:39.0786 0776	BthEnum - ok
22:05:39.0801 0776	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:39.0817 0776	BTHMODEM - ok
22:05:39.0848 0776	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:05:39.0864 0776	BthPan - ok
22:05:39.0911 0776	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:05:39.0926 0776	BTHPORT - ok
22:05:39.0973 0776	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:05:39.0989 0776	bthserv - ok
22:05:40.0020 0776	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:05:40.0035 0776	BTHUSB - ok
22:05:40.0051 0776	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:05:40.0082 0776	cdfs - ok
22:05:40.0098 0776	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:05:40.0113 0776	cdrom - ok
22:05:40.0129 0776	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:40.0160 0776	CertPropSvc - ok
22:05:40.0160 0776	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:05:40.0176 0776	circlass - ok
22:05:40.0207 0776	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:05:40.0223 0776	CLFS - ok
22:05:40.0285 0776	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:40.0301 0776	clr_optimization_v2.0.50727_32 - ok
22:05:40.0332 0776	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:05:40.0347 0776	CmBatt - ok
22:05:40.0379 0776	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:05:40.0394 0776	cmdide - ok
22:05:40.0472 0776	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:05:40.0503 0776	CNG - ok
22:05:40.0519 0776	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:05:40.0535 0776	Compbatt - ok
22:05:40.0550 0776	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:05:40.0566 0776	CompositeBus - ok
22:05:40.0566 0776	COMSysApp - ok
22:05:40.0581 0776	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:05:40.0597 0776	crcdisk - ok
22:05:40.0628 0776	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:05:40.0644 0776	CryptSvc - ok
22:05:40.0691 0776	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:05:40.0706 0776	CSC - ok
22:05:40.0769 0776	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:05:40.0784 0776	CscService - ok
22:05:40.0831 0776	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:40.0862 0776	DcomLaunch - ok
22:05:40.0909 0776	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:05:40.0940 0776	defragsvc - ok
22:05:41.0003 0776	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:05:41.0049 0776	DfsC - ok
22:05:41.0081 0776	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:05:41.0127 0776	Dhcp - ok
22:05:41.0159 0776	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:05:41.0190 0776	discache - ok
22:05:41.0205 0776	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:05:41.0205 0776	Disk - ok
22:05:41.0237 0776	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:05:41.0252 0776	Dnscache - ok
22:05:41.0299 0776	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:05:41.0330 0776	dot3svc - ok
22:05:41.0361 0776	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:05:41.0393 0776	DPS - ok
22:05:41.0424 0776	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:05:41.0439 0776	drmkaud - ok
22:05:41.0502 0776	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:05:41.0533 0776	DXGKrnl - ok
22:05:41.0564 0776	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:05:41.0595 0776	EapHost - ok
22:05:41.0907 0776	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:05:41.0970 0776	ebdrv - ok
22:05:42.0173 0776	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:05:42.0204 0776	EFS - ok
22:05:42.0297 0776	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:05:42.0344 0776	ehRecvr - ok
22:05:42.0375 0776	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:05:42.0422 0776	ehSched - ok
22:05:42.0516 0776	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:05:42.0547 0776	elxstor - ok
22:05:42.0563 0776	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:05:42.0578 0776	ErrDev - ok
22:05:42.0625 0776	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:05:42.0687 0776	EventSystem - ok
22:05:42.0703 0776	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:05:42.0734 0776	exfat - ok
22:05:42.0765 0776	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:05:42.0797 0776	fastfat - ok
22:05:42.0843 0776	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:05:42.0875 0776	Fax - ok
22:05:42.0890 0776	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:05:42.0906 0776	fdc - ok
22:05:42.0921 0776	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:05:42.0937 0776	fdPHost - ok
22:05:42.0953 0776	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:05:42.0968 0776	FDResPub - ok
22:05:42.0999 0776	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:05:42.0999 0776	FileInfo - ok
22:05:43.0015 0776	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:05:43.0046 0776	Filetrace - ok
22:05:43.0062 0776	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:05:43.0077 0776	flpydisk - ok
22:05:43.0093 0776	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:05:43.0109 0776	FltMgr - ok
22:05:43.0187 0776	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:05:43.0218 0776	FontCache - ok
22:05:43.0296 0776	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:05:43.0311 0776	FontCache3.0.0.0 - ok
22:05:43.0343 0776	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:05:43.0374 0776	FsDepends - ok
22:05:43.0405 0776	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:05:43.0436 0776	Fs_Rec - ok
22:05:43.0467 0776	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:05:43.0483 0776	fvevol - ok
22:05:43.0514 0776	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:05:43.0545 0776	gagp30kx - ok
22:05:43.0577 0776	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:05:43.0592 0776	GEARAspiWDM - ok
22:05:43.0655 0776	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:05:43.0686 0776	gpsvc - ok
22:05:43.0701 0776	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:05:43.0717 0776	hcw85cir - ok
22:05:43.0779 0776	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:05:43.0795 0776	HdAudAddService - ok
22:05:43.0826 0776	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:05:43.0842 0776	HDAudBus - ok
22:05:43.0857 0776	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:05:43.0873 0776	HidBatt - ok
22:05:43.0889 0776	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:05:43.0904 0776	HidBth - ok
22:05:43.0920 0776	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:05:43.0935 0776	HidIr - ok
22:05:43.0967 0776	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:05:43.0998 0776	hidserv - ok
22:05:44.0029 0776	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:05:44.0045 0776	HidUsb - ok
22:05:44.0076 0776	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:05:44.0107 0776	hkmsvc - ok
22:05:44.0123 0776	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:05:44.0138 0776	HomeGroupListener - ok
22:05:44.0185 0776	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:05:44.0216 0776	HomeGroupProvider - ok
22:05:44.0232 0776	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:05:44.0247 0776	HpSAMD - ok
22:05:44.0310 0776	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:05:44.0341 0776	HTTP - ok
22:05:44.0372 0776	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:05:44.0372 0776	hwpolicy - ok
22:05:44.0419 0776	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:05:44.0419 0776	i8042prt - ok
22:05:44.0466 0776	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:05:44.0481 0776	iaStorV - ok
22:05:44.0637 0776	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:05:44.0684 0776	idsvc - ok
22:05:44.0715 0776	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:05:44.0731 0776	iirsp - ok
22:05:44.0825 0776	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:05:44.0856 0776	IKEEXT - ok
22:05:44.0903 0776	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:05:44.0903 0776	intelide - ok
22:05:44.0918 0776	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:05:44.0934 0776	intelppm - ok
22:05:44.0965 0776	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:05:45.0012 0776	IPBusEnum - ok
22:05:45.0027 0776	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:45.0059 0776	IpFilterDriver - ok
22:05:45.0121 0776	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:05:45.0183 0776	iphlpsvc - ok
22:05:45.0199 0776	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:05:45.0215 0776	IPMIDRV - ok
22:05:45.0230 0776	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:05:45.0261 0776	IPNAT - ok
22:05:45.0402 0776	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:05:45.0433 0776	iPod Service - ok
22:05:45.0449 0776	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:05:45.0464 0776	IRENUM - ok
22:05:45.0495 0776	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:05:45.0511 0776	isapnp - ok
22:05:45.0558 0776	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:05:45.0573 0776	iScsiPrt - ok
22:05:45.0589 0776	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:05:45.0589 0776	kbdclass - ok
22:05:45.0620 0776	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:05:45.0636 0776	kbdhid - ok
22:05:45.0651 0776	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:45.0667 0776	KeyIso - ok
22:05:45.0698 0776	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:05:45.0714 0776	KSecDD - ok
22:05:45.0761 0776	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:05:45.0792 0776	KSecPkg - ok
22:05:45.0839 0776	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:05:45.0885 0776	KtmRm - ok
22:05:45.0932 0776	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:05:45.0979 0776	LanmanServer - ok
22:05:46.0010 0776	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:05:46.0073 0776	LanmanWorkstation - ok
22:05:46.0104 0776	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:05:46.0135 0776	lltdio - ok
22:05:46.0166 0776	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:05:46.0197 0776	lltdsvc - ok
22:05:46.0197 0776	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:05:46.0229 0776	lmhosts - ok
22:05:46.0244 0776	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:05:46.0260 0776	LSI_FC - ok
22:05:46.0275 0776	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:05:46.0291 0776	LSI_SAS - ok
22:05:46.0307 0776	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:05:46.0322 0776	LSI_SAS2 - ok
22:05:46.0338 0776	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:05:46.0353 0776	LSI_SCSI - ok
22:05:46.0369 0776	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:05:46.0400 0776	luafv - ok
22:05:46.0431 0776	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:05:46.0431 0776	MBAMProtector - ok
22:05:46.0541 0776	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:46.0556 0776	MBAMService - ok
22:05:46.0587 0776	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:05:46.0619 0776	Mcx2Svc - ok
22:05:46.0634 0776	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:05:46.0650 0776	megasas - ok
22:05:46.0697 0776	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:05:46.0722 0776	MegaSR - ok
22:05:46.0792 0776	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:05:46.0822 0776	Microsoft Office Groove Audit Service - ok
22:05:46.0852 0776	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:05:46.0912 0776	MMCSS - ok
22:05:46.0912 0776	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:05:46.0942 0776	Modem - ok
22:05:46.0952 0776	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:05:46.0962 0776	monitor - ok
22:05:46.0982 0776	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:05:46.0992 0776	mouclass - ok
22:05:47.0002 0776	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:05:47.0022 0776	mouhid - ok
22:05:47.0072 0776	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:05:47.0102 0776	mountmgr - ok
22:05:47.0152 0776	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:05:47.0182 0776	MozillaMaintenance - ok
22:05:47.0222 0776	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:05:47.0252 0776	MpFilter - ok
22:05:47.0292 0776	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:05:47.0302 0776	mpio - ok
22:05:47.0332 0776	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:05:47.0362 0776	mpsdrv - ok
22:05:47.0452 0776	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:05:47.0502 0776	MpsSvc - ok
22:05:47.0542 0776	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:05:47.0562 0776	MRxDAV - ok
22:05:47.0592 0776	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:47.0602 0776	mrxsmb - ok
22:05:47.0622 0776	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:47.0632 0776	mrxsmb10 - ok
22:05:47.0653 0776	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:47.0663 0776	mrxsmb20 - ok
22:05:47.0693 0776	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:05:47.0703 0776	msahci - ok
22:05:47.0723 0776	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:05:47.0743 0776	msdsm - ok
22:05:47.0783 0776	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:05:47.0823 0776	MSDTC - ok
22:05:47.0843 0776	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:05:47.0883 0776	Msfs - ok
22:05:47.0893 0776	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:05:47.0923 0776	mshidkmdf - ok
22:05:47.0943 0776	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:05:47.0953 0776	msisadrv - ok
22:05:47.0983 0776	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:05:48.0013 0776	MSiSCSI - ok
22:05:48.0013 0776	msiserver - ok
22:05:48.0033 0776	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:05:48.0063 0776	MSKSSRV - ok
22:05:48.0123 0776	MsMpSvc         (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:48.0143 0776	MsMpSvc - ok
22:05:48.0163 0776	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:48.0203 0776	MSPCLOCK - ok
22:05:48.0213 0776	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:05:48.0243 0776	MSPQM - ok
22:05:48.0273 0776	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:05:48.0283 0776	MsRPC - ok
22:05:48.0303 0776	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:05:48.0313 0776	mssmbios - ok
22:05:48.0323 0776	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:05:48.0353 0776	MSTEE - ok
22:05:48.0373 0776	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:05:48.0383 0776	MTConfig - ok
22:05:48.0403 0776	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:05:48.0413 0776	Mup - ok
22:05:48.0463 0776	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:05:48.0513 0776	napagent - ok
22:05:48.0553 0776	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:05:48.0563 0776	NativeWifiP - ok
22:05:48.0633 0776	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:05:48.0664 0776	NDIS - ok
22:05:48.0674 0776	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:48.0704 0776	NdisCap - ok
22:05:48.0714 0776	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:48.0734 0776	NdisTapi - ok
22:05:48.0754 0776	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:48.0774 0776	Ndisuio - ok
22:05:48.0805 0776	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:48.0868 0776	NdisWan - ok
22:05:48.0899 0776	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:05:48.0946 0776	NDProxy - ok
22:05:48.0946 0776	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:05:48.0977 0776	NetBIOS - ok
22:05:49.0008 0776	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:05:49.0039 0776	NetBT - ok
22:05:49.0071 0776	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:49.0071 0776	Netlogon - ok
22:05:49.0117 0776	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:05:49.0149 0776	Netman - ok
22:05:49.0180 0776	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:05:49.0211 0776	netprofm - ok
22:05:49.0305 0776	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:05:49.0320 0776	NetTcpPortSharing - ok
22:05:49.0788 0776	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:05:49.0882 0776	netw5v32 - ok
22:05:50.0022 0776	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:05:50.0053 0776	nfrd960 - ok
22:05:50.0085 0776	NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:05:50.0100 0776	NisDrv - ok
22:05:50.0194 0776	NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:50.0241 0776	NisSrv - ok
22:05:50.0303 0776	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:05:50.0350 0776	NlaSvc - ok
22:05:50.0381 0776	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:05:50.0412 0776	nmwcd - ok
22:05:50.0412 0776	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:05:50.0443 0776	nmwcdc - ok
22:05:50.0459 0776	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:05:50.0490 0776	Npfs - ok
22:05:50.0521 0776	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:05:50.0537 0776	nsi - ok
22:05:50.0553 0776	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:05:50.0584 0776	nsiproxy - ok
22:05:50.0709 0776	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:05:50.0802 0776	Ntfs - ok
22:05:50.0818 0776	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:05:50.0849 0776	Null - ok
22:05:51.0598 0776	nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:05:51.0863 0776	nvlddmkm - ok
22:05:52.0050 0776	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:05:52.0097 0776	nvraid - ok
22:05:52.0128 0776	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:05:52.0175 0776	nvstor - ok
22:05:52.0222 0776	nvsvc           (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:05:52.0269 0776	nvsvc - ok
22:05:52.0284 0776	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:05:52.0315 0776	nv_agp - ok
22:05:52.0438 0776	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:52.0478 0776	odserv - ok
22:05:52.0518 0776	OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:05:52.0558 0776	OEM02Dev - ok
22:05:52.0568 0776	OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:05:52.0588 0776	OEM02Vfx - ok
22:05:52.0608 0776	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:05:52.0638 0776	ohci1394 - ok
22:05:52.0678 0776	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:52.0708 0776	ose - ok
22:05:52.0768 0776	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:52.0808 0776	p2pimsvc - ok
22:05:52.0838 0776	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:05:52.0878 0776	p2psvc - ok
22:05:52.0908 0776	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:05:52.0948 0776	Parport - ok
22:05:52.0978 0776	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:05:52.0988 0776	partmgr - ok
22:05:52.0998 0776	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:05:53.0018 0776	Parvdm - ok
22:05:53.0048 0776	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:05:53.0078 0776	PcaSvc - ok
22:05:53.0108 0776	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:05:53.0128 0776	pccsmcfd - ok
22:05:53.0158 0776	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:05:53.0178 0776	pci - ok
22:05:53.0188 0776	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:05:53.0208 0776	pciide - ok
22:05:53.0228 0776	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:05:53.0248 0776	pcmcia - ok
22:05:53.0268 0776	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:05:53.0278 0776	pcw - ok
22:05:53.0338 0776	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:05:53.0388 0776	PEAUTH - ok
22:05:53.0528 0776	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:05:53.0608 0776	PeerDistSvc - ok
22:05:53.0798 0776	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:05:53.0898 0776	pla - ok
22:05:54.0058 0776	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:05:54.0118 0776	PlugPlay - ok
22:05:54.0148 0776	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:05:54.0178 0776	PNRPAutoReg - ok
22:05:54.0218 0776	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:54.0258 0776	PNRPsvc - ok
22:05:54.0328 0776	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:05:54.0388 0776	PolicyAgent - ok
22:05:54.0418 0776	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:05:54.0453 0776	Power - ok
22:05:54.0500 0776	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:05:54.0547 0776	PptpMiniport - ok
22:05:54.0563 0776	PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:05:54.0578 0776	PRESONUS_AUDIOBOX_MIDI - ok
22:05:54.0625 0776	PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:05:54.0656 0776	PRESONUS_AUDIOBOX_USB - ok
22:05:54.0672 0776	PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:05:54.0687 0776	PRESONUS_AUDIOBOX_WDM - ok
22:05:54.0687 0776	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:05:54.0703 0776	Processor - ok
22:05:54.0734 0776	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:05:54.0781 0776	ProfSvc - ok
22:05:54.0812 0776	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:54.0828 0776	ProtectedStorage - ok
22:05:54.0843 0776	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:05:54.0875 0776	Psched - ok
22:05:54.0999 0776	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:05:55.0077 0776	ql2300 - ok
22:05:55.0218 0776	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:05:55.0265 0776	ql40xx - ok
22:05:55.0311 0776	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:05:55.0358 0776	QWAVE - ok
22:05:55.0374 0776	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:05:55.0405 0776	QWAVEdrv - ok
22:05:55.0405 0776	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:05:55.0436 0776	RasAcd - ok
22:05:55.0467 0776	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:55.0499 0776	RasAgileVpn - ok
22:05:55.0514 0776	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:05:55.0545 0776	RasAuto - ok
22:05:55.0561 0776	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:55.0592 0776	Rasl2tp - ok
22:05:55.0623 0776	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:05:55.0670 0776	RasMan - ok
22:05:55.0686 0776	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:55.0717 0776	RasPppoe - ok
22:05:55.0733 0776	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:05:55.0764 0776	RasSstp - ok
22:05:55.0795 0776	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:05:55.0857 0776	rdbss - ok
22:05:55.0857 0776	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:05:55.0873 0776	rdpbus - ok
22:05:55.0967 0776	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:56.0013 0776	RDPCDD - ok
22:05:56.0060 0776	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:05:56.0076 0776	RDPDR - ok
22:05:56.0076 0776	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:05:56.0107 0776	RDPENCDD - ok
22:05:56.0123 0776	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:05:56.0154 0776	RDPREFMP - ok
22:05:56.0201 0776	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:05:56.0247 0776	RDPWD - ok
22:05:56.0294 0776	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:05:56.0325 0776	rdyboost - ok
22:05:56.0357 0776	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:05:56.0419 0776	RemoteAccess - ok
22:05:56.0450 0776	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:05:56.0497 0776	RemoteRegistry - ok
22:05:56.0528 0776	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:56.0544 0776	RFCOMM - ok
22:05:56.0559 0776	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:05:56.0591 0776	RpcEptMapper - ok
22:05:56.0622 0776	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:05:56.0622 0776	RpcLocator - ok
22:05:56.0669 0776	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:56.0700 0776	RpcSs - ok
22:05:56.0731 0776	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:05:56.0762 0776	rspndr - ok
22:05:56.0793 0776	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:05:56.0793 0776	s3cap - ok
22:05:56.0825 0776	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:56.0840 0776	SamSs - ok
22:05:56.0871 0776	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:05:56.0887 0776	sbp2port - ok
22:05:56.0903 0776	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:05:56.0934 0776	SCardSvr - ok
22:05:56.0949 0776	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:05:56.0981 0776	scfilter - ok
22:05:57.0074 0776	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:05:57.0121 0776	Schedule - ok
22:05:57.0152 0776	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:57.0183 0776	SCPolicySvc - ok
22:05:57.0215 0776	sdbus           (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:05:57.0230 0776	sdbus - ok
22:05:57.0261 0776	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:05:57.0293 0776	SDRSVC - ok
22:05:57.0324 0776	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:05:57.0371 0776	secdrv - ok
22:05:57.0402 0776	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:05:57.0433 0776	seclogon - ok
22:05:57.0449 0776	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:05:57.0480 0776	SENS - ok
22:05:57.0511 0776	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:05:57.0527 0776	SensrSvc - ok
22:05:57.0542 0776	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:05:57.0558 0776	Serenum - ok
22:05:57.0573 0776	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:05:57.0573 0776	Serial - ok
22:05:57.0620 0776	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:05:57.0636 0776	sermouse - ok
22:05:57.0745 0776	ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:05:57.0792 0776	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:05:57.0792 0776	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:05:57.0854 0776	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:05:57.0901 0776	SessionEnv - ok
22:05:57.0948 0776	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:05:57.0995 0776	sffdisk - ok
22:05:57.0995 0776	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:05:58.0026 0776	sffp_mmc - ok
22:05:58.0041 0776	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:05:58.0057 0776	sffp_sd - ok
22:05:58.0073 0776	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:05:58.0104 0776	sfloppy - ok
22:05:58.0151 0776	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:05:58.0213 0776	SharedAccess - ok
22:05:58.0260 0776	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:05:58.0322 0776	ShellHWDetection - ok
22:05:58.0353 0776	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:05:58.0385 0776	sisagp - ok
22:05:58.0400 0776	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:05:58.0416 0776	SiSRaid2 - ok
22:05:58.0431 0776	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:05:58.0447 0776	SiSRaid4 - ok
22:05:58.0463 0776	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:05:58.0494 0776	Smb - ok
22:05:58.0525 0776	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:05:58.0541 0776	SNMPTRAP - ok
22:05:58.0619 0776	Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:05:58.0650 0776	Sony Ericsson PCCompanion - ok
22:05:58.0665 0776	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:05:58.0697 0776	spldr - ok
22:05:58.0762 0776	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:05:58.0852 0776	Spooler - ok
22:05:59.0192 0776	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:05:59.0342 0776	sppsvc - ok
22:05:59.0462 0776	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:05:59.0512 0776	sppuinotify - ok
22:05:59.0592 0776	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:05:59.0642 0776	srv - ok
22:05:59.0682 0776	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:05:59.0722 0776	srv2 - ok
22:05:59.0772 0776	SrvHsfHDA       (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:05:59.0822 0776	SrvHsfHDA - ok
22:05:59.0942 0776	SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:06:00.0002 0776	SrvHsfV92 - ok
22:06:00.0052 0776	SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:06:00.0092 0776	SrvHsfWinac - ok
22:06:00.0122 0776	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:00.0142 0776	srvnet - ok
22:06:00.0172 0776	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:06:00.0222 0776	SSDPSRV - ok
22:06:00.0242 0776	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:06:00.0282 0776	SstpSvc - ok
22:06:00.0312 0776	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:06:00.0322 0776	stexstor - ok
22:06:00.0402 0776	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:06:00.0452 0776	StiSvc - ok
22:06:00.0472 0776	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:06:00.0492 0776	storflt - ok
22:06:00.0522 0776	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:06:00.0552 0776	StorSvc - ok
22:06:00.0572 0776	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:06:00.0582 0776	storvsc - ok
22:06:00.0602 0776	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:06:00.0612 0776	swenum - ok
22:06:00.0662 0776	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:06:00.0692 0776	swprv - ok
22:06:00.0722 0776	SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:06:00.0732 0776	SynasUSB - ok
22:06:00.0850 0776	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:06:00.0881 0776	SysMain - ok
22:06:00.0913 0776	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:06:00.0928 0776	TabletInputService - ok
22:06:00.0959 0776	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:06:01.0006 0776	TapiSrv - ok
22:06:01.0022 0776	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:06:01.0053 0776	TBS - ok
22:06:01.0252 0776	Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:06:01.0332 0776	Tcpip - ok
22:06:01.0352 0776	TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:01.0382 0776	TCPIP6 - ok
22:06:01.0412 0776	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:06:01.0442 0776	tcpipreg - ok
22:06:01.0472 0776	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:06:01.0492 0776	TDPIPE - ok
22:06:01.0522 0776	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:06:01.0552 0776	TDTCP - ok
22:06:01.0582 0776	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:06:01.0632 0776	tdx - ok
22:06:01.0662 0776	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:06:01.0682 0776	TermDD - ok
22:06:01.0742 0776	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:06:01.0793 0776	TermService - ok
22:06:01.0823 0776	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:06:01.0843 0776	Themes - ok
22:06:01.0873 0776	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:01.0903 0776	THREADORDER - ok
22:06:01.0923 0776	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:06:01.0953 0776	TrkWks - ok
22:06:02.0003 0776	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:06:02.0063 0776	TrustedInstaller - ok
22:06:02.0083 0776	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:02.0103 0776	tssecsrv - ok
22:06:02.0143 0776	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:06:02.0163 0776	TsUsbFlt - ok
22:06:02.0203 0776	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:02.0233 0776	tunnel - ok
22:06:02.0253 0776	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:06:02.0273 0776	uagp35 - ok
22:06:02.0313 0776	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:06:02.0383 0776	udfs - ok
22:06:02.0413 0776	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:06:02.0443 0776	UI0Detect - ok
22:06:02.0473 0776	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:06:02.0493 0776	uliagpkx - ok
22:06:02.0533 0776	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:06:02.0553 0776	umbus - ok
22:06:02.0573 0776	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:06:02.0593 0776	UmPass - ok
22:06:02.0643 0776	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:06:02.0673 0776	UmRdpService - ok
22:06:02.0713 0776	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:06:02.0763 0776	upnphost - ok
22:06:02.0803 0776	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:06:02.0823 0776	upperdev - ok
22:06:02.0853 0776	USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:06:02.0863 0776	USBAAPL - ok
22:06:02.0903 0776	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:06:02.0913 0776	usbaudio - ok
22:06:02.0943 0776	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:02.0953 0776	usbccgp - ok
22:06:02.0983 0776	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:06:02.0993 0776	usbcir - ok
22:06:03.0013 0776	usbehci         (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:06:03.0023 0776	usbehci - ok
22:06:03.0053 0776	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:06:03.0083 0776	usbhub - ok
22:06:03.0103 0776	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:06:03.0113 0776	usbohci - ok
22:06:03.0143 0776	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:03.0183 0776	usbprint - ok
22:06:03.0203 0776	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:03.0223 0776	usbscan - ok
22:06:03.0253 0776	usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:06:03.0273 0776	usbser - ok
22:06:03.0293 0776	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:06:03.0323 0776	UsbserFilt - ok
22:06:03.0343 0776	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:03.0363 0776	USBSTOR - ok
22:06:03.0373 0776	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:06:03.0383 0776	usbuhci - ok
22:06:03.0413 0776	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:06:03.0433 0776	usbvideo - ok
22:06:03.0463 0776	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:06:03.0493 0776	UxSms - ok
22:06:03.0523 0776	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:03.0533 0776	VaultSvc - ok
22:06:03.0543 0776	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:06:03.0563 0776	vdrvroot - ok
22:06:03.0613 0776	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:06:03.0663 0776	vds - ok
22:06:03.0703 0776	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:03.0723 0776	vga - ok
22:06:03.0733 0776	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:06:03.0763 0776	VgaSave - ok
22:06:03.0783 0776	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:06:03.0813 0776	vhdmp - ok
22:06:03.0853 0776	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:06:03.0863 0776	viaagp - ok
22:06:03.0883 0776	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:06:03.0893 0776	ViaC7 - ok
22:06:03.0903 0776	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:06:03.0923 0776	viaide - ok
22:06:03.0943 0776	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:06:03.0963 0776	vmbus - ok
22:06:03.0973 0776	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:06:03.0993 0776	VMBusHID - ok
22:06:04.0003 0776	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:06:04.0023 0776	volmgr - ok
22:06:04.0053 0776	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:06:04.0083 0776	volmgrx - ok
22:06:04.0123 0776	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:06:04.0143 0776	volsnap - ok
22:06:04.0163 0776	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:04.0183 0776	vsmraid - ok
22:06:04.0293 0776	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:06:04.0343 0776	VSS - ok
22:06:04.0363 0776	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:06:04.0373 0776	vwifibus - ok
22:06:04.0443 0776	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:06:04.0503 0776	W32Time - ok
22:06:04.0523 0776	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:06:04.0533 0776	WacomPen - ok
22:06:04.0563 0776	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:04.0593 0776	WANARP - ok
22:06:04.0593 0776	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:04.0623 0776	Wanarpv6 - ok
22:06:04.0743 0776	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:06:04.0823 0776	wbengine - ok
22:06:04.0853 0776	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:06:04.0883 0776	WbioSrvc - ok
22:06:04.0923 0776	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:06:04.0973 0776	wcncsvc - ok
22:06:04.0993 0776	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:06:05.0013 0776	WcsPlugInService - ok
22:06:05.0074 0776	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:06:05.0106 0776	Wd - ok
22:06:05.0137 0776	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:06:05.0168 0776	Wdf01000 - ok
22:06:05.0184 0776	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:05.0199 0776	WdiServiceHost - ok
22:06:05.0215 0776	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:05.0230 0776	WdiSystemHost - ok
22:06:05.0262 0776	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:06:05.0277 0776	WebClient - ok
22:06:05.0293 0776	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:06:05.0324 0776	Wecsvc - ok
22:06:05.0355 0776	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:06:05.0386 0776	wercplsupport - ok
22:06:05.0386 0776	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:06:05.0418 0776	WerSvc - ok
22:06:05.0433 0776	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:05.0464 0776	WfpLwf - ok
22:06:05.0480 0776	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:06:05.0496 0776	WIMMount - ok
22:06:05.0636 0776	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:06:05.0698 0776	WinDefend - ok
22:06:05.0698 0776	WinHttpAutoProxySvc - ok
22:06:05.0792 0776	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:06:05.0839 0776	Winmgmt - ok
22:06:05.0979 0776	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:06:06.0057 0776	WinRM - ok
22:06:06.0135 0776	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:06:06.0151 0776	WinUsb - ok
22:06:06.0260 0776	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:06:06.0322 0776	Wlansvc - ok
22:06:06.0588 0776	wlidsvc         (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:06.0681 0776	wlidsvc - ok
22:06:06.0837 0776	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:06:06.0868 0776	WmiAcpi - ok
22:06:06.0946 0776	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:06:06.0993 0776	wmiApSrv - ok
22:06:07.0196 0776	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:06:07.0274 0776	WMPNetworkSvc - ok
22:06:07.0321 0776	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:06:07.0336 0776	WPCSvc - ok
22:06:07.0399 0776	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:06:07.0446 0776	WPDBusEnum - ok
22:06:07.0492 0776	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:07.0539 0776	ws2ifsl - ok
22:06:07.0555 0776	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:06:07.0570 0776	wscsvc - ok
22:06:07.0570 0776	WSearch - ok
22:06:07.0773 0776	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:06:07.0820 0776	wuauserv - ok
22:06:07.0992 0776	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:06:08.0054 0776	WudfPf - ok
22:06:08.0085 0776	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:08.0116 0776	WUDFRd - ok
22:06:08.0132 0776	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:06:08.0179 0776	wudfsvc - ok
22:06:08.0226 0776	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:06:08.0272 0776	WwanSvc - ok
22:06:08.0304 0776	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:06:08.0740 0776	\Device\Harddisk0\DR0 - ok
22:06:08.0787 0776	Boot (0x1200)   (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:06:08.0787 0776	\Device\Harddisk0\DR0\Partition0 - ok
22:06:08.0787 0776	Boot (0x1200)   (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:06:08.0803 0776	\Device\Harddisk0\DR0\Partition1 - ok
22:06:08.0803 0776	============================================================
22:06:08.0803 0776	Scan finished
22:06:08.0803 0776	============================================================
22:06:08.0818 1076	Detected object count: 1
22:06:08.0818 1076	Actual detected object count: 1
22:06:21.0720 1076	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:21.0720 1076	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:06:24.0866 3812	============================================================
22:06:24.0866 3812	Scan started
22:06:24.0866 3812	Mode: Manual; SigCheck; TDLFS; 
22:06:24.0866 3812	============================================================
22:06:25.0381 3812	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:06:25.0428 3812	1394ohci - ok
22:06:25.0474 3812	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:06:25.0521 3812	ACPI - ok
22:06:25.0537 3812	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:06:25.0584 3812	AcpiPmi - ok
22:06:25.0677 3812	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:06:25.0693 3812	AdobeARMservice - ok
22:06:25.0771 3812	AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:06:25.0802 3812	AdobeFlashPlayerUpdateSvc - ok
22:06:25.0864 3812	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:06:25.0911 3812	adp94xx - ok
22:06:25.0942 3812	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:06:25.0974 3812	adpahci - ok
22:06:25.0989 3812	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:06:26.0005 3812	adpu320 - ok
22:06:26.0052 3812	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:06:26.0067 3812	AeLookupSvc - ok
22:06:26.0114 3812	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:06:26.0161 3812	AFD - ok
22:06:26.0192 3812	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:06:26.0208 3812	agp440 - ok
22:06:26.0223 3812	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:06:26.0239 3812	aic78xx - ok
22:06:26.0254 3812	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:06:26.0286 3812	ALG - ok
22:06:26.0301 3812	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:06:26.0317 3812	aliide - ok
22:06:26.0348 3812	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:06:26.0364 3812	amdagp - ok
22:06:26.0379 3812	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:06:26.0395 3812	amdide - ok
22:06:26.0410 3812	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:06:26.0442 3812	AmdK8 - ok
22:06:26.0457 3812	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:06:26.0473 3812	AmdPPM - ok
22:06:26.0488 3812	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:06:26.0520 3812	amdsata - ok
22:06:26.0551 3812	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:06:26.0582 3812	amdsbs - ok
22:06:26.0598 3812	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:06:26.0613 3812	amdxata - ok
22:06:26.0644 3812	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:06:26.0691 3812	AppID - ok
22:06:26.0722 3812	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:06:26.0769 3812	AppIDSvc - ok
22:06:26.0816 3812	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:06:26.0863 3812	Appinfo - ok
22:06:26.0956 3812	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:06:26.0972 3812	Apple Mobile Device - ok
22:06:27.0019 3812	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:06:27.0050 3812	AppMgmt - ok
22:06:27.0081 3812	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:06:27.0097 3812	arc - ok
22:06:27.0112 3812	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:06:27.0132 3812	arcsas - ok
22:06:27.0152 3812	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:27.0182 3812	AsyncMac - ok
22:06:27.0212 3812	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:06:27.0242 3812	atapi - ok
22:06:27.0312 3812	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:06:27.0382 3812	AudioEndpointBuilder - ok
22:06:27.0392 3812	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:06:27.0422 3812	Audiosrv - ok
22:06:27.0452 3812	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:06:27.0492 3812	AxInstSV - ok
22:06:27.0522 3812	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:06:27.0562 3812	b06bdrv - ok
22:06:27.0602 3812	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:06:27.0642 3812	b57nd60x - ok
22:06:27.0682 3812	bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:06:27.0712 3812	bcm4sbxp - ok
22:06:27.0742 3812	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:06:27.0762 3812	BDESVC - ok
22:06:27.0772 3812	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:06:27.0812 3812	Beep - ok
22:06:27.0872 3812	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:06:27.0932 3812	BFE - ok
22:06:27.0992 3812	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:06:28.0042 3812	BITS - ok
22:06:28.0052 3812	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:06:28.0072 3812	blbdrive - ok
22:06:28.0172 3812	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:06:28.0212 3812	Bonjour Service - ok
22:06:28.0282 3812	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:06:28.0312 3812	bowser - ok
22:06:28.0342 3812	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:06:28.0372 3812	BrFiltLo - ok
22:06:28.0392 3812	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:06:28.0412 3812	BrFiltUp - ok
22:06:28.0452 3812	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:06:28.0482 3812	Browser - ok
22:06:28.0512 3812	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:06:28.0532 3812	Brserid - ok
22:06:28.0552 3812	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:06:28.0572 3812	BrSerWdm - ok
22:06:28.0582 3812	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:06:28.0602 3812	BrUsbMdm - ok
22:06:28.0602 3812	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:06:28.0622 3812	BrUsbSer - ok
22:06:28.0652 3812	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:06:28.0672 3812	BthEnum - ok
22:06:28.0692 3812	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:28.0702 3812	BTHMODEM - ok
22:06:28.0722 3812	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:06:28.0742 3812	BthPan - ok
22:06:28.0782 3812	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:06:28.0832 3812	BTHPORT - ok
22:06:28.0862 3812	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:06:28.0892 3812	bthserv - ok
22:06:28.0912 3812	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:06:28.0922 3812	BTHUSB - ok
22:06:28.0942 3812	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:06:28.0982 3812	cdfs - ok
22:06:29.0002 3812	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:06:29.0012 3812	cdrom - ok
22:06:29.0032 3812	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:06:29.0062 3812	CertPropSvc - ok
22:06:29.0072 3812	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:06:29.0082 3812	circlass - ok
22:06:29.0112 3812	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:06:29.0132 3812	CLFS - ok
22:06:29.0202 3812	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:29.0222 3812	clr_optimization_v2.0.50727_32 - ok
22:06:29.0242 3812	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:06:29.0262 3812	CmBatt - ok
22:06:29.0292 3812	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:06:29.0312 3812	cmdide - ok
22:06:29.0382 3812	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:06:29.0422 3812	CNG - ok
22:06:29.0442 3812	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:06:29.0462 3812	Compbatt - ok
22:06:29.0502 3812	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:06:29.0532 3812	CompositeBus - ok
22:06:29.0532 3812	COMSysApp - ok
22:06:29.0552 3812	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:06:29.0562 3812	crcdisk - ok
22:06:29.0582 3812	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:06:29.0632 3812	CryptSvc - ok
22:06:29.0692 3812	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:06:29.0742 3812	CSC - ok
22:06:29.0822 3812	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:06:29.0872 3812	CscService - ok
22:06:29.0922 3812	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:06:29.0972 3812	DcomLaunch - ok
22:06:30.0012 3812	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:06:30.0042 3812	defragsvc - ok
22:06:30.0112 3812	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:06:30.0152 3812	DfsC - ok
22:06:30.0192 3812	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:06:30.0252 3812	Dhcp - ok
22:06:30.0272 3812	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:06:30.0312 3812	discache - ok
22:06:30.0332 3812	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:06:30.0352 3812	Disk - ok
22:06:30.0382 3812	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:06:30.0422 3812	Dnscache - ok
22:06:30.0482 3812	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:06:30.0522 3812	dot3svc - ok
22:06:30.0572 3812	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:06:30.0622 3812	DPS - ok
22:06:30.0652 3812	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:06:30.0662 3812	drmkaud - ok
22:06:30.0732 3812	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:06:30.0762 3812	DXGKrnl - ok
22:06:30.0792 3812	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:06:30.0822 3812	EapHost - ok
22:06:31.0149 3812	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:06:31.0196 3812	ebdrv - ok
22:06:31.0321 3812	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:06:31.0352 3812	EFS - ok
22:06:31.0446 3812	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:06:31.0477 3812	ehRecvr - ok
22:06:31.0508 3812	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:06:31.0539 3812	ehSched - ok
22:06:31.0633 3812	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:06:31.0664 3812	elxstor - ok
22:06:31.0695 3812	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:06:31.0711 3812	ErrDev - ok
22:06:31.0758 3812	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:06:31.0804 3812	EventSystem - ok
22:06:31.0836 3812	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:06:31.0867 3812	exfat - ok
22:06:31.0882 3812	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:06:31.0914 3812	fastfat - ok
22:06:31.0976 3812	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:06:32.0023 3812	Fax - ok
22:06:32.0038 3812	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:06:32.0054 3812	fdc - ok
22:06:32.0070 3812	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:06:32.0116 3812	fdPHost - ok
22:06:32.0132 3812	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:06:32.0163 3812	FDResPub - ok
22:06:32.0179 3812	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:06:32.0194 3812	FileInfo - ok
22:06:32.0210 3812	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:06:32.0241 3812	Filetrace - ok
22:06:32.0257 3812	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:06:32.0257 3812	flpydisk - ok
22:06:32.0288 3812	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:06:32.0304 3812	FltMgr - ok
22:06:32.0382 3812	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:06:32.0428 3812	FontCache - ok
22:06:32.0491 3812	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:06:32.0522 3812	FontCache3.0.0.0 - ok
22:06:32.0538 3812	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:06:32.0569 3812	FsDepends - ok
22:06:32.0584 3812	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:06:32.0616 3812	Fs_Rec - ok
22:06:32.0647 3812	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:06:32.0678 3812	fvevol - ok
22:06:32.0709 3812	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:06:32.0740 3812	gagp30kx - ok
22:06:32.0756 3812	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:06:32.0772 3812	GEARAspiWDM - ok
22:06:32.0850 3812	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:06:32.0881 3812	gpsvc - ok
22:06:32.0896 3812	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:06:32.0912 3812	hcw85cir - ok
22:06:32.0959 3812	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:06:32.0974 3812	HdAudAddService - ok
22:06:32.0990 3812	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:06:33.0006 3812	HDAudBus - ok
22:06:33.0021 3812	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:06:33.0037 3812	HidBatt - ok
22:06:33.0052 3812	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:06:33.0068 3812	HidBth - ok
22:06:33.0084 3812	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:06:33.0099 3812	HidIr - ok
22:06:33.0130 3812	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:06:33.0162 3812	hidserv - ok
22:06:33.0177 3812	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:06:33.0177 3812	HidUsb - ok
22:06:33.0208 3812	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:06:33.0240 3812	hkmsvc - ok
22:06:33.0271 3812	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:06:33.0286 3812	HomeGroupListener - ok
22:06:33.0333 3812	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:06:33.0364 3812	HomeGroupProvider - ok
22:06:33.0380 3812	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:06:33.0411 3812	HpSAMD - ok
22:06:33.0489 3812	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:06:33.0520 3812	HTTP - ok
22:06:33.0552 3812	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:06:33.0552 3812	hwpolicy - ok
22:06:33.0567 3812	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:06:33.0583 3812	i8042prt - ok
22:06:33.0614 3812	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:06:33.0630 3812	iaStorV - ok
22:06:33.0817 3812	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:06:33.0848 3812	idsvc - ok
22:06:33.0879 3812	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:06:33.0895 3812	iirsp - ok
22:06:33.0973 3812	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:06:34.0051 3812	IKEEXT - ok
22:06:34.0082 3812	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:06:34.0082 3812	intelide - ok
22:06:34.0098 3812	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:06:34.0113 3812	intelppm - ok
22:06:34.0144 3812	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:06:34.0160 3812	IPBusEnum - ok
22:06:34.0191 3812	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:06:34.0207 3812	IpFilterDriver - ok
22:06:34.0269 3812	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:06:34.0332 3812	iphlpsvc - ok
22:06:34.0363 3812	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:06:34.0378 3812	IPMIDRV - ok
22:06:34.0394 3812	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:06:34.0425 3812	IPNAT - ok
22:06:34.0550 3812	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:06:34.0581 3812	iPod Service - ok
22:06:34.0597 3812	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:06:34.0612 3812	IRENUM - ok
22:06:34.0644 3812	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:06:34.0675 3812	isapnp - ok
22:06:34.0706 3812	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:06:34.0722 3812	iScsiPrt - ok
22:06:34.0737 3812	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:06:34.0753 3812	kbdclass - ok
22:06:34.0784 3812	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:06:34.0800 3812	kbdhid - ok
22:06:34.0831 3812	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:34.0846 3812	KeyIso - ok
22:06:34.0878 3812	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:06:34.0893 3812	KSecDD - ok
22:06:34.0909 3812	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:06:34.0924 3812	KSecPkg - ok
22:06:34.0987 3812	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:06:35.0018 3812	KtmRm - ok
22:06:35.0065 3812	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:06:35.0112 3812	LanmanServer - ok
22:06:35.0143 3812	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:06:35.0174 3812	LanmanWorkstation - ok
22:06:35.0205 3812	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:06:35.0221 3812	lltdio - ok
22:06:35.0268 3812	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:06:35.0299 3812	lltdsvc - ok
22:06:35.0299 3812	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:06:35.0330 3812	lmhosts - ok
22:06:35.0346 3812	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:06:35.0361 3812	LSI_FC - ok
22:06:35.0377 3812	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:06:35.0392 3812	LSI_SAS - ok
22:06:35.0408 3812	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:06:35.0424 3812	LSI_SAS2 - ok
22:06:35.0439 3812	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:06:35.0455 3812	LSI_SCSI - ok
22:06:35.0470 3812	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:06:35.0502 3812	luafv - ok
22:06:35.0533 3812	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:06:35.0533 3812	MBAMProtector - ok
22:06:35.0642 3812	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:06:35.0673 3812	MBAMService - ok
22:06:35.0689 3812	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:06:35.0704 3812	Mcx2Svc - ok
22:06:35.0720 3812	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:06:35.0736 3812	megasas - ok
22:06:35.0767 3812	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:06:35.0798 3812	MegaSR - ok
22:06:35.0860 3812	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:06:35.0876 3812	Microsoft Office Groove Audit Service - ok
22:06:35.0907 3812	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:35.0954 3812	MMCSS - ok
22:06:35.0970 3812	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:06:36.0001 3812	Modem - ok
22:06:36.0001 3812	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:06:36.0016 3812	monitor - ok
22:06:36.0032 3812	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:06:36.0048 3812	mouclass - ok
22:06:36.0063 3812	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:06:36.0079 3812	mouhid - ok
22:06:36.0110 3812	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:06:36.0126 3812	mountmgr - ok
22:06:36.0172 3812	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:06:36.0188 3812	MozillaMaintenance - ok
22:06:36.0235 3812	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:06:36.0266 3812	MpFilter - ok
22:06:36.0313 3812	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:06:36.0360 3812	mpio - ok
22:06:36.0375 3812	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:06:36.0422 3812	mpsdrv - ok
22:06:36.0516 3812	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:06:36.0578 3812	MpsSvc - ok
22:06:36.0609 3812	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:06:36.0629 3812	MRxDAV - ok
22:06:36.0659 3812	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:06:36.0699 3812	mrxsmb - ok
22:06:36.0719 3812	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:06:36.0749 3812	mrxsmb10 - ok
22:06:36.0769 3812	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:06:36.0789 3812	mrxsmb20 - ok
22:06:36.0819 3812	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:06:36.0839 3812	msahci - ok
22:06:36.0879 3812	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:06:36.0909 3812	msdsm - ok
22:06:36.0949 3812	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:06:36.0989 3812	MSDTC - ok
22:06:37.0019 3812	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:06:37.0059 3812	Msfs - ok
22:06:37.0069 3812	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:06:37.0099 3812	mshidkmdf - ok
22:06:37.0109 3812	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:06:37.0119 3812	msisadrv - ok
22:06:37.0159 3812	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:06:37.0179 3812	MSiSCSI - ok
22:06:37.0189 3812	msiserver - ok
22:06:37.0199 3812	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:06:37.0229 3812	MSKSSRV - ok
22:06:37.0319 3812	MsMpSvc         (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:06:37.0339 3812	MsMpSvc - ok
22:06:37.0349 3812	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:06:37.0399 3812	MSPCLOCK - ok
22:06:37.0409 3812	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:06:37.0439 3812	MSPQM - ok
22:06:37.0449 3812	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:06:37.0499 3812	MsRPC - ok
22:06:37.0529 3812	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:06:37.0539 3812	mssmbios - ok
22:06:37.0549 3812	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:06:37.0579 3812	MSTEE - ok
22:06:37.0589 3812	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:06:37.0599 3812	MTConfig - ok
22:06:37.0619 3812	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:06:37.0629 3812	Mup - ok
22:06:37.0679 3812	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:06:37.0749 3812	napagent - ok
22:06:37.0779 3812	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:06:37.0829 3812	NativeWifiP - ok
22:06:37.0889 3812	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:06:37.0929 3812	NDIS - ok
22:06:37.0949 3812	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:06:37.0989 3812	NdisCap - ok
22:06:37.0999 3812	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:06:38.0039 3812	NdisTapi - ok
22:06:38.0059 3812	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:06:38.0089 3812	Ndisuio - ok
22:06:38.0119 3812	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:06:38.0170 3812	NdisWan - ok
22:06:38.0210 3812	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:06:38.0260 3812	NDProxy - ok
22:06:38.0280 3812	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:06:38.0310 3812	NetBIOS - ok
22:06:38.0350 3812	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:06:38.0400 3812	NetBT - ok
22:06:38.0420 3812	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:38.0440 3812	Netlogon - ok
22:06:38.0480 3812	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:06:38.0520 3812	Netman - ok
22:06:38.0560 3812	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:06:38.0600 3812	netprofm - ok
22:06:38.0676 3812	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:06:38.0723 3812	NetTcpPortSharing - ok
22:06:39.0175 3812	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:06:39.0237 3812	netw5v32 - ok
22:06:39.0393 3812	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:06:39.0425 3812	nfrd960 - ok
22:06:39.0456 3812	NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:06:39.0471 3812	NisDrv - ok
22:06:39.0565 3812	NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:06:39.0612 3812	NisSrv - ok
22:06:39.0669 3812	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:06:39.0719 3812	NlaSvc - ok
22:06:39.0749 3812	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:06:39.0799 3812	nmwcd - ok
22:06:39.0819 3812	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:06:39.0839 3812	nmwcdc - ok
22:06:39.0859 3812	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:06:39.0889 3812	Npfs - ok
22:06:39.0909 3812	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:06:39.0939 3812	nsi - ok
22:06:39.0959 3812	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:06:39.0979 3812	nsiproxy - ok
22:06:40.0109 3812	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:06:40.0159 3812	Ntfs - ok
22:06:40.0179 3812	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:06:40.0209 3812	Null - ok
22:06:40.0959 3812	nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:06:41.0059 3812	nvlddmkm - ok
22:06:41.0209 3812	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:06:41.0239 3812	nvraid - ok
22:06:41.0259 3812	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:06:41.0279 3812	nvstor - ok
22:06:41.0319 3812	nvsvc           (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:06:41.0349 3812	nvsvc - ok
22:06:41.0359 3812	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:06:41.0379 3812	nv_agp - ok
22:06:41.0499 3812	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:06:41.0539 3812	odserv - ok
22:06:41.0589 3812	OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:06:41.0599 3812	OEM02Dev - ok
22:06:41.0619 3812	OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:06:41.0629 3812	OEM02Vfx - ok
22:06:41.0649 3812	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:06:41.0659 3812	ohci1394 - ok
22:06:41.0699 3812	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:06:41.0724 3812	ose - ok
22:06:41.0787 3812	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:06:41.0818 3812	p2pimsvc - ok
22:06:41.0865 3812	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:06:41.0896 3812	p2psvc - ok
22:06:41.0927 3812	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:06:41.0958 3812	Parport - ok
22:06:42.0005 3812	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:06:42.0021 3812	partmgr - ok
22:06:42.0052 3812	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:06:42.0067 3812	Parvdm - ok
22:06:42.0083 3812	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:06:42.0114 3812	PcaSvc - ok
22:06:42.0145 3812	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:06:42.0161 3812	pccsmcfd - ok
22:06:42.0208 3812	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:06:42.0239 3812	pci - ok
22:06:42.0255 3812	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:06:42.0286 3812	pciide - ok
22:06:42.0317 3812	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:06:42.0333 3812	pcmcia - ok
22:06:42.0348 3812	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:06:42.0379 3812	pcw - ok
22:06:42.0426 3812	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:06:42.0457 3812	PEAUTH - ok
22:06:42.0567 3812	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:06:42.0629 3812	PeerDistSvc - ok
22:06:42.0832 3812	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:06:42.0925 3812	pla - ok
22:06:43.0066 3812	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:06:43.0113 3812	PlugPlay - ok
22:06:43.0128 3812	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:06:43.0144 3812	PNRPAutoReg - ok
22:06:43.0191 3812	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:06:43.0206 3812	PNRPsvc - ok
22:06:43.0237 3812	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:06:43.0269 3812	PolicyAgent - ok
22:06:43.0315 3812	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:06:43.0362 3812	Power - ok
22:06:43.0425 3812	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:06:43.0471 3812	PptpMiniport - ok
22:06:43.0487 3812	PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:06:43.0503 3812	PRESONUS_AUDIOBOX_MIDI - ok
22:06:43.0549 3812	PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:06:43.0565 3812	PRESONUS_AUDIOBOX_USB - ok
22:06:43.0565 3812	PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:06:43.0581 3812	PRESONUS_AUDIOBOX_WDM - ok
22:06:43.0596 3812	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:06:43.0612 3812	Processor - ok
22:06:43.0643 3812	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:06:43.0659 3812	ProfSvc - ok
22:06:43.0690 3812	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:43.0705 3812	ProtectedStorage - ok
22:06:43.0721 3812	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:06:43.0752 3812	Psched - ok
22:06:43.0893 3812	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:06:43.0939 3812	ql2300 - ok
22:06:44.0095 3812	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:06:44.0142 3812	ql40xx - ok
22:06:44.0189 3812	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:06:44.0220 3812	QWAVE - ok
22:06:44.0236 3812	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:06:44.0251 3812	QWAVEdrv - ok
22:06:44.0267 3812	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:06:44.0298 3812	RasAcd - ok
22:06:44.0329 3812	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:06:44.0361 3812	RasAgileVpn - ok
22:06:44.0376 3812	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:06:44.0423 3812	RasAuto - ok
22:06:44.0439 3812	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:06:44.0470 3812	Rasl2tp - ok
22:06:44.0563 3812	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:06:44.0626 3812	RasMan - ok
22:06:44.0641 3812	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:06:44.0673 3812	RasPppoe - ok
22:06:44.0688 3812	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:06:44.0719 3812	RasSstp - ok
22:06:44.0766 3812	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:06:44.0813 3812	rdbss - ok
22:06:44.0813 3812	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:06:44.0844 3812	rdpbus - ok
22:06:44.0938 3812	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:06:45.0000 3812	RDPCDD - ok
22:06:45.0031 3812	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:06:45.0047 3812	RDPDR - ok
22:06:45.0047 3812	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:06:45.0094 3812	RDPENCDD - ok
22:06:45.0094 3812	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:06:45.0125 3812	RDPREFMP - ok
22:06:45.0172 3812	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:06:45.0172 3812	RDPWD - ok
22:06:45.0219 3812	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:06:45.0250 3812	rdyboost - ok
22:06:45.0281 3812	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:06:45.0328 3812	RemoteAccess - ok
22:06:45.0359 3812	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:06:45.0421 3812	RemoteRegistry - ok
22:06:45.0453 3812	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:06:45.0484 3812	RFCOMM - ok
22:06:45.0515 3812	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:06:45.0562 3812	RpcEptMapper - ok
22:06:45.0577 3812	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:06:45.0609 3812	RpcLocator - ok
22:06:45.0655 3812	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:06:45.0718 3812	RpcSs - ok
22:06:45.0749 3812	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:06:45.0780 3812	rspndr - ok
22:06:45.0827 3812	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:06:45.0858 3812	s3cap - ok
22:06:45.0889 3812	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:45.0905 3812	SamSs - ok
22:06:45.0983 3812	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:06:45.0999 3812	sbp2port - ok
22:06:46.0030 3812	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:06:46.0077 3812	SCardSvr - ok
22:06:46.0092 3812	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:06:46.0123 3812	scfilter - ok
22:06:46.0217 3812	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:06:46.0248 3812	Schedule - ok
22:06:46.0279 3812	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:06:46.0295 3812	SCPolicySvc - ok
22:06:46.0342 3812	sdbus           (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:06:46.0357 3812	sdbus - ok
22:06:46.0373 3812	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:06:46.0389 3812	SDRSVC - ok
22:06:46.0420 3812	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:06:46.0451 3812	secdrv - ok
22:06:46.0467 3812	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:06:46.0498 3812	seclogon - ok
22:06:46.0513 3812	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:06:46.0545 3812	SENS - ok
22:06:46.0576 3812	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:06:46.0607 3812	SensrSvc - ok
22:06:46.0623 3812	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:06:46.0638 3812	Serenum - ok
22:06:46.0654 3812	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:06:46.0685 3812	Serial - ok
22:06:46.0701 3812	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:06:46.0716 3812	sermouse - ok
22:06:46.0841 3812	ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:06:46.0857 3812	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:06:46.0857 3812	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:06:46.0903 3812	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:06:46.0950 3812	SessionEnv - ok
22:06:46.0950 3812	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:06:46.0966 3812	sffdisk - ok
22:06:46.0981 3812	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:06:46.0997 3812	sffp_mmc - ok
22:06:47.0013 3812	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:06:47.0028 3812	sffp_sd - ok
22:06:47.0028 3812	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:06:47.0044 3812	sfloppy - ok
22:06:47.0091 3812	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:06:47.0122 3812	SharedAccess - ok
22:06:47.0169 3812	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:06:47.0215 3812	ShellHWDetection - ok
22:06:47.0231 3812	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:06:47.0247 3812	sisagp - ok
22:06:47.0262 3812	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:06:47.0278 3812	SiSRaid2 - ok
22:06:47.0293 3812	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:06:47.0293 3812	SiSRaid4 - ok
22:06:47.0325 3812	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:06:47.0340 3812	Smb - ok
22:06:47.0371 3812	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:06:47.0387 3812	SNMPTRAP - ok
22:06:47.0465 3812	Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:06:47.0481 3812	Sony Ericsson PCCompanion - ok
22:06:47.0512 3812	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:06:47.0527 3812	spldr - ok
22:06:47.0590 3812	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:06:47.0621 3812	Spooler - ok
22:06:47.0949 3812	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:06:48.0042 3812	sppsvc - ok
22:06:48.0167 3812	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:06:48.0229 3812	sppuinotify - ok
22:06:48.0306 3812	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:06:48.0346 3812	srv - ok
22:06:48.0376 3812	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:06:48.0396 3812	srv2 - ok
22:06:48.0446 3812	SrvHsfHDA       (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:06:48.0476 3812	SrvHsfHDA - ok
22:06:48.0566 3812	SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:06:48.0606 3812	SrvHsfV92 - ok
22:06:48.0676 3812	SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:06:48.0706 3812	SrvHsfWinac - ok
22:06:48.0746 3812	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:48.0766 3812	srvnet - ok
22:06:48.0816 3812	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:06:48.0866 3812	SSDPSRV - ok
22:06:48.0886 3812	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:06:48.0926 3812	SstpSvc - ok
22:06:48.0956 3812	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:06:48.0976 3812	stexstor - ok
22:06:49.0056 3812	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:06:49.0096 3812	StiSvc - ok
22:06:49.0136 3812	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:06:49.0166 3812	storflt - ok
22:06:49.0196 3812	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:06:49.0226 3812	StorSvc - ok
22:06:49.0247 3812	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:06:49.0267 3812	storvsc - ok
22:06:49.0277 3812	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:06:49.0297 3812	swenum - ok
22:06:49.0337 3812	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:06:49.0387 3812	swprv - ok
22:06:49.0407 3812	SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:06:49.0417 3812	SynasUSB - ok
22:06:49.0537 3812	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:06:49.0587 3812	SysMain - ok
22:06:49.0617 3812	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:06:49.0637 3812	TabletInputService - ok
22:06:49.0667 3812	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:06:49.0697 3812	TapiSrv - ok
22:06:49.0717 3812	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:06:49.0747 3812	TBS - ok
22:06:49.0917 3812	Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:06:49.0957 3812	Tcpip - ok
22:06:49.0977 3812	TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:50.0007 3812	TCPIP6 - ok
22:06:50.0037 3812	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:06:50.0057 3812	tcpipreg - ok
22:06:50.0097 3812	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:06:50.0127 3812	TDPIPE - ok
22:06:50.0157 3812	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:06:50.0177 3812	TDTCP - ok
22:06:50.0197 3812	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:06:50.0227 3812	tdx - ok
22:06:50.0257 3812	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:06:50.0267 3812	TermDD - ok
22:06:50.0347 3812	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:06:50.0397 3812	TermService - ok
22:06:50.0427 3812	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:06:50.0447 3812	Themes - ok
22:06:50.0477 3812	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:50.0527 3812	THREADORDER - ok
22:06:50.0547 3812	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:06:50.0587 3812	TrkWks - ok
22:06:50.0637 3812	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:06:50.0677 3812	TrustedInstaller - ok
22:06:50.0697 3812	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:50.0717 3812	tssecsrv - ok
22:06:50.0747 3812	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:06:50.0767 3812	TsUsbFlt - ok
22:06:50.0807 3812	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:50.0847 3812	tunnel - ok
22:06:50.0877 3812	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:06:50.0897 3812	uagp35 - ok
22:06:50.0937 3812	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:06:50.0997 3812	udfs - ok
22:06:51.0017 3812	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:06:51.0047 3812	UI0Detect - ok
22:06:51.0077 3812	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:06:51.0097 3812	uliagpkx - ok
22:06:51.0127 3812	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:06:51.0147 3812	umbus - ok
22:06:51.0157 3812	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:06:51.0177 3812	UmPass - ok
22:06:51.0217 3812	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:06:51.0247 3812	UmRdpService - ok
22:06:51.0277 3812	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:06:51.0327 3812	upnphost - ok
22:06:51.0357 3812	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:06:51.0387 3812	upperdev - ok
22:06:51.0407 3812	USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:06:51.0437 3812	USBAAPL - ok
22:06:51.0467 3812	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:06:51.0487 3812	usbaudio - ok
22:06:51.0507 3812	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:51.0527 3812	usbccgp - ok
22:06:51.0577 3812	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:06:51.0607 3812	usbcir - ok
22:06:51.0627 3812	usbehci         (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:06:51.0647 3812	usbehci - ok
22:06:51.0687 3812	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:06:51.0717 3812	usbhub - ok
22:06:51.0737 3812	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:06:51.0757 3812	usbohci - ok
22:06:51.0777 3812	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:51.0807 3812	usbprint - ok
22:06:51.0847 3812	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:51.0867 3812	usbscan - ok
22:06:51.0907 3812	usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:06:51.0927 3812	usbser - ok
22:06:51.0937 3812	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:06:51.0987 3812	UsbserFilt - ok
22:06:52.0017 3812	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:52.0037 3812	USBSTOR - ok
22:06:52.0047 3812	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:06:52.0067 3812	usbuhci - ok
22:06:52.0097 3812	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:06:52.0107 3812	usbvideo - ok
22:06:52.0137 3812	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:06:52.0167 3812	UxSms - ok
22:06:52.0187 3812	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:52.0217 3812	VaultSvc - ok
22:06:52.0247 3812	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:06:52.0277 3812	vdrvroot - ok
22:06:52.0337 3812	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:06:52.0377 3812	vds - ok
22:06:52.0407 3812	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:52.0437 3812	vga - ok
22:06:52.0457 3812	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:06:52.0507 3812	VgaSave - ok
22:06:52.0557 3812	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:06:52.0587 3812	vhdmp - ok
22:06:52.0607 3812	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:06:52.0627 3812	viaagp - ok
22:06:52.0637 3812	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:06:52.0657 3812	ViaC7 - ok
22:06:52.0667 3812	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:06:52.0677 3812	viaide - ok
22:06:52.0707 3812	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:06:52.0727 3812	vmbus - ok
22:06:52.0737 3812	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:06:52.0747 3812	VMBusHID - ok
22:06:52.0767 3812	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:06:52.0777 3812	volmgr - ok
22:06:52.0807 3812	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:06:52.0827 3812	volmgrx - ok
22:06:52.0877 3812	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:06:52.0897 3812	volsnap - ok
22:06:52.0917 3812	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:52.0937 3812	vsmraid - ok
22:06:53.0087 3812	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:06:53.0137 3812	VSS - ok
22:06:53.0147 3812	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:06:53.0167 3812	vwifibus - ok
22:06:53.0217 3812	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:06:53.0277 3812	W32Time - ok
22:06:53.0287 3812	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:06:53.0307 3812	WacomPen - ok
22:06:53.0327 3812	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:53.0357 3812	WANARP - ok
22:06:53.0357 3812	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:53.0387 3812	Wanarpv6 - ok
22:06:53.0517 3812	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:06:53.0557 3812	wbengine - ok
22:06:53.0587 3812	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:06:53.0607 3812	WbioSrvc - ok
22:06:53.0637 3812	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:06:53.0657 3812	wcncsvc - ok
22:06:53.0677 3812	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:06:53.0687 3812	WcsPlugInService - ok
22:06:53.0727 3812	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:06:53.0737 3812	Wd - ok
22:06:53.0777 3812	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:06:53.0807 3812	Wdf01000 - ok
22:06:53.0827 3812	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:53.0857 3812	WdiServiceHost - ok
22:06:53.0857 3812	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:53.0877 3812	WdiSystemHost - ok
22:06:53.0907 3812	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:06:53.0937 3812	WebClient - ok
22:06:53.0957 3812	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:06:53.0997 3812	Wecsvc - ok
22:06:54.0017 3812	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:06:54.0037 3812	wercplsupport - ok
22:06:54.0057 3812	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:06:54.0077 3812	WerSvc - ok
22:06:54.0097 3812	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:54.0127 3812	WfpLwf - ok
22:06:54.0137 3812	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:06:54.0147 3812	WIMMount - ok
22:06:54.0307 3812	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:06:54.0347 3812	WinDefend - ok
22:06:54.0357 3812	WinHttpAutoProxySvc - ok
22:06:54.0437 3812	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:06:54.0487 3812	Winmgmt - ok
22:06:54.0617 3812	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:06:54.0667 3812	WinRM - ok
22:06:54.0737 3812	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:06:54.0757 3812	WinUsb - ok
22:06:54.0877 3812	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:06:54.0927 3812	Wlansvc - ok
22:06:55.0197 3812	wlidsvc         (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:55.0258 3812	wlidsvc - ok
22:06:55.0408 3812	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:06:55.0438 3812	WmiAcpi - ok
22:06:55.0508 3812	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:06:55.0538 3812	wmiApSrv - ok
22:06:55.0708 3812	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:06:55.0748 3812	WMPNetworkSvc - ok
22:06:55.0778 3812	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:06:55.0798 3812	WPCSvc - ok
22:06:55.0848 3812	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:06:55.0868 3812	WPDBusEnum - ok
22:06:55.0918 3812	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:55.0969 3812	ws2ifsl - ok
22:06:55.0985 3812	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:06:56.0016 3812	wscsvc - ok
22:06:56.0016 3812	WSearch - ok
22:06:56.0235 3812	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:06:56.0297 3812	wuauserv - ok
22:06:56.0448 3812	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:06:56.0488 3812	WudfPf - ok
22:06:56.0508 3812	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:56.0538 3812	WUDFRd - ok
22:06:56.0568 3812	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:06:56.0598 3812	wudfsvc - ok
22:06:56.0638 3812	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:06:56.0678 3812	WwanSvc - ok
22:06:56.0708 3812	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:06:57.0138 3812	\Device\Harddisk0\DR0 - ok
22:06:57.0178 3812	Boot (0x1200)   (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:06:57.0178 3812	\Device\Harddisk0\DR0\Partition0 - ok
22:06:57.0188 3812	Boot (0x1200)   (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:06:57.0188 3812	\Device\Harddisk0\DR0\Partition1 - ok
22:06:57.0188 3812	============================================================
22:06:57.0188 3812	Scan finished
22:06:57.0188 3812	============================================================
22:06:57.0208 1476	Detected object count: 1
22:06:57.0208 1476	Actual detected object count: 1
22:07:00.0990 1476	ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:07:00.0990 1476	ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

Ich habe den Text in verschieden Teilen hintereinander gepostet weil er sonst zu groß wäre.

Gruß

cosinus · 16.07.2012, 13:55

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

mno7 · 16.07.2012, 21:27

[code]
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-07-16.01 - Marius 16.07.2012  22:13:18.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2046.1078 [GMT 2:00]
ausgeführt von:: c:\users\Marius\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marius\4.0
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-16 bis 2012-07-16  ))))))))))))))))))))))))))))))
.
.
2012-07-16 20:18 . 2012-07-16 20:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-16 15:54 . 2012-05-31 03:41	6762896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{050CC739-BB33-4A1C-AECD-778F9943D200}\mpengine.dll
2012-07-14 08:44 . 2012-05-31 03:41	6762896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-14 07:59 . 2012-07-14 07:59	--------	d-----w-	C:\_OTL
2012-07-12 10:34 . 2012-06-12 02:40	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-07-08 18:51 . 2012-07-08 18:51	--------	d-----w-	c:\program files\ESET
2012-07-03 19:21 . 2012-02-11 01:18	713784	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E469E9C-35C2-41E7-A2F3-77F947ADC5AE}\gapaengine.dll
2012-07-03 16:20 . 2012-07-03 16:20	421200	----a-w-	c:\program files\Mozilla Firefox\msvcp100.dll
2012-07-03 16:20 . 2012-07-03 16:20	770384	----a-w-	c:\program files\Mozilla Firefox\msvcr100.dll
2012-07-01 21:13 . 2012-07-01 21:13	--------	d-----w-	c:\users\Marius\AppData\Roaming\Malwarebytes
2012-07-01 21:13 . 2012-07-01 21:13	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-01 21:13 . 2012-07-01 21:16	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-07-01 21:13 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-25 10:28 . 2012-06-25 10:28	--------	d-----w-	c:\users\Marius\AppData\Local\Macromedia
2012-06-19 10:22 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-19 10:22 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-19 10:22 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-19 10:22 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-19 10:21 . 2012-06-02 22:19	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-19 10:21 . 2012-06-02 22:19	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-19 10:21 . 2012-06-02 22:12	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-06-19 10:21 . 2012-06-02 13:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-19 10:21 . 2012-06-02 13:12	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-06-17 18:30 . 2012-04-26 04:45	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-17 18:30 . 2012-04-26 04:45	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-17 18:30 . 2012-04-26 04:41	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 17:34 . 2012-04-12 10:31	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-07-12 17:34 . 2011-09-11 18:54	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2006-06-15 19:33 . 2011-12-06 17:55	233472	----a-w-	c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 17:43 . 2011-12-06 17:55	204895	----a-w-	c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 13:41 . 2011-12-06 17:55	77824	----a-w-	c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 12:10 . 2011-12-06 17:55	426081	----a-w-	c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 11:19 . 2011-12-06 17:55	458752	----a-w-	c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 17:35 . 2011-12-06 17:55	139264	----a-w-	c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 10:10 . 2011-12-06 17:55	204800	----a-w-	c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 10:42 . 2011-12-06 17:55	106496	----a-w-	c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 10:22 . 2011-12-06 17:55	212992	----a-w-	c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 10:21 . 2011-12-06 17:55	167936	----a-w-	c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2012-07-03 16:20 . 2011-09-09 18:35	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DELL Webcam Manager"="c:\program files\DELL\DELL Webcam Manager\DellWMgr.exe" [2007-06-07 118784]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"ICQ"="c:\program files\ICQ7M\ICQ.exe" [2012-05-22 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 92704]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2008-06-09 96800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PRESONUS_AUDIOBOX_MIDI;Presonus AudioBox WDM MIDI Device;c:\windows\system32\drivers\psabusbm.sys [x]
R3 PRESONUS_AUDIOBOX_USB;Presonus AudioBox USB driver;c:\windows\system32\Drivers\psabusbu.sys [x]
R3 PRESONUS_AUDIOBOX_WDM;Presonus AudioBox USB WDM;c:\windows\system32\drivers\psabusba.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:34]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-16  22:20:12
ComboFix-quarantined-files.txt  2012-07-16 20:20
.
Vor Suchlauf: 7 Verzeichnis(se), 175.039.643.648 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 174.711.906.304 Bytes frei
.
- - End Of File - - B1EB8DC1169B0EEA2F308D9A642AA94B

--- --- ---

cosinus · 17.07.2012, 11:11

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

mno7 · 18.07.2012, 17:45

[code]
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-18 18:44:21
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD2500BEVS-75UST0 rev.01.01A01
Running: 1xk8r7pj.exe; Driver: C:\Users\Marius\AppData\Local\Temp\pwdiypod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                                                   82C523C9 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                     82C8BD52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                   section is writeable [0x8E820340, 0x3E9407, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                       [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                     [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                       [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                     [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                       [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                     [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]  [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]     [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]   [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]   [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress]   [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\00000046                                                                                          halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\00000070                                                                                            bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                     fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                     rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                     fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                     rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                                     fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                                     rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                     fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                     rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device          \Driver\BTHUSB \Device\0000006e                                                                                            bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \FileSystem\fastfat \Fat                                                                                                   fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26f1e699                                                
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26f1e699@8400d2e9d725                                   0xB7 0xD2 0xB3 0xE2 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26f1e699 (not active ControlSet)                            
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26f1e699@8400d2e9d725                                       0xB7 0xD2 0xB3 0xE2 ...

---- EOF - GMER 1.0.15 ----

--- --- ---

Code:

ATTFilter

OSAM Logfile:

	Code: 

 ATTFilter

  
	Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:53:56 on 18.07.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"NokiaConnectionManager" - "Nokia" - C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\Users\Marius\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"pwdiypod" (pwdiypod) - ? - C:\Users\Marius\AppData\Local\Temp\pwdiypod.sys  (Hidden registry entry, rootkit activity | File not found)
"SynasUSB" (SynasUSB) - "SIA Syncrosoft" - C:\Windows\System32\drivers\SynasUSB.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - c:\PROGRA~1\MICROS~1\shellext.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_265.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ7M" - "ICQ, LLC." - C:\Program Files\ICQ7M\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DELL Webcam Manager" - "Creative Technology Ltd." - "C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe" /s
"ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4
"PC Suite Tray" - "Nokia" - "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"MSC" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"Sony Ericsson PCCompanion" (Sony Ericsson PCCompanion) - "Avanquest Software" - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===
         
 --- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-18 18:58:00
-----------------------------
18:58:00.983    OS Version: Windows 6.1.7601 Service Pack 1
18:58:00.983    Number of processors: 2 586 0xF0A
18:58:00.993    ComputerName: MARIUS-PC  UserName: Marius
18:58:02.383    Initialize success
19:00:42.166    AVAST engine defs: 12071800
19:01:37.845    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
19:01:37.855    Disk 0 Vendor: WDC_WD2500BEVS-75UST0 01.01A01 Size: 238475MB BusType: 3
19:01:38.235    Disk 0 MBR read successfully
19:01:38.235    Disk 0 MBR scan
19:01:38.245    Disk 0 Windows 7 default MBR code
19:01:38.285    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      109 MB offset 63
19:01:38.375    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10240 MB offset 225280
19:01:38.516    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       225564 MB offset 21196800
19:01:38.536    Disk 0 Partition - 00     0F Extended LBA              2560 MB offset 483151872
19:01:38.676    Disk 0 Partition 4 00     DD              MSDOS5.0     2559 MB offset 483153920
19:01:38.926    Disk 0 scanning sectors +488394752
19:01:39.336    Disk 0 scanning C:\Windows\system32\drivers
19:02:21.649    Service scanning
19:02:42.347    Modules scanning
19:04:09.026    Disk 0 trace - called modules:
19:04:09.056    ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys VSTCNXT3.SYS intelppm.sys 
19:04:09.066    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a54a00]
19:04:09.076    3 CLASSPNP.SYS[8927159e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8597f030]
19:04:10.256    AVAST engine scan C:\Windows
19:05:07.000    AVAST engine scan C:\Windows\system32
19:21:09.993    AVAST engine scan C:\Windows\system32\drivers
19:24:08.722    AVAST engine scan C:\Users\Marius
19:39:50.513    AVAST engine scan C:\ProgramData
19:46:03.260    Scan finished successfully
19:47:08.040    Disk 0 MBR has been saved successfully to "C:\Users\Marius\Desktop\MBR.dat"
19:47:08.056    The log file has been saved successfully to "C:\Users\Marius\Desktop\aswMBR.txt"

cosinus · 19.07.2012, 09:39

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

mno7 · 20.07.2012, 16:34

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.20.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Marius :: MARIUS-PC [Administrator]

20.07.2012 16:32:54
mbam-log-2012-07-20 (16-32-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 292445
Laufzeit: 51 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

12.07.2012, 08:10	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Wie werde ich Incredibar los? Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: ATTFilter hier steht das Log __________________ Logfiles bitte immer in CODE-Tags posten

19.07.2012, 09:39	#29
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Wie werde ich Incredibar los? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Wie werde ich Incredibar los?

Plagegeister aller Art und deren Bekämpfung: Wie werde ich Incredibar los?