Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: BOO/TDss.O - Kein Zugriff auf Dateien mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.07.2012, 21:19   #1
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hallo zusammen,

habe mir vorgestern anscheinend den BOO/TDss.O eingefangen - zumindest wurde der mir von Avira angezeigt.
Der Desktophintergrund wurde schwarz und alle Desktopsymbole bis auf "Computer" und "Papierkorb" sind verschwunden.
Innerhalb von Sekunden gingen zig Fenster aus mit der Meldung "Failed to save all components for the file" oder so etwas in der Art, dazu jede Menge andere Fehlerboxen.

Nach dem ersten Versuch, das Ganze von Avira beseitigen zu lassen, bin ich in anderen Foren zuerst über den tdsskiller und Malwarebytes Anti-Malware gestolpert, damit wäre das Problem zu lösen. Hat sich leider als Schuss in den Ofen herausgestellt...und die Einträge hier haben meine Befürchtungen bestätigt, dass da wohl noch ein bisschen mehr ansteht um zumindest wieder an die Dateien heranzukommen...

Seit den ersten bzw. mehrmaligen Versuchen mit tdsskiller und Malwarebytes Anti-Malware kommen zumindest derzeit keine Pop-Up Fenster mehr hoch, auch Avira hält still und man könnte fast meinen, dass es schon etwas gebracht hätte - aber dunkle Wasser sind ja tief.

Habe jetzt schon einmal OTL laufen lassen in der Hoffnung, dass man damit vielleicht schon etwas anfangen kann.

Code:
ATTFilter
OTL logfile created on: 04.07.2012 22:12:26 - Run 2
OTL by OldTimer - Version 3.2.53.1     Folder = F:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,83% Memory free
7,71 Gb Paging File | 6,31 Gb Available in Paging File | 81,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,90 Gb Total Space | 51,94 Gb Free Space | 59,09% Space Free | Partition Type: NTFS
Drive E: | 362,76 Gb Total Space | 284,10 Gb Free Space | 78,32% Space Free | Partition Type: NTFS
Drive F: | 7,81 Gb Total Space | 7,80 Gb Free Space | 99,85% Space Free | Partition Type: FAT32
 
Computer Name: Sternekoch-PC | User Name: Sternekoch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012.05.08 22:15:13 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.07.01 04:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.04.02 23:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2011.03.29 04:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2011.03.29 04:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2006.12.19 19:23:20 | 000,094,208 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.06.23 11:10:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.08 21:13:45 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.05.10 14:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 19:23:20 | 000,094,208 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.08 22:15:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 22:15:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.16 09:23:34 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.08.16 09:23:34 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.08.16 09:23:34 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011.03.10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011.01.25 05:48:02 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.12.23 03:44:20 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.12.17 03:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.29 16:19:20 | 000,326,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found
O4 - HKCU..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{165E3CAD-B66C-41D8-B845-D44419A87475}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FC8A359-8699-4B25-9B91-FFA7CEBF435D}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.04 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012.07.04 19:09:18 | 000,000,000 | -H-D | C] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes
[2012.07.04 19:09:07 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.04 19:09:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.04 19:08:45 | 010,063,024 | -H-- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sternekoch\Desktop\mbam-setup.exe
[2012.07.04 19:07:25 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sternekoch\Desktop\tdsskiller.exe
[2012.07.04 19:07:10 | 000,000,000 | -H-D | C] -- C:\TDSSKiller_Quarantine
[2012.06.21 21:07:13 | 000,000,000 | -H-D | C] -- C:\Users\Sternekoch\.jenny
[2012.06.21 08:31:56 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.21 08:31:56 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.21 08:31:56 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.21 08:31:51 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.21 08:31:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.21 08:31:51 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.21 08:31:46 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.21 08:31:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.14 07:59:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.14 07:59:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.14 07:59:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.14 07:59:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.14 07:59:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.14 07:59:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.14 07:59:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.14 07:59:54 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.14 07:59:53 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.14 07:59:53 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.14 07:59:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.14 07:59:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.14 07:59:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 09:17:01 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 09:17:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 09:17:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 09:16:55 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 09:16:55 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 09:16:55 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 09:16:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 09:16:46 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 09:16:46 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.04 22:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.04 21:58:09 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.04 21:58:09 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.04 21:58:05 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.04 21:58:05 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.04 21:58:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.04 21:58:05 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.04 21:58:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.04 21:50:42 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2012.07.04 21:50:35 | 3103,838,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.04 20:54:48 | 000,009,290 | ---- | M] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2012.07.04 20:13:02 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr
[2012.07.04 18:52:24 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sternekoch\Desktop\tdsskiller.exe
[2012.07.04 18:51:10 | 010,063,024 | -H-- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sternekoch\Desktop\mbam-setup.exe
[2012.06.23 11:10:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.23 11:10:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.23 11:10:08 | 009,815,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.06.14 18:54:07 | 000,360,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.07.04 20:53:44 | 000,009,290 | ---- | C] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2012.07.04 20:13:02 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.04 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:51 | 000,000,256 | ---- | C] () -- C:\ProgramData\fXO0KpQrs02mTr
[2011.08.16 09:16:01 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.08.16 09:15:05 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.16 09:15:04 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.16 09:15:02 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

< End of report >
         
Bin für jede Hilfe dankbar, so langsam verzweifel ich damit...

Vielen vielen Dank!
Sternekoch

Alt 05.07.2012, 15:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Ohne die Logs von Malwarebytes und Co wird das hier nichts.
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 05.07.2012, 18:07   #3
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hallo Arne,
vielen Dank für die schnelle Reaktion! Natürlich, du hast Recht...

TDSS-log #1
Code:
ATTFilter
19:05:16.0579 1760	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
19:05:16.0860 1760	============================================================
19:05:16.0860 1760	Current date / time: 2012/07/04 19:05:16.0860
19:05:16.0860 1760	SystemInfo:
19:05:16.0860 1760	
19:05:16.0860 1760	OS Version: 6.1.7601 ServicePack: 1.0
19:05:16.0860 1760	Product type: Workstation
19:05:16.0860 1760	ComputerName: Sternekoch-PC
19:05:16.0860 1760	UserName: Sternekoch
19:05:16.0860 1760	Windows directory: C:\Windows
19:05:16.0860 1760	System windows directory: C:\Windows
19:05:16.0860 1760	Running under WOW64
19:05:16.0860 1760	Processor architecture: Intel x64
19:05:16.0860 1760	Number of processors: 4
19:05:16.0860 1760	Page size: 0x1000
19:05:16.0860 1760	Boot type: Safe boot with network
19:05:16.0860 1760	============================================================
19:05:17.0406 1760	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:05:17.0421 1760	Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:05:17.0421 1760	============================================================
19:05:17.0421 1760	\Device\Harddisk0\DR0:
19:05:17.0421 1760	MBR partitions:
19:05:17.0421 1760	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:05:17.0421 1760	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:05:17.0437 1760	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:05:17.0437 1760	\Device\Harddisk1\DR1:
19:05:17.0437 1760	MBR partitions:
19:05:17.0437 1760	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:05:17.0437 1760	============================================================
19:05:17.0484 1760	C: <-> \Device\Harddisk0\DR0\Partition1
19:05:17.0515 1760	E: <-> \Device\Harddisk0\DR0\Partition2
19:05:17.0515 1760	============================================================
19:05:17.0515 1760	Initialize success
19:05:17.0515 1760	============================================================
19:05:31.0399 0788	============================================================
19:05:31.0399 0788	Scan started
19:05:31.0399 0788	Mode: Manual; 
19:05:31.0399 0788	============================================================
19:05:32.0023 0788	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:05:32.0023 0788	1394ohci - ok
19:05:32.0054 0788	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:05:32.0070 0788	ACPI - ok
19:05:32.0101 0788	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:05:32.0101 0788	AcpiPmi - ok
19:05:32.0210 0788	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:05:32.0210 0788	AdobeARMservice - ok
19:05:32.0335 0788	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:32.0335 0788	AdobeFlashPlayerUpdateSvc - ok
19:05:32.0397 0788	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:05:32.0428 0788	adp94xx - ok
19:05:32.0506 0788	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:05:32.0538 0788	adpahci - ok
19:05:32.0569 0788	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:05:32.0569 0788	adpu320 - ok
19:05:32.0584 0788	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:05:32.0616 0788	AeLookupSvc - ok
19:05:32.0678 0788	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:05:32.0709 0788	AFD - ok
19:05:32.0740 0788	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:05:32.0740 0788	agp440 - ok
19:05:32.0772 0788	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:05:32.0772 0788	ALG - ok
19:05:32.0787 0788	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:05:32.0787 0788	aliide - ok
19:05:32.0803 0788	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:05:32.0803 0788	amdide - ok
19:05:32.0818 0788	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:05:32.0818 0788	AmdK8 - ok
19:05:32.0834 0788	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:05:32.0850 0788	AmdPPM - ok
19:05:32.0881 0788	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:05:32.0881 0788	amdsata - ok
19:05:32.0912 0788	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:05:32.0912 0788	amdsbs - ok
19:05:32.0943 0788	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:05:32.0943 0788	amdxata - ok
19:05:33.0052 0788	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:05:33.0068 0788	AntiVirSchedulerService - ok
19:05:33.0084 0788	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:05:33.0084 0788	AntiVirService - ok
19:05:33.0115 0788	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:05:33.0115 0788	AppID - ok
19:05:33.0146 0788	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:05:33.0146 0788	AppIDSvc - ok
19:05:33.0162 0788	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:05:33.0162 0788	Appinfo - ok
19:05:33.0271 0788	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:05:33.0286 0788	Apple Mobile Device - ok
19:05:33.0302 0788	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:05:33.0302 0788	arc - ok
19:05:33.0318 0788	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:05:33.0333 0788	arcsas - ok
19:05:33.0349 0788	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:33.0349 0788	AsyncMac - ok
19:05:33.0380 0788	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:05:33.0380 0788	atapi - ok
19:05:33.0489 0788	athr            (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:05:33.0552 0788	athr - ok
19:05:33.0692 0788	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:05:33.0708 0788	AudioEndpointBuilder - ok
19:05:33.0708 0788	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:05:33.0723 0788	AudioSrv - ok
19:05:33.0770 0788	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:05:33.0770 0788	avgntflt - ok
19:05:33.0801 0788	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:05:33.0801 0788	avipbb - ok
19:05:33.0817 0788	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:05:33.0832 0788	avkmgr - ok
19:05:33.0895 0788	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:05:33.0895 0788	AxInstSV - ok
19:05:33.0942 0788	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:05:33.0973 0788	b06bdrv - ok
19:05:34.0020 0788	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:34.0020 0788	b57nd60a - ok
19:05:34.0066 0788	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:05:34.0066 0788	BDESVC - ok
19:05:34.0098 0788	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:05:34.0098 0788	Beep - ok
19:05:34.0160 0788	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:05:34.0176 0788	BFE - ok
19:05:34.0238 0788	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:05:34.0316 0788	BITS - ok
19:05:34.0378 0788	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:05:34.0378 0788	blbdrive - ok
19:05:34.0456 0788	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:05:34.0488 0788	Bonjour Service - ok
19:05:34.0503 0788	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:05:34.0503 0788	bowser - ok
19:05:34.0566 0788	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:05:34.0566 0788	BrFiltLo - ok
19:05:34.0566 0788	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:05:34.0566 0788	BrFiltUp - ok
19:05:34.0597 0788	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:05:34.0597 0788	Browser - ok
19:05:34.0644 0788	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:05:34.0644 0788	Brserid - ok
19:05:34.0644 0788	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:34.0644 0788	BrSerWdm - ok
19:05:34.0659 0788	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:34.0659 0788	BrUsbMdm - ok
19:05:34.0659 0788	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:34.0659 0788	BrUsbSer - ok
19:05:34.0675 0788	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:05:34.0675 0788	BTHMODEM - ok
19:05:34.0753 0788	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:05:34.0768 0788	BTHPORT - ok
19:05:34.0815 0788	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:05:34.0815 0788	bthserv - ok
19:05:34.0846 0788	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:05:34.0846 0788	BTHUSB - ok
19:05:34.0878 0788	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:05:34.0878 0788	cdfs - ok
19:05:34.0924 0788	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:05:34.0924 0788	cdrom - ok
19:05:34.0956 0788	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:05:34.0971 0788	CertPropSvc - ok
19:05:34.0987 0788	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:05:34.0987 0788	circlass - ok
19:05:35.0018 0788	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:05:35.0034 0788	CLFS - ok
19:05:35.0096 0788	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:35.0112 0788	clr_optimization_v2.0.50727_32 - ok
19:05:35.0158 0788	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:05:35.0158 0788	clr_optimization_v2.0.50727_64 - ok
19:05:35.0236 0788	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:35.0299 0788	clr_optimization_v4.0.30319_32 - ok
19:05:35.0314 0788	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:05:35.0330 0788	clr_optimization_v4.0.30319_64 - ok
19:05:35.0361 0788	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:05:35.0377 0788	CmBatt - ok
19:05:35.0392 0788	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:05:35.0392 0788	cmdide - ok
19:05:35.0439 0788	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:05:35.0455 0788	CNG - ok
19:05:35.0470 0788	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:05:35.0470 0788	Compbatt - ok
19:05:35.0486 0788	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:05:35.0502 0788	CompositeBus - ok
19:05:35.0502 0788	COMSysApp - ok
19:05:35.0517 0788	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:05:35.0517 0788	crcdisk - ok
19:05:35.0564 0788	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:05:35.0580 0788	CryptSvc - ok
19:05:35.0626 0788	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:05:35.0658 0788	DcomLaunch - ok
19:05:35.0720 0788	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:05:35.0736 0788	defragsvc - ok
19:05:35.0767 0788	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:05:35.0767 0788	DfsC - ok
19:05:35.0798 0788	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:05:35.0814 0788	Dhcp - ok
19:05:35.0845 0788	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:05:35.0845 0788	discache - ok
19:05:35.0876 0788	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:05:35.0876 0788	Disk - ok
19:05:35.0892 0788	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:05:35.0907 0788	Dnscache - ok
19:05:35.0923 0788	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:05:35.0923 0788	dot3svc - ok
19:05:35.0954 0788	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:05:35.0954 0788	DPS - ok
19:05:36.0016 0788	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:05:36.0016 0788	drmkaud - ok
19:05:36.0094 0788	DsiWMIService   (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:05:36.0094 0788	DsiWMIService - ok
19:05:36.0157 0788	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:05:36.0188 0788	DXGKrnl - ok
19:05:36.0219 0788	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:05:36.0219 0788	EapHost - ok
19:05:36.0360 0788	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:05:36.0453 0788	ebdrv - ok
19:05:36.0531 0788	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:05:36.0531 0788	EFS - ok
19:05:36.0625 0788	EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:05:36.0640 0788	EgisTec Ticket Service - ok
19:05:36.0718 0788	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:05:36.0734 0788	ehRecvr - ok
19:05:36.0781 0788	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:05:36.0781 0788	ehSched - ok
19:05:36.0859 0788	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:05:36.0890 0788	elxstor - ok
19:05:36.0999 0788	ePowerSvc       (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:05:37.0046 0788	ePowerSvc - ok
19:05:37.0093 0788	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:05:37.0124 0788	EpsonBidirectionalService - ok
19:05:37.0218 0788	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:05:37.0218 0788	ErrDev - ok
19:05:37.0264 0788	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:05:37.0280 0788	EventSystem - ok
19:05:37.0311 0788	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:05:37.0311 0788	exfat - ok
19:05:37.0342 0788	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:05:37.0342 0788	fastfat - ok
19:05:37.0405 0788	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:05:37.0420 0788	Fax - ok
19:05:37.0436 0788	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:05:37.0436 0788	fdc - ok
19:05:37.0467 0788	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:05:37.0467 0788	fdPHost - ok
19:05:37.0467 0788	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:05:37.0467 0788	FDResPub - ok
19:05:37.0498 0788	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:05:37.0498 0788	FileInfo - ok
19:05:37.0514 0788	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:05:37.0514 0788	Filetrace - ok
19:05:37.0623 0788	FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:05:37.0639 0788	FLEXnet Licensing Service - ok
19:05:37.0686 0788	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:05:37.0686 0788	flpydisk - ok
19:05:37.0732 0788	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:05:37.0732 0788	FltMgr - ok
19:05:37.0795 0788	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:05:37.0842 0788	FontCache - ok
19:05:37.0904 0788	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:37.0904 0788	FontCache3.0.0.0 - ok
19:05:37.0951 0788	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:05:37.0951 0788	FsDepends - ok
19:05:37.0966 0788	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:05:37.0966 0788	Fs_Rec - ok
19:05:37.0998 0788	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:05:38.0013 0788	fvevol - ok
19:05:38.0044 0788	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:05:38.0044 0788	gagp30kx - ok
19:05:38.0076 0788	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:05:38.0076 0788	GEARAspiWDM - ok
19:05:38.0122 0788	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:05:38.0154 0788	gpsvc - ok
19:05:38.0169 0788	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:05:38.0169 0788	hcw85cir - ok
19:05:38.0216 0788	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:05:38.0232 0788	HdAudAddService - ok
19:05:38.0263 0788	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:38.0263 0788	HDAudBus - ok
19:05:38.0263 0788	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:05:38.0263 0788	HidBatt - ok
19:05:38.0278 0788	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:05:38.0278 0788	HidBth - ok
19:05:38.0278 0788	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:05:38.0294 0788	HidIr - ok
19:05:38.0310 0788	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:05:38.0310 0788	hidserv - ok
19:05:38.0341 0788	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:05:38.0341 0788	HidUsb - ok
19:05:38.0372 0788	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:05:38.0372 0788	hkmsvc - ok
19:05:38.0403 0788	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:05:38.0419 0788	HomeGroupListener - ok
19:05:38.0450 0788	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:05:38.0450 0788	HomeGroupProvider - ok
19:05:38.0450 0788	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:05:38.0466 0788	HpSAMD - ok
19:05:38.0512 0788	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:05:38.0544 0788	HTTP - ok
19:05:38.0544 0788	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:05:38.0544 0788	hwpolicy - ok
19:05:38.0575 0788	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:38.0575 0788	i8042prt - ok
19:05:38.0606 0788	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:05:38.0622 0788	iaStor - ok
19:05:38.0653 0788	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:05:38.0668 0788	iaStorV - ok
19:05:38.0778 0788	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:05:38.0809 0788	idsvc - ok
19:05:39.0417 0788	igfx            (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:05:39.0636 0788	igfx - ok
19:05:39.0729 0788	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:05:39.0729 0788	iirsp - ok
19:05:39.0776 0788	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:05:39.0807 0788	IKEEXT - ok
19:05:39.0948 0788	IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:05:40.0010 0788	IntcAzAudAddService - ok
19:05:40.0119 0788	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:05:40.0135 0788	IntcDAud - ok
19:05:40.0166 0788	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:05:40.0166 0788	intelide - ok
19:05:40.0197 0788	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:05:40.0197 0788	intelppm - ok
19:05:40.0213 0788	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:05:40.0213 0788	IPBusEnum - ok
19:05:40.0244 0788	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:40.0244 0788	IpFilterDriver - ok
19:05:40.0291 0788	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:05:40.0306 0788	iphlpsvc - ok
19:05:40.0322 0788	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:05:40.0322 0788	IPMIDRV - ok
19:05:40.0338 0788	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:05:40.0369 0788	IPNAT - ok
19:05:40.0478 0788	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:05:40.0509 0788	iPod Service - ok
19:05:40.0525 0788	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:05:40.0525 0788	IRENUM - ok
19:05:40.0556 0788	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:05:40.0556 0788	isapnp - ok
19:05:40.0587 0788	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:05:40.0587 0788	iScsiPrt - ok
19:05:40.0618 0788	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:40.0618 0788	kbdclass - ok
19:05:40.0634 0788	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:05:40.0650 0788	kbdhid - ok
19:05:40.0665 0788	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:40.0681 0788	KeyIso - ok
19:05:40.0681 0788	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:05:40.0681 0788	KSecDD - ok
19:05:40.0712 0788	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:05:40.0712 0788	KSecPkg - ok
19:05:40.0743 0788	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:05:40.0743 0788	ksthunk - ok
19:05:40.0774 0788	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:05:40.0790 0788	KtmRm - ok
19:05:40.0837 0788	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:05:40.0837 0788	L1C - ok
19:05:40.0884 0788	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:05:40.0884 0788	LanmanServer - ok
19:05:40.0899 0788	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:05:40.0915 0788	LanmanWorkstation - ok
19:05:40.0993 0788	Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:05:41.0008 0788	Live Updater Service - ok
19:05:41.0024 0788	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:05:41.0024 0788	lltdio - ok
19:05:41.0071 0788	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:05:41.0086 0788	lltdsvc - ok
19:05:41.0118 0788	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:05:41.0118 0788	lmhosts - ok
19:05:41.0196 0788	LMS             (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:05:41.0211 0788	LMS - ok
19:05:41.0274 0788	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:05:41.0274 0788	LSI_FC - ok
19:05:41.0305 0788	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:05:41.0305 0788	LSI_SAS - ok
19:05:41.0320 0788	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:05:41.0320 0788	LSI_SAS2 - ok
19:05:41.0336 0788	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:05:41.0352 0788	LSI_SCSI - ok
19:05:41.0383 0788	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:05:41.0383 0788	luafv - ok
19:05:41.0414 0788	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:05:41.0414 0788	Mcx2Svc - ok
19:05:41.0414 0788	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:05:41.0414 0788	megasas - ok
19:05:41.0461 0788	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:05:41.0476 0788	MegaSR - ok
19:05:41.0539 0788	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:05:41.0539 0788	MEIx64 - ok
19:05:41.0601 0788	Microsoft SharePoint Workspace Audit Service - ok
19:05:41.0648 0788	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:05:41.0648 0788	MMCSS - ok
19:05:41.0664 0788	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:05:41.0664 0788	Modem - ok
19:05:41.0695 0788	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:05:41.0695 0788	monitor - ok
19:05:41.0710 0788	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:05:41.0710 0788	mouclass - ok
19:05:41.0726 0788	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:05:41.0742 0788	mouhid - ok
19:05:41.0757 0788	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:05:41.0773 0788	mountmgr - ok
19:05:41.0804 0788	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:05:41.0804 0788	mpio - ok
19:05:41.0820 0788	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:05:41.0820 0788	mpsdrv - ok
19:05:41.0866 0788	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:05:41.0898 0788	MpsSvc - ok
19:05:41.0913 0788	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:05:41.0913 0788	MRxDAV - ok
19:05:41.0929 0788	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:41.0929 0788	mrxsmb - ok
19:05:41.0991 0788	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:41.0991 0788	mrxsmb10 - ok
19:05:42.0007 0788	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:42.0007 0788	mrxsmb20 - ok
19:05:42.0022 0788	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:05:42.0022 0788	msahci - ok
19:05:42.0054 0788	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:05:42.0069 0788	msdsm - ok
19:05:42.0100 0788	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:05:42.0100 0788	MSDTC - ok
19:05:42.0116 0788	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:05:42.0116 0788	Msfs - ok
19:05:42.0132 0788	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:05:42.0132 0788	mshidkmdf - ok
19:05:42.0132 0788	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:05:42.0132 0788	msisadrv - ok
19:05:42.0194 0788	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:05:42.0194 0788	MSiSCSI - ok
19:05:42.0194 0788	msiserver - ok
19:05:42.0210 0788	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:05:42.0210 0788	MSKSSRV - ok
19:05:42.0225 0788	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:42.0225 0788	MSPCLOCK - ok
19:05:42.0225 0788	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:05:42.0225 0788	MSPQM - ok
19:05:42.0272 0788	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:05:42.0303 0788	MsRPC - ok
19:05:42.0303 0788	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:05:42.0303 0788	mssmbios - ok
19:05:42.0319 0788	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:05:42.0319 0788	MSTEE - ok
19:05:42.0334 0788	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:05:42.0334 0788	MTConfig - ok
19:05:42.0334 0788	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:05:42.0334 0788	Mup - ok
19:05:42.0350 0788	mwlPSDFilter    (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:05:42.0350 0788	mwlPSDFilter - ok
19:05:42.0350 0788	mwlPSDNServ     (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:05:42.0350 0788	mwlPSDNServ - ok
19:05:42.0366 0788	mwlPSDVDisk     (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:05:42.0366 0788	mwlPSDVDisk - ok
19:05:42.0397 0788	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:05:42.0428 0788	napagent - ok
19:05:42.0490 0788	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:05:42.0506 0788	NativeWifiP - ok
19:05:42.0568 0788	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:05:42.0584 0788	NDIS - ok
19:05:42.0615 0788	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:42.0615 0788	NdisCap - ok
19:05:42.0615 0788	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:42.0631 0788	NdisTapi - ok
19:05:42.0631 0788	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:42.0631 0788	Ndisuio - ok
19:05:42.0646 0788	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:42.0646 0788	NdisWan - ok
19:05:42.0678 0788	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:05:42.0678 0788	NDProxy - ok
19:05:42.0678 0788	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:05:42.0678 0788	NetBIOS - ok
19:05:42.0709 0788	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:05:42.0724 0788	NetBT - ok
19:05:42.0756 0788	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:42.0756 0788	Netlogon - ok
19:05:42.0802 0788	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:05:42.0818 0788	Netman - ok
19:05:42.0849 0788	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:05:42.0865 0788	netprofm - ok
19:05:42.0927 0788	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:05:42.0943 0788	NetTcpPortSharing - ok
19:05:42.0990 0788	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:05:43.0005 0788	nfrd960 - ok
19:05:43.0052 0788	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:05:43.0068 0788	NlaSvc - ok
19:05:43.0068 0788	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:05:43.0083 0788	Npfs - ok
19:05:43.0083 0788	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:05:43.0083 0788	nsi - ok
19:05:43.0083 0788	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:05:43.0083 0788	nsiproxy - ok
19:05:43.0161 0788	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:05:43.0192 0788	Ntfs - ok
19:05:43.0255 0788	NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:05:43.0270 0788	NTI IScheduleSvc - ok
19:05:43.0364 0788	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:05:43.0364 0788	NTIDrvr - ok
19:05:43.0380 0788	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:05:43.0380 0788	Null - ok
19:05:43.0426 0788	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:05:43.0426 0788	nvraid - ok
19:05:43.0442 0788	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:05:43.0442 0788	nvstor - ok
19:05:43.0473 0788	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:05:43.0489 0788	nv_agp - ok
19:05:43.0489 0788	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:05:43.0504 0788	ohci1394 - ok
19:05:43.0582 0788	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:05:43.0582 0788	ose - ok
19:05:43.0848 0788	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:05:43.0957 0788	osppsvc - ok
19:05:44.0082 0788	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:05:44.0097 0788	p2pimsvc - ok
19:05:44.0128 0788	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:05:44.0144 0788	p2psvc - ok
19:05:44.0191 0788	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:05:44.0191 0788	Parport - ok
19:05:44.0222 0788	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:05:44.0222 0788	partmgr - ok
19:05:44.0253 0788	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:05:44.0253 0788	PcaSvc - ok
19:05:44.0269 0788	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:05:44.0284 0788	pci - ok
19:05:44.0300 0788	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:05:44.0300 0788	pciide - ok
19:05:44.0331 0788	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:05:44.0331 0788	pcmcia - ok
19:05:44.0331 0788	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:05:44.0331 0788	pcw - ok
19:05:44.0394 0788	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:05:44.0425 0788	PEAUTH - ok
19:05:44.0487 0788	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:05:44.0534 0788	PerfHost - ok
19:05:44.0612 0788	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:05:44.0659 0788	pla - ok
19:05:44.0706 0788	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:05:44.0706 0788	PlugPlay - ok
19:05:44.0737 0788	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:05:44.0737 0788	PNRPAutoReg - ok
19:05:44.0768 0788	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:05:44.0768 0788	PNRPsvc - ok
19:05:44.0799 0788	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:05:44.0830 0788	PolicyAgent - ok
19:05:44.0846 0788	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:05:44.0846 0788	Power - ok
19:05:44.0908 0788	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:05:44.0924 0788	PptpMiniport - ok
19:05:44.0940 0788	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:05:44.0940 0788	Processor - ok
19:05:44.0986 0788	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:05:45.0002 0788	ProfSvc - ok
19:05:45.0018 0788	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:45.0018 0788	ProtectedStorage - ok
19:05:45.0049 0788	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:05:45.0049 0788	Psched - ok
19:05:45.0127 0788	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:05:45.0158 0788	ql2300 - ok
19:05:45.0252 0788	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:05:45.0252 0788	ql40xx - ok
19:05:45.0283 0788	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:05:45.0283 0788	QWAVE - ok
19:05:45.0298 0788	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:05:45.0314 0788	QWAVEdrv - ok
19:05:45.0314 0788	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:05:45.0314 0788	RasAcd - ok
19:05:45.0330 0788	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:45.0330 0788	RasAgileVpn - ok
19:05:45.0345 0788	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:05:45.0361 0788	RasAuto - ok
19:05:45.0392 0788	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:45.0392 0788	Rasl2tp - ok
19:05:45.0423 0788	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:05:45.0439 0788	RasMan - ok
19:05:45.0454 0788	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:45.0454 0788	RasPppoe - ok
19:05:45.0470 0788	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:05:45.0470 0788	RasSstp - ok
19:05:45.0501 0788	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:05:45.0517 0788	rdbss - ok
19:05:45.0548 0788	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:05:45.0548 0788	rdpbus - ok
19:05:45.0564 0788	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:45.0564 0788	RDPCDD - ok
19:05:45.0579 0788	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:05:45.0579 0788	RDPENCDD - ok
19:05:45.0579 0788	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:05:45.0579 0788	RDPREFMP - ok
19:05:45.0626 0788	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:05:45.0626 0788	RDPWD - ok
19:05:45.0657 0788	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:05:45.0657 0788	rdyboost - ok
19:05:45.0688 0788	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:05:45.0688 0788	RemoteAccess - ok
19:05:45.0720 0788	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:05:45.0720 0788	RemoteRegistry - ok
19:05:45.0751 0788	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:05:45.0751 0788	RpcEptMapper - ok
19:05:45.0766 0788	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:05:45.0766 0788	RpcLocator - ok
19:05:45.0798 0788	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:05:45.0798 0788	RpcSs - ok
19:05:45.0876 0788	RSPCIESTOR      (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:05:45.0891 0788	RSPCIESTOR - ok
19:05:45.0922 0788	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:05:45.0922 0788	rspndr - ok
19:05:45.0938 0788	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:45.0938 0788	SamSs - ok
19:05:45.0969 0788	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:05:45.0969 0788	sbp2port - ok
19:05:46.0016 0788	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:05:46.0016 0788	SCardSvr - ok
19:05:46.0032 0788	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:05:46.0032 0788	scfilter - ok
19:05:46.0094 0788	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:05:46.0141 0788	Schedule - ok
19:05:46.0172 0788	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:05:46.0172 0788	SCPolicySvc - ok
19:05:46.0203 0788	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:05:46.0203 0788	SDRSVC - ok
19:05:46.0266 0788	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:05:46.0266 0788	secdrv - ok
19:05:46.0297 0788	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:05:46.0297 0788	seclogon - ok
19:05:46.0312 0788	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:05:46.0328 0788	SENS - ok
19:05:46.0359 0788	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:05:46.0359 0788	SensrSvc - ok
19:05:46.0390 0788	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:05:46.0390 0788	Serenum - ok
19:05:46.0437 0788	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:05:46.0468 0788	Serial - ok
19:05:46.0468 0788	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:05:46.0468 0788	sermouse - ok
19:05:46.0515 0788	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:05:46.0515 0788	SessionEnv - ok
19:05:46.0515 0788	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:05:46.0515 0788	sffdisk - ok
19:05:46.0531 0788	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:05:46.0531 0788	sffp_mmc - ok
19:05:46.0531 0788	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:05:46.0531 0788	sffp_sd - ok
19:05:46.0546 0788	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:05:46.0546 0788	sfloppy - ok
19:05:46.0578 0788	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:05:46.0593 0788	SharedAccess - ok
19:05:46.0624 0788	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:05:46.0624 0788	ShellHWDetection - ok
19:05:46.0671 0788	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:05:46.0671 0788	SiSRaid2 - ok
19:05:46.0687 0788	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:05:46.0687 0788	SiSRaid4 - ok
19:05:46.0718 0788	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:05:46.0734 0788	Smb - ok
19:05:46.0780 0788	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:05:46.0780 0788	SNMPTRAP - ok
19:05:46.0796 0788	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:05:46.0796 0788	spldr - ok
19:05:46.0827 0788	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:05:46.0858 0788	Spooler - ok
19:05:47.0014 0788	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:05:47.0092 0788	sppsvc - ok
19:05:47.0186 0788	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:05:47.0202 0788	sppuinotify - ok
19:05:47.0233 0788	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:05:47.0248 0788	srv - ok
19:05:47.0264 0788	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:05:47.0280 0788	srv2 - ok
19:05:47.0295 0788	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:05:47.0311 0788	srvnet - ok
19:05:47.0358 0788	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:05:47.0358 0788	SSDPSRV - ok
19:05:47.0373 0788	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:05:47.0373 0788	SstpSvc - ok
19:05:47.0389 0788	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:05:47.0389 0788	stexstor - ok
19:05:47.0451 0788	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:05:47.0467 0788	stisvc - ok
19:05:47.0498 0788	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:05:47.0498 0788	swenum - ok
19:05:47.0514 0788	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:05:47.0545 0788	swprv - ok
19:05:47.0638 0788	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:05:47.0638 0788	SynTP - ok
19:05:47.0794 0788	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:05:47.0857 0788	SysMain - ok
19:05:47.0919 0788	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:05:47.0919 0788	TabletInputService - ok
19:05:47.0950 0788	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:05:47.0950 0788	TapiSrv - ok
19:05:47.0997 0788	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:05:47.0997 0788	TBS - ok
19:05:48.0122 0788	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:05:48.0153 0788	Tcpip - ok
19:05:48.0325 0788	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:05:48.0325 0788	TCPIP6 - ok
19:05:48.0418 0788	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:05:48.0418 0788	tcpipreg - ok
19:05:48.0434 0788	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:05:48.0434 0788	TDPIPE - ok
19:05:48.0465 0788	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:05:48.0465 0788	TDTCP - ok
19:05:48.0512 0788	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:05:48.0528 0788	tdx - ok
19:05:48.0528 0788	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:05:48.0543 0788	TermDD - ok
19:05:48.0574 0788	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:05:48.0606 0788	TermService - ok
19:05:48.0606 0788	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:05:48.0606 0788	Themes - ok
19:05:48.0637 0788	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:05:48.0637 0788	THREADORDER - ok
19:05:48.0652 0788	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:05:48.0652 0788	TrkWks - ok
19:05:48.0699 0788	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:05:48.0699 0788	TrustedInstaller - ok
19:05:48.0730 0788	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:48.0730 0788	tssecsrv - ok
19:05:48.0762 0788	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:05:48.0762 0788	TsUsbFlt - ok
19:05:48.0777 0788	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:05:48.0777 0788	TsUsbGD - ok
19:05:48.0793 0788	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:05:48.0808 0788	tunnel - ok
19:05:48.0808 0788	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:05:48.0824 0788	uagp35 - ok
19:05:48.0824 0788	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:05:48.0824 0788	UBHelper - ok
19:05:48.0840 0788	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:05:48.0840 0788	udfs - ok
19:05:48.0871 0788	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:05:48.0871 0788	UI0Detect - ok
19:05:48.0918 0788	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:05:48.0918 0788	uliagpkx - ok
19:05:48.0949 0788	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:05:48.0949 0788	umbus - ok
19:05:48.0949 0788	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:05:48.0949 0788	UmPass - ok
19:05:49.0105 0788	UNS             (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:05:49.0167 0788	UNS - ok
19:05:49.0261 0788	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:05:49.0276 0788	upnphost - ok
19:05:49.0323 0788	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:05:49.0339 0788	USBAAPL64 - ok
19:05:49.0354 0788	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:05:49.0370 0788	usbccgp - ok
19:05:49.0401 0788	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:05:49.0401 0788	usbcir - ok
19:05:49.0401 0788	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:05:49.0417 0788	usbehci - ok
19:05:49.0479 0788	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:05:49.0495 0788	usbhub - ok
19:05:49.0510 0788	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:05:49.0510 0788	usbohci - ok
19:05:49.0542 0788	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:05:49.0542 0788	usbprint - ok
19:05:49.0557 0788	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:05:49.0557 0788	USBSTOR - ok
19:05:49.0588 0788	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:05:49.0588 0788	usbuhci - ok
19:05:49.0620 0788	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:05:49.0635 0788	usbvideo - ok
19:05:49.0651 0788	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:05:49.0651 0788	UxSms - ok
19:05:49.0682 0788	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:49.0682 0788	VaultSvc - ok
19:05:49.0682 0788	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:05:49.0698 0788	vdrvroot - ok
19:05:49.0729 0788	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:05:49.0744 0788	vds - ok
19:05:49.0776 0788	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:49.0776 0788	vga - ok
19:05:49.0776 0788	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:05:49.0776 0788	VgaSave - ok
19:05:49.0791 0788	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:05:49.0807 0788	vhdmp - ok
19:05:49.0807 0788	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:05:49.0807 0788	viaide - ok
19:05:49.0807 0788	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:05:49.0807 0788	volmgr - ok
19:05:49.0854 0788	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:05:49.0869 0788	volmgrx - ok
19:05:49.0885 0788	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:05:49.0885 0788	volsnap - ok
19:05:49.0916 0788	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:05:49.0916 0788	vsmraid - ok
19:05:50.0010 0788	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:05:50.0041 0788	VSS - ok
19:05:50.0134 0788	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:05:50.0134 0788	vwifibus - ok
19:05:50.0150 0788	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:05:50.0150 0788	vwififlt - ok
19:05:50.0197 0788	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:05:50.0197 0788	W32Time - ok
19:05:50.0228 0788	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:05:50.0228 0788	WacomPen - ok
19:05:50.0244 0788	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:50.0244 0788	WANARP - ok
19:05:50.0259 0788	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:50.0259 0788	Wanarpv6 - ok
19:05:50.0337 0788	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:05:50.0368 0788	wbengine - ok
19:05:50.0446 0788	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:05:50.0446 0788	WbioSrvc - ok
19:05:50.0478 0788	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:05:50.0493 0788	wcncsvc - ok
19:05:50.0509 0788	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:05:50.0509 0788	WcsPlugInService - ok
19:05:50.0540 0788	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:05:50.0556 0788	Wd - ok
19:05:50.0587 0788	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:05:50.0602 0788	Wdf01000 - ok
19:05:50.0634 0788	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:05:50.0634 0788	WdiServiceHost - ok
19:05:50.0634 0788	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:05:50.0634 0788	WdiSystemHost - ok
19:05:50.0665 0788	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:05:50.0665 0788	WebClient - ok
19:05:50.0696 0788	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:05:50.0696 0788	Wecsvc - ok
19:05:50.0712 0788	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:05:50.0727 0788	wercplsupport - ok
19:05:50.0743 0788	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:05:50.0743 0788	WerSvc - ok
19:05:50.0790 0788	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:05:50.0790 0788	WfpLwf - ok
19:05:50.0805 0788	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:05:50.0805 0788	WIMMount - ok
19:05:50.0836 0788	WinDefend - ok
19:05:50.0852 0788	WinHttpAutoProxySvc - ok
19:05:50.0914 0788	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:05:50.0914 0788	Winmgmt - ok
19:05:51.0008 0788	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:05:51.0070 0788	WinRM - ok
19:05:51.0195 0788	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:05:51.0226 0788	Wlansvc - ok
19:05:51.0398 0788	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:05:51.0492 0788	wlidsvc - ok
19:05:51.0648 0788	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:05:51.0648 0788	WmiAcpi - ok
19:05:51.0726 0788	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:05:51.0726 0788	wmiApSrv - ok
19:05:51.0772 0788	WMPNetworkSvc - ok
19:05:51.0804 0788	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:05:51.0819 0788	WPCSvc - ok
19:05:51.0835 0788	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:05:51.0835 0788	WPDBusEnum - ok
19:05:51.0866 0788	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:05:51.0866 0788	ws2ifsl - ok
19:05:51.0882 0788	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:05:51.0882 0788	wscsvc - ok
19:05:51.0882 0788	WSearch - ok
19:05:52.0022 0788	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:05:52.0100 0788	wuauserv - ok
19:05:52.0194 0788	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:05:52.0194 0788	WudfPf - ok
19:05:52.0209 0788	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:52.0209 0788	WUDFRd - ok
19:05:52.0240 0788	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:05:52.0240 0788	wudfsvc - ok
19:05:52.0272 0788	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:05:52.0272 0788	WwanSvc - ok
19:05:52.0318 0788	MBR (0x1B8)     (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:05:52.0350 0788	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:05:52.0350 0788	\Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:05:52.0350 0788	MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:05:58.0761 0788	\Device\Harddisk1\DR1 - ok
19:05:58.0777 0788	Boot (0x1200)   (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:05:58.0777 0788	\Device\Harddisk0\DR0\Partition0 - ok
19:05:58.0792 0788	Boot (0x1200)   (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:05:58.0792 0788	\Device\Harddisk0\DR0\Partition1 - ok
19:05:58.0808 0788	Boot (0x1200)   (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:05:58.0808 0788	\Device\Harddisk0\DR0\Partition2 - ok
19:05:58.0824 0788	Boot (0x1200)   (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:05:58.0824 0788	\Device\Harddisk1\DR1\Partition0 - ok
19:05:58.0824 0788	============================================================
19:05:58.0824 0788	Scan finished
19:05:58.0824 0788	============================================================
19:05:58.0839 1916	Detected object count: 1
19:05:58.0839 1916	Actual detected object count: 1
19:07:10.0615 1916	\Device\Harddisk0\DR0\# - copied to quarantine
19:07:10.0615 1916	\Device\Harddisk0\DR0 - copied to quarantine
19:07:10.0833 1916	\Device\Harddisk0\DR0 - processing error
19:07:17.0027 1916	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure 
19:07:21.0504 1820	Deinitialize success
         

TDSS-log #2
Code:
ATTFilter
19:07:27.0369 1708	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
19:07:27.0463 1708	============================================================
19:07:27.0463 1708	Current date / time: 2012/07/04 19:07:27.0463
19:07:27.0463 1708	SystemInfo:
19:07:27.0463 1708	
19:07:27.0463 1708	OS Version: 6.1.7601 ServicePack: 1.0
19:07:27.0463 1708	Product type: Workstation
19:07:27.0463 1708	ComputerName: Sternekoch-PC
19:07:27.0463 1708	UserName: Sternekoch
19:07:27.0463 1708	Windows directory: C:\Windows
19:07:27.0463 1708	System windows directory: C:\Windows
19:07:27.0463 1708	Running under WOW64
19:07:27.0463 1708	Processor architecture: Intel x64
19:07:27.0463 1708	Number of processors: 4
19:07:27.0463 1708	Page size: 0x1000
19:07:27.0463 1708	Boot type: Safe boot with network
19:07:27.0463 1708	============================================================
19:07:27.0962 1708	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:07:27.0978 1708	Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:07:27.0978 1708	============================================================
19:07:27.0978 1708	\Device\Harddisk0\DR0:
19:07:27.0978 1708	MBR partitions:
19:07:27.0978 1708	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:07:27.0978 1708	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:07:27.0993 1708	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:07:27.0993 1708	\Device\Harddisk1\DR1:
19:07:27.0993 1708	MBR partitions:
19:07:27.0993 1708	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:07:27.0993 1708	============================================================
19:07:28.0025 1708	C: <-> \Device\Harddisk0\DR0\Partition1
19:07:28.0040 1708	E: <-> \Device\Harddisk0\DR0\Partition2
19:07:28.0040 1708	============================================================
19:07:28.0040 1708	Initialize success
19:07:28.0040 1708	============================================================
19:07:29.0522 1192	============================================================
19:07:29.0522 1192	Scan started
19:07:29.0522 1192	Mode: Manual; 
19:07:29.0522 1192	============================================================
19:07:30.0053 1192	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:07:30.0053 1192	1394ohci - ok
19:07:30.0099 1192	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:07:30.0099 1192	ACPI - ok
19:07:30.0131 1192	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:07:30.0131 1192	AcpiPmi - ok
19:07:30.0240 1192	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:30.0240 1192	AdobeARMservice - ok
19:07:30.0349 1192	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:30.0349 1192	AdobeFlashPlayerUpdateSvc - ok
19:07:30.0411 1192	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:07:30.0411 1192	adp94xx - ok
19:07:30.0489 1192	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:07:30.0505 1192	adpahci - ok
19:07:30.0521 1192	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:07:30.0521 1192	adpu320 - ok
19:07:30.0567 1192	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:07:30.0567 1192	AeLookupSvc - ok
19:07:30.0645 1192	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:07:30.0661 1192	AFD - ok
19:07:30.0677 1192	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:07:30.0692 1192	agp440 - ok
19:07:30.0708 1192	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:07:30.0708 1192	ALG - ok
19:07:30.0739 1192	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:07:30.0739 1192	aliide - ok
19:07:30.0770 1192	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:07:30.0770 1192	amdide - ok
19:07:30.0770 1192	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:07:30.0770 1192	AmdK8 - ok
19:07:30.0786 1192	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:07:30.0786 1192	AmdPPM - ok
19:07:30.0817 1192	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:07:30.0817 1192	amdsata - ok
19:07:30.0848 1192	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:07:30.0848 1192	amdsbs - ok
19:07:30.0879 1192	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:07:30.0879 1192	amdxata - ok
19:07:31.0004 1192	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:07:31.0004 1192	AntiVirSchedulerService - ok
19:07:31.0004 1192	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:07:31.0004 1192	AntiVirService - ok
19:07:31.0051 1192	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:07:31.0051 1192	AppID - ok
19:07:31.0082 1192	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:07:31.0082 1192	AppIDSvc - ok
19:07:31.0098 1192	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:07:31.0098 1192	Appinfo - ok
19:07:31.0191 1192	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:31.0191 1192	Apple Mobile Device - ok
19:07:31.0223 1192	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:07:31.0223 1192	arc - ok
19:07:31.0238 1192	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:07:31.0238 1192	arcsas - ok
19:07:31.0269 1192	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:31.0269 1192	AsyncMac - ok
19:07:31.0285 1192	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:07:31.0285 1192	atapi - ok
19:07:31.0394 1192	athr            (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:07:31.0410 1192	athr - ok
19:07:31.0535 1192	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:07:31.0535 1192	AudioEndpointBuilder - ok
19:07:31.0550 1192	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:07:31.0566 1192	AudioSrv - ok
19:07:31.0597 1192	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:07:31.0597 1192	avgntflt - ok
19:07:31.0628 1192	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:07:31.0628 1192	avipbb - ok
19:07:31.0659 1192	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:07:31.0659 1192	avkmgr - ok
19:07:31.0722 1192	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:07:31.0722 1192	AxInstSV - ok
19:07:31.0784 1192	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:07:31.0784 1192	b06bdrv - ok
19:07:31.0815 1192	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:31.0815 1192	b57nd60a - ok
19:07:31.0847 1192	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:07:31.0847 1192	BDESVC - ok
19:07:31.0878 1192	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:07:31.0878 1192	Beep - ok
19:07:31.0925 1192	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:07:31.0925 1192	BFE - ok
19:07:31.0987 1192	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:07:32.0003 1192	BITS - ok
19:07:32.0081 1192	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:07:32.0081 1192	blbdrive - ok
19:07:32.0159 1192	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:07:32.0174 1192	Bonjour Service - ok
19:07:32.0205 1192	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:07:32.0205 1192	bowser - ok
19:07:32.0221 1192	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:07:32.0221 1192	BrFiltLo - ok
19:07:32.0221 1192	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:07:32.0221 1192	BrFiltUp - ok
19:07:32.0252 1192	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:07:32.0268 1192	Browser - ok
19:07:32.0299 1192	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:07:32.0299 1192	Brserid - ok
19:07:32.0299 1192	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:32.0299 1192	BrSerWdm - ok
19:07:32.0315 1192	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:32.0315 1192	BrUsbMdm - ok
19:07:32.0315 1192	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:32.0315 1192	BrUsbSer - ok
19:07:32.0315 1192	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:07:32.0315 1192	BTHMODEM - ok
19:07:32.0393 1192	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:07:32.0393 1192	BTHPORT - ok
19:07:32.0439 1192	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:07:32.0455 1192	bthserv - ok
19:07:32.0486 1192	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:07:32.0486 1192	BTHUSB - ok
19:07:32.0517 1192	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:07:32.0517 1192	cdfs - ok
19:07:32.0549 1192	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:07:32.0549 1192	cdrom - ok
19:07:32.0595 1192	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:07:32.0595 1192	CertPropSvc - ok
19:07:32.0627 1192	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:07:32.0627 1192	circlass - ok
19:07:32.0658 1192	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:07:32.0658 1192	CLFS - ok
19:07:32.0720 1192	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:32.0720 1192	clr_optimization_v2.0.50727_32 - ok
19:07:32.0767 1192	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:07:32.0767 1192	clr_optimization_v2.0.50727_64 - ok
19:07:32.0861 1192	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:32.0861 1192	clr_optimization_v4.0.30319_32 - ok
19:07:32.0892 1192	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:07:32.0892 1192	clr_optimization_v4.0.30319_64 - ok
19:07:32.0923 1192	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:07:32.0923 1192	CmBatt - ok
19:07:32.0954 1192	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:07:32.0954 1192	cmdide - ok
19:07:33.0001 1192	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:07:33.0001 1192	CNG - ok
19:07:33.0048 1192	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:07:33.0048 1192	Compbatt - ok
19:07:33.0048 1192	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:07:33.0048 1192	CompositeBus - ok
19:07:33.0063 1192	COMSysApp - ok
19:07:33.0079 1192	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:07:33.0079 1192	crcdisk - ok
19:07:33.0110 1192	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:07:33.0126 1192	CryptSvc - ok
19:07:33.0173 1192	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:07:33.0173 1192	DcomLaunch - ok
19:07:33.0235 1192	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:07:33.0235 1192	defragsvc - ok
19:07:33.0251 1192	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:07:33.0251 1192	DfsC - ok
19:07:33.0297 1192	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:07:33.0297 1192	Dhcp - ok
19:07:33.0313 1192	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:07:33.0313 1192	discache - ok
19:07:33.0344 1192	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:07:33.0344 1192	Disk - ok
19:07:33.0375 1192	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:07:33.0375 1192	Dnscache - ok
19:07:33.0407 1192	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:07:33.0407 1192	dot3svc - ok
19:07:33.0438 1192	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:07:33.0438 1192	DPS - ok
19:07:33.0485 1192	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:07:33.0485 1192	drmkaud - ok
19:07:33.0578 1192	DsiWMIService   (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:07:33.0578 1192	DsiWMIService - ok
19:07:33.0641 1192	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:07:33.0656 1192	DXGKrnl - ok
19:07:33.0703 1192	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:07:33.0703 1192	EapHost - ok
19:07:33.0843 1192	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:07:33.0859 1192	ebdrv - ok
19:07:33.0968 1192	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:07:33.0968 1192	EFS - ok
19:07:34.0046 1192	EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:07:34.0046 1192	EgisTec Ticket Service - ok
19:07:34.0124 1192	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:07:34.0124 1192	ehRecvr - ok
19:07:34.0155 1192	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:07:34.0155 1192	ehSched - ok
19:07:34.0249 1192	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:07:34.0249 1192	elxstor - ok
19:07:34.0358 1192	ePowerSvc       (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:07:34.0374 1192	ePowerSvc - ok
19:07:34.0436 1192	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:07:34.0436 1192	EpsonBidirectionalService - ok
19:07:34.0530 1192	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:07:34.0530 1192	ErrDev - ok
19:07:34.0592 1192	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:07:34.0592 1192	EventSystem - ok
19:07:34.0608 1192	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:07:34.0608 1192	exfat - ok
19:07:34.0639 1192	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:07:34.0639 1192	fastfat - ok
19:07:34.0686 1192	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:07:34.0686 1192	Fax - ok
19:07:34.0701 1192	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:07:34.0701 1192	fdc - ok
19:07:34.0717 1192	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:07:34.0717 1192	fdPHost - ok
19:07:34.0717 1192	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:07:34.0717 1192	FDResPub - ok
19:07:34.0764 1192	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:07:34.0764 1192	FileInfo - ok
19:07:34.0779 1192	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:07:34.0779 1192	Filetrace - ok
19:07:34.0904 1192	FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:07:34.0904 1192	FLEXnet Licensing Service - ok
19:07:34.0935 1192	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:07:34.0935 1192	flpydisk - ok
19:07:34.0982 1192	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:07:34.0982 1192	FltMgr - ok
19:07:35.0045 1192	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:07:35.0045 1192	FontCache - ok
19:07:35.0123 1192	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:07:35.0123 1192	FontCache3.0.0.0 - ok
19:07:35.0154 1192	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:07:35.0154 1192	FsDepends - ok
19:07:35.0185 1192	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:07:35.0185 1192	Fs_Rec - ok
19:07:35.0216 1192	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:07:35.0216 1192	fvevol - ok
19:07:35.0247 1192	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:07:35.0247 1192	gagp30kx - ok
19:07:35.0279 1192	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:07:35.0279 1192	GEARAspiWDM - ok
19:07:35.0341 1192	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:07:35.0341 1192	gpsvc - ok
19:07:35.0372 1192	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:07:35.0372 1192	hcw85cir - ok
19:07:35.0435 1192	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:07:35.0435 1192	HdAudAddService - ok
19:07:35.0466 1192	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:35.0466 1192	HDAudBus - ok
19:07:35.0481 1192	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:07:35.0481 1192	HidBatt - ok
19:07:35.0497 1192	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:07:35.0497 1192	HidBth - ok
19:07:35.0497 1192	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:07:35.0497 1192	HidIr - ok
19:07:35.0544 1192	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:07:35.0544 1192	hidserv - ok
19:07:35.0559 1192	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:07:35.0559 1192	HidUsb - ok
19:07:35.0591 1192	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:07:35.0591 1192	hkmsvc - ok
19:07:35.0606 1192	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:07:35.0606 1192	HomeGroupListener - ok
19:07:35.0637 1192	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:07:35.0637 1192	HomeGroupProvider - ok
19:07:35.0669 1192	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:07:35.0669 1192	HpSAMD - ok
19:07:35.0731 1192	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:07:35.0731 1192	HTTP - ok
19:07:35.0731 1192	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:07:35.0731 1192	hwpolicy - ok
19:07:35.0762 1192	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:35.0762 1192	i8042prt - ok
19:07:35.0793 1192	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:07:35.0809 1192	iaStor - ok
19:07:35.0840 1192	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:07:35.0840 1192	iaStorV - ok
19:07:35.0934 1192	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:07:35.0934 1192	idsvc - ok
19:07:36.0558 1192	igfx            (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:07:36.0620 1192	igfx - ok
19:07:36.0714 1192	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:07:36.0714 1192	iirsp - ok
19:07:36.0761 1192	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:07:36.0761 1192	IKEEXT - ok
19:07:36.0917 1192	IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:07:36.0932 1192	IntcAzAudAddService - ok
19:07:37.0041 1192	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:07:37.0041 1192	IntcDAud - ok
19:07:37.0057 1192	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:07:37.0057 1192	intelide - ok
19:07:37.0088 1192	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:07:37.0088 1192	intelppm - ok
19:07:37.0135 1192	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:07:37.0135 1192	IPBusEnum - ok
19:07:37.0135 1192	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:37.0135 1192	IpFilterDriver - ok
19:07:37.0166 1192	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:07:37.0166 1192	iphlpsvc - ok
19:07:37.0182 1192	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:07:37.0182 1192	IPMIDRV - ok
19:07:37.0229 1192	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:07:37.0229 1192	IPNAT - ok
19:07:37.0353 1192	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:07:37.0353 1192	iPod Service - ok
19:07:37.0385 1192	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:07:37.0385 1192	IRENUM - ok
19:07:37.0400 1192	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:07:37.0400 1192	isapnp - ok
19:07:37.0416 1192	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:07:37.0416 1192	iScsiPrt - ok
19:07:37.0431 1192	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:37.0431 1192	kbdclass - ok
19:07:37.0447 1192	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:07:37.0447 1192	kbdhid - ok
19:07:37.0478 1192	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:37.0478 1192	KeyIso - ok
19:07:37.0494 1192	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:07:37.0494 1192	KSecDD - ok
19:07:37.0525 1192	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:07:37.0525 1192	KSecPkg - ok
19:07:37.0541 1192	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:07:37.0541 1192	ksthunk - ok
19:07:37.0587 1192	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:07:37.0587 1192	KtmRm - ok
19:07:37.0619 1192	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:07:37.0619 1192	L1C - ok
19:07:37.0665 1192	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:07:37.0665 1192	LanmanServer - ok
19:07:37.0697 1192	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:07:37.0697 1192	LanmanWorkstation - ok
19:07:37.0759 1192	Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:07:37.0775 1192	Live Updater Service - ok
19:07:37.0806 1192	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:07:37.0806 1192	lltdio - ok
19:07:37.0837 1192	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:07:37.0837 1192	lltdsvc - ok
19:07:37.0853 1192	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:07:37.0853 1192	lmhosts - ok
19:07:37.0931 1192	LMS             (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:07:37.0931 1192	LMS - ok
19:07:37.0962 1192	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:07:37.0962 1192	LSI_FC - ok
19:07:37.0993 1192	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:07:37.0993 1192	LSI_SAS - ok
19:07:37.0993 1192	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:07:37.0993 1192	LSI_SAS2 - ok
19:07:38.0009 1192	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:07:38.0009 1192	LSI_SCSI - ok
19:07:38.0071 1192	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:07:38.0071 1192	luafv - ok
19:07:38.0102 1192	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:07:38.0102 1192	Mcx2Svc - ok
19:07:38.0102 1192	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:07:38.0102 1192	megasas - ok
19:07:38.0149 1192	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:07:38.0149 1192	MegaSR - ok
19:07:38.0180 1192	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:07:38.0180 1192	MEIx64 - ok
19:07:38.0243 1192	Microsoft SharePoint Workspace Audit Service - ok
19:07:38.0274 1192	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:07:38.0274 1192	MMCSS - ok
19:07:38.0289 1192	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:07:38.0289 1192	Modem - ok
19:07:38.0321 1192	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:07:38.0321 1192	monitor - ok
19:07:38.0336 1192	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:07:38.0336 1192	mouclass - ok
19:07:38.0352 1192	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:07:38.0352 1192	mouhid - ok
19:07:38.0367 1192	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:07:38.0367 1192	mountmgr - ok
19:07:38.0383 1192	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:07:38.0383 1192	mpio - ok
19:07:38.0414 1192	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:07:38.0414 1192	mpsdrv - ok
19:07:38.0477 1192	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:07:38.0477 1192	MpsSvc - ok
19:07:38.0492 1192	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:07:38.0492 1192	MRxDAV - ok
19:07:38.0508 1192	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:38.0508 1192	mrxsmb - ok
19:07:38.0555 1192	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:38.0555 1192	mrxsmb10 - ok
19:07:38.0570 1192	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:38.0570 1192	mrxsmb20 - ok
19:07:38.0570 1192	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:07:38.0570 1192	msahci - ok
19:07:38.0586 1192	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:07:38.0586 1192	msdsm - ok
19:07:38.0617 1192	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:07:38.0617 1192	MSDTC - ok
19:07:38.0633 1192	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:07:38.0633 1192	Msfs - ok
19:07:38.0648 1192	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:07:38.0648 1192	mshidkmdf - ok
19:07:38.0648 1192	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:07:38.0648 1192	msisadrv - ok
19:07:38.0695 1192	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:07:38.0695 1192	MSiSCSI - ok
19:07:38.0695 1192	msiserver - ok
19:07:38.0726 1192	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:07:38.0726 1192	MSKSSRV - ok
19:07:38.0726 1192	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:38.0726 1192	MSPCLOCK - ok
19:07:38.0726 1192	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:07:38.0742 1192	MSPQM - ok
19:07:38.0773 1192	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:07:38.0773 1192	MsRPC - ok
19:07:38.0773 1192	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:07:38.0773 1192	mssmbios - ok
19:07:38.0789 1192	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:07:38.0789 1192	MSTEE - ok
19:07:38.0789 1192	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:07:38.0789 1192	MTConfig - ok
19:07:38.0804 1192	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:07:38.0804 1192	Mup - ok
19:07:38.0804 1192	mwlPSDFilter    (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:07:38.0804 1192	mwlPSDFilter - ok
19:07:38.0804 1192	mwlPSDNServ     (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:07:38.0804 1192	mwlPSDNServ - ok
19:07:38.0804 1192	mwlPSDVDisk     (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:07:38.0804 1192	mwlPSDVDisk - ok
19:07:38.0851 1192	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:07:38.0851 1192	napagent - ok
19:07:38.0898 1192	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:07:38.0913 1192	NativeWifiP - ok
19:07:38.0976 1192	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:07:38.0976 1192	NDIS - ok
19:07:39.0007 1192	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:39.0007 1192	NdisCap - ok
19:07:39.0007 1192	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:39.0007 1192	NdisTapi - ok
19:07:39.0007 1192	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:39.0007 1192	Ndisuio - ok
19:07:39.0023 1192	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:39.0038 1192	NdisWan - ok
19:07:39.0069 1192	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:07:39.0069 1192	NDProxy - ok
19:07:39.0085 1192	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:07:39.0085 1192	NetBIOS - ok
19:07:39.0116 1192	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:07:39.0116 1192	NetBT - ok
19:07:39.0132 1192	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:39.0132 1192	Netlogon - ok
19:07:39.0194 1192	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:07:39.0194 1192	Netman - ok
19:07:39.0210 1192	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:07:39.0225 1192	netprofm - ok
19:07:39.0303 1192	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:07:39.0303 1192	NetTcpPortSharing - ok
19:07:39.0350 1192	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:07:39.0350 1192	nfrd960 - ok
19:07:39.0397 1192	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:07:39.0397 1192	NlaSvc - ok
19:07:39.0413 1192	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:07:39.0413 1192	Npfs - ok
19:07:39.0413 1192	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:07:39.0413 1192	nsi - ok
19:07:39.0428 1192	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:07:39.0428 1192	nsiproxy - ok
19:07:39.0491 1192	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:07:39.0491 1192	Ntfs - ok
19:07:39.0569 1192	NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:07:39.0569 1192	NTI IScheduleSvc - ok
19:07:39.0647 1192	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:07:39.0647 1192	NTIDrvr - ok
19:07:39.0678 1192	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:07:39.0678 1192	Null - ok
19:07:39.0709 1192	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:07:39.0709 1192	nvraid - ok
19:07:39.0740 1192	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:07:39.0740 1192	nvstor - ok
19:07:39.0771 1192	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:07:39.0771 1192	nv_agp - ok
19:07:39.0771 1192	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:07:39.0771 1192	ohci1394 - ok
19:07:39.0881 1192	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:39.0881 1192	ose - ok
19:07:40.0161 1192	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:07:40.0193 1192	osppsvc - ok
19:07:40.0317 1192	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:07:40.0317 1192	p2pimsvc - ok
19:07:40.0333 1192	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:07:40.0333 1192	p2psvc - ok
19:07:40.0364 1192	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:07:40.0364 1192	Parport - ok
19:07:40.0395 1192	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:07:40.0395 1192	partmgr - ok
19:07:40.0427 1192	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:07:40.0427 1192	PcaSvc - ok
19:07:40.0442 1192	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:07:40.0442 1192	pci - ok
19:07:40.0458 1192	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:07:40.0458 1192	pciide - ok
19:07:40.0489 1192	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:07:40.0489 1192	pcmcia - ok
19:07:40.0489 1192	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:07:40.0489 1192	pcw - ok
19:07:40.0551 1192	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:07:40.0567 1192	PEAUTH - ok
19:07:40.0629 1192	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:07:40.0629 1192	PerfHost - ok
19:07:40.0723 1192	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:07:40.0723 1192	pla - ok
19:07:40.0770 1192	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:07:40.0770 1192	PlugPlay - ok
19:07:40.0801 1192	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:07:40.0801 1192	PNRPAutoReg - ok
19:07:40.0832 1192	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:07:40.0832 1192	PNRPsvc - ok
19:07:40.0863 1192	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:07:40.0863 1192	PolicyAgent - ok
19:07:40.0895 1192	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:07:40.0895 1192	Power - ok
19:07:40.0973 1192	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:07:40.0973 1192	PptpMiniport - ok
19:07:40.0988 1192	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:07:40.0988 1192	Processor - ok
19:07:41.0035 1192	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:07:41.0051 1192	ProfSvc - ok
19:07:41.0066 1192	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:41.0066 1192	ProtectedStorage - ok
19:07:41.0129 1192	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:07:41.0129 1192	Psched - ok
19:07:41.0191 1192	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:07:41.0207 1192	ql2300 - ok
19:07:41.0300 1192	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:07:41.0300 1192	ql40xx - ok
19:07:41.0347 1192	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:07:41.0347 1192	QWAVE - ok
19:07:41.0363 1192	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:07:41.0363 1192	QWAVEdrv - ok
19:07:41.0378 1192	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:07:41.0378 1192	RasAcd - ok
19:07:41.0394 1192	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:41.0394 1192	RasAgileVpn - ok
19:07:41.0409 1192	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:07:41.0409 1192	RasAuto - ok
19:07:41.0456 1192	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:41.0456 1192	Rasl2tp - ok
19:07:41.0487 1192	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:07:41.0487 1192	RasMan - ok
19:07:41.0503 1192	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:41.0503 1192	RasPppoe - ok
19:07:41.0519 1192	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:07:41.0519 1192	RasSstp - ok
19:07:41.0565 1192	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:07:41.0565 1192	rdbss - ok
19:07:41.0597 1192	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:07:41.0597 1192	rdpbus - ok
19:07:41.0612 1192	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:41.0612 1192	RDPCDD - ok
19:07:41.0628 1192	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:07:41.0628 1192	RDPENCDD - ok
19:07:41.0628 1192	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:07:41.0628 1192	RDPREFMP - ok
19:07:41.0690 1192	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:07:41.0690 1192	RDPWD - ok
19:07:41.0721 1192	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:07:41.0721 1192	rdyboost - ok
19:07:41.0753 1192	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:07:41.0753 1192	RemoteAccess - ok
19:07:41.0784 1192	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:07:41.0784 1192	RemoteRegistry - ok
19:07:41.0815 1192	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:07:41.0815 1192	RpcEptMapper - ok
19:07:41.0831 1192	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:07:41.0831 1192	RpcLocator - ok
19:07:41.0862 1192	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:07:41.0862 1192	RpcSs - ok
19:07:41.0924 1192	RSPCIESTOR      (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:07:41.0940 1192	RSPCIESTOR - ok
19:07:41.0971 1192	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:07:41.0971 1192	rspndr - ok
19:07:42.0002 1192	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:42.0002 1192	SamSs - ok
19:07:42.0018 1192	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:07:42.0018 1192	sbp2port - ok
19:07:42.0049 1192	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:07:42.0049 1192	SCardSvr - ok
19:07:42.0080 1192	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:07:42.0080 1192	scfilter - ok
19:07:42.0158 1192	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:07:42.0158 1192	Schedule - ok
19:07:42.0205 1192	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:07:42.0205 1192	SCPolicySvc - ok
19:07:42.0221 1192	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:07:42.0221 1192	SDRSVC - ok
19:07:42.0299 1192	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:07:42.0299 1192	secdrv - ok
19:07:42.0314 1192	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:07:42.0314 1192	seclogon - ok
19:07:42.0330 1192	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:07:42.0345 1192	SENS - ok
19:07:42.0377 1192	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:07:42.0377 1192	SensrSvc - ok
19:07:42.0392 1192	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:07:42.0392 1192	Serenum - ok
19:07:42.0439 1192	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:07:42.0439 1192	Serial - ok
19:07:42.0439 1192	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:07:42.0439 1192	sermouse - ok
19:07:42.0455 1192	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:07:42.0455 1192	SessionEnv - ok
19:07:42.0455 1192	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:07:42.0455 1192	sffdisk - ok
19:07:42.0470 1192	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:07:42.0470 1192	sffp_mmc - ok
19:07:42.0470 1192	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:07:42.0470 1192	sffp_sd - ok
19:07:42.0486 1192	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:07:42.0486 1192	sfloppy - ok
19:07:42.0517 1192	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:07:42.0517 1192	SharedAccess - ok
19:07:42.0533 1192	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:07:42.0533 1192	ShellHWDetection - ok
19:07:42.0564 1192	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:07:42.0564 1192	SiSRaid2 - ok
19:07:42.0579 1192	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:07:42.0579 1192	SiSRaid4 - ok
19:07:42.0595 1192	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:07:42.0595 1192	Smb - ok
19:07:42.0611 1192	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:07:42.0611 1192	SNMPTRAP - ok
19:07:42.0642 1192	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:07:42.0642 1192	spldr - ok
19:07:42.0673 1192	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:07:42.0673 1192	Spooler - ok
19:07:42.0813 1192	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:07:42.0829 1192	sppsvc - ok
19:07:42.0907 1192	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:07:42.0923 1192	sppuinotify - ok
19:07:42.0969 1192	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:07:42.0969 1192	srv - ok
19:07:42.0985 1192	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:07:42.0985 1192	srv2 - ok
19:07:43.0001 1192	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:07:43.0001 1192	srvnet - ok
19:07:43.0032 1192	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:07:43.0047 1192	SSDPSRV - ok
19:07:43.0047 1192	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:07:43.0047 1192	SstpSvc - ok
19:07:43.0063 1192	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:07:43.0063 1192	stexstor - ok
19:07:43.0125 1192	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:07:43.0141 1192	stisvc - ok
19:07:43.0172 1192	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:07:43.0172 1192	swenum - ok
19:07:43.0219 1192	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:07:43.0219 1192	swprv - ok
19:07:43.0313 1192	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:07:43.0328 1192	SynTP - ok
19:07:43.0484 1192	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:07:43.0500 1192	SysMain - ok
19:07:43.0578 1192	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:07:43.0578 1192	TabletInputService - ok
19:07:43.0609 1192	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:07:43.0609 1192	TapiSrv - ok
19:07:43.0640 1192	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:07:43.0640 1192	TBS - ok
19:07:43.0749 1192	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:07:43.0765 1192	Tcpip - ok
19:07:43.0905 1192	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:07:43.0921 1192	TCPIP6 - ok
19:07:43.0983 1192	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:07:43.0983 1192	tcpipreg - ok
19:07:44.0015 1192	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:07:44.0015 1192	TDPIPE - ok
19:07:44.0046 1192	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:07:44.0046 1192	TDTCP - ok
19:07:44.0061 1192	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:07:44.0061 1192	tdx - ok
19:07:44.0077 1192	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:07:44.0077 1192	TermDD - ok
19:07:44.0124 1192	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:07:44.0124 1192	TermService - ok
19:07:44.0139 1192	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:07:44.0139 1192	Themes - ok
19:07:44.0155 1192	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:07:44.0155 1192	THREADORDER - ok
19:07:44.0171 1192	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:07:44.0171 1192	TrkWks - ok
19:07:44.0217 1192	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:07:44.0233 1192	TrustedInstaller - ok
19:07:44.0249 1192	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:44.0249 1192	tssecsrv - ok
19:07:44.0264 1192	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:07:44.0264 1192	TsUsbFlt - ok
19:07:44.0280 1192	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:07:44.0280 1192	TsUsbGD - ok
19:07:44.0311 1192	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:07:44.0311 1192	tunnel - ok
19:07:44.0327 1192	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:07:44.0327 1192	uagp35 - ok
19:07:44.0327 1192	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:07:44.0327 1192	UBHelper - ok
19:07:44.0358 1192	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:07:44.0358 1192	udfs - ok
19:07:44.0389 1192	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:07:44.0389 1192	UI0Detect - ok
19:07:44.0420 1192	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:07:44.0420 1192	uliagpkx - ok
19:07:44.0451 1192	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:07:44.0451 1192	umbus - ok
19:07:44.0451 1192	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:07:44.0467 1192	UmPass - ok
19:07:44.0623 1192	UNS             (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:07:44.0639 1192	UNS - ok
19:07:44.0748 1192	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:07:44.0748 1192	upnphost - ok
19:07:44.0795 1192	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:07:44.0795 1192	USBAAPL64 - ok
19:07:44.0826 1192	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:44.0826 1192	usbccgp - ok
19:07:44.0857 1192	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:07:44.0857 1192	usbcir - ok
19:07:44.0857 1192	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:07:44.0857 1192	usbehci - ok
19:07:44.0904 1192	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:07:44.0904 1192	usbhub - ok
19:07:44.0919 1192	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:07:44.0919 1192	usbohci - ok
19:07:44.0919 1192	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:07:44.0919 1192	usbprint - ok
19:07:44.0935 1192	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:44.0935 1192	USBSTOR - ok
19:07:44.0951 1192	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:07:44.0951 1192	usbuhci - ok
19:07:44.0982 1192	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:07:44.0982 1192	usbvideo - ok
19:07:44.0997 1192	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:07:44.0997 1192	UxSms - ok
19:07:45.0029 1192	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:45.0029 1192	VaultSvc - ok
19:07:45.0044 1192	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:07:45.0044 1192	vdrvroot - ok
19:07:45.0091 1192	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:07:45.0091 1192	vds - ok
19:07:45.0122 1192	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:45.0122 1192	vga - ok
19:07:45.0122 1192	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:07:45.0122 1192	VgaSave - ok
19:07:45.0138 1192	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:07:45.0138 1192	vhdmp - ok
19:07:45.0153 1192	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:07:45.0153 1192	viaide - ok
19:07:45.0169 1192	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:07:45.0169 1192	volmgr - ok
19:07:45.0200 1192	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:07:45.0200 1192	volmgrx - ok
19:07:45.0231 1192	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:07:45.0231 1192	volsnap - ok
19:07:45.0263 1192	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:07:45.0263 1192	vsmraid - ok
19:07:45.0356 1192	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:07:45.0356 1192	VSS - ok
19:07:45.0450 1192	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:07:45.0465 1192	vwifibus - ok
19:07:45.0481 1192	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:07:45.0481 1192	vwififlt - ok
19:07:45.0512 1192	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:07:45.0512 1192	W32Time - ok
19:07:45.0543 1192	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:07:45.0543 1192	WacomPen - ok
19:07:45.0575 1192	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:45.0575 1192	WANARP - ok
19:07:45.0590 1192	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:45.0590 1192	Wanarpv6 - ok
19:07:45.0668 1192	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:07:45.0668 1192	wbengine - ok
19:07:45.0762 1192	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:07:45.0762 1192	WbioSrvc - ok
19:07:45.0777 1192	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:07:45.0777 1192	wcncsvc - ok
19:07:45.0793 1192	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:07:45.0809 1192	WcsPlugInService - ok
19:07:45.0840 1192	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:07:45.0840 1192	Wd - ok
19:07:45.0887 1192	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:07:45.0887 1192	Wdf01000 - ok
19:07:45.0918 1192	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:07:45.0918 1192	WdiServiceHost - ok
19:07:45.0918 1192	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:07:45.0918 1192	WdiSystemHost - ok
19:07:45.0949 1192	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:07:45.0949 1192	WebClient - ok
19:07:45.0980 1192	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:07:45.0980 1192	Wecsvc - ok
19:07:45.0996 1192	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:07:45.0996 1192	wercplsupport - ok
19:07:46.0027 1192	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:07:46.0027 1192	WerSvc - ok
19:07:46.0074 1192	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:07:46.0074 1192	WfpLwf - ok
19:07:46.0089 1192	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:07:46.0089 1192	WIMMount - ok
19:07:46.0121 1192	WinDefend - ok
19:07:46.0121 1192	WinHttpAutoProxySvc - ok
19:07:46.0199 1192	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:07:46.0199 1192	Winmgmt - ok
19:07:46.0308 1192	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:07:46.0323 1192	WinRM - ok
19:07:46.0448 1192	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:07:46.0448 1192	Wlansvc - ok
19:07:46.0635 1192	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:07:46.0635 1192	wlidsvc - ok
19:07:46.0745 1192	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:07:46.0745 1192	WmiAcpi - ok
19:07:46.0807 1192	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:07:46.0807 1192	wmiApSrv - ok
19:07:46.0854 1192	WMPNetworkSvc - ok
19:07:46.0901 1192	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:07:46.0901 1192	WPCSvc - ok
19:07:46.0916 1192	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:07:46.0932 1192	WPDBusEnum - ok
19:07:46.0947 1192	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:07:46.0947 1192	ws2ifsl - ok
19:07:46.0963 1192	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:07:46.0963 1192	wscsvc - ok
19:07:46.0963 1192	WSearch - ok
19:07:47.0088 1192	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:07:47.0103 1192	wuauserv - ok
19:07:47.0197 1192	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:07:47.0197 1192	WudfPf - ok
19:07:47.0213 1192	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:47.0213 1192	WUDFRd - ok
19:07:47.0244 1192	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:07:47.0259 1192	wudfsvc - ok
19:07:47.0259 1192	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:07:47.0259 1192	WwanSvc - ok
19:07:47.0306 1192	MBR (0x1B8)     (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:07:47.0337 1192	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:07:47.0337 1192	\Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:07:47.0337 1192	MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:07:53.0843 1192	\Device\Harddisk1\DR1 - ok
19:07:53.0905 1192	Boot (0x1200)   (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:07:53.0967 1192	\Device\Harddisk0\DR0\Partition0 - ok
19:07:53.0983 1192	Boot (0x1200)   (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:07:53.0983 1192	\Device\Harddisk0\DR0\Partition1 - ok
19:07:54.0014 1192	Boot (0x1200)   (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:07:54.0014 1192	\Device\Harddisk0\DR0\Partition2 - ok
19:07:54.0014 1192	Boot (0x1200)   (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:07:54.0014 1192	\Device\Harddisk1\DR1\Partition0 - ok
19:07:54.0014 1192	============================================================
19:07:54.0014 1192	Scan finished
19:07:54.0014 1192	============================================================
19:07:54.0030 0296	Detected object count: 1
19:07:54.0030 0296	Actual detected object count: 1
19:08:23.0670 0296	\Device\Harddisk0\DR0\# - copied to quarantine
19:08:23.0670 0296	\Device\Harddisk0\DR0 - copied to quarantine
19:08:23.0888 0296	\Device\Harddisk0\DR0 - processing error
19:08:30.0471 0296	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure 
19:08:37.0476 1844	Deinitialize success
         
Die restlichen Logs folgen in separaten Posts
__________________

Alt 05.07.2012, 18:09   #4
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hier der nächste Teil von TDSS-Killer:

TDSS-log #3
Code:
ATTFilter
19:51:29.0379 1960	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
19:51:29.0488 1960	============================================================
19:51:29.0488 1960	Current date / time: 2012/07/04 19:51:29.0488
19:51:29.0488 1960	SystemInfo:
19:51:29.0488 1960	
19:51:29.0488 1960	OS Version: 6.1.7601 ServicePack: 1.0
19:51:29.0488 1960	Product type: Workstation
19:51:29.0488 1960	ComputerName: Sternekoch-PC
19:51:29.0488 1960	UserName: Sternekoch
19:51:29.0488 1960	Windows directory: C:\Windows
19:51:29.0488 1960	System windows directory: C:\Windows
19:51:29.0488 1960	Running under WOW64
19:51:29.0488 1960	Processor architecture: Intel x64
19:51:29.0488 1960	Number of processors: 4
19:51:29.0488 1960	Page size: 0x1000
19:51:29.0488 1960	Boot type: Safe boot with network
19:51:29.0488 1960	============================================================
19:51:29.0956 1960	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:29.0956 1960	Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:51:29.0956 1960	============================================================
19:51:29.0956 1960	\Device\Harddisk0\DR0:
19:51:29.0956 1960	MBR partitions:
19:51:29.0956 1960	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:51:29.0956 1960	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:51:29.0971 1960	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:51:29.0971 1960	\Device\Harddisk1\DR1:
19:51:29.0971 1960	MBR partitions:
19:51:29.0971 1960	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:51:29.0971 1960	============================================================
19:51:30.0018 1960	C: <-> \Device\Harddisk0\DR0\Partition1
19:51:30.0034 1960	E: <-> \Device\Harddisk0\DR0\Partition2
19:51:30.0034 1960	============================================================
19:51:30.0034 1960	Initialize success
19:51:30.0034 1960	============================================================
19:51:37.0522 1540	============================================================
19:51:37.0522 1540	Scan started
19:51:37.0522 1540	Mode: Manual; 
19:51:37.0522 1540	============================================================
19:51:38.0567 1540	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:51:38.0567 1540	1394ohci - ok
19:51:38.0614 1540	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:51:38.0629 1540	ACPI - ok
19:51:38.0645 1540	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:51:38.0645 1540	AcpiPmi - ok
19:51:38.0739 1540	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:38.0754 1540	AdobeARMservice - ok
19:51:38.0879 1540	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:38.0879 1540	AdobeFlashPlayerUpdateSvc - ok
19:51:38.0941 1540	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:51:38.0957 1540	adp94xx - ok
19:51:39.0019 1540	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:51:39.0035 1540	adpahci - ok
19:51:39.0035 1540	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:51:39.0051 1540	adpu320 - ok
19:51:39.0066 1540	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:51:39.0082 1540	AeLookupSvc - ok
19:51:39.0144 1540	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:51:39.0160 1540	AFD - ok
19:51:39.0207 1540	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:51:39.0207 1540	agp440 - ok
19:51:39.0238 1540	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:51:39.0238 1540	ALG - ok
19:51:39.0253 1540	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:51:39.0253 1540	aliide - ok
19:51:39.0269 1540	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:51:39.0269 1540	amdide - ok
19:51:39.0285 1540	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:51:39.0285 1540	AmdK8 - ok
19:51:39.0300 1540	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:51:39.0316 1540	AmdPPM - ok
19:51:39.0347 1540	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:51:39.0347 1540	amdsata - ok
19:51:39.0378 1540	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:51:39.0378 1540	amdsbs - ok
19:51:39.0409 1540	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:51:39.0409 1540	amdxata - ok
19:51:39.0519 1540	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:51:39.0534 1540	AntiVirSchedulerService - ok
19:51:39.0550 1540	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:51:39.0550 1540	AntiVirService - ok
19:51:39.0597 1540	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:51:39.0597 1540	AppID - ok
19:51:39.0628 1540	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:51:39.0628 1540	AppIDSvc - ok
19:51:39.0643 1540	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:51:39.0643 1540	Appinfo - ok
19:51:39.0737 1540	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:39.0753 1540	Apple Mobile Device - ok
19:51:39.0768 1540	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:51:39.0768 1540	arc - ok
19:51:39.0799 1540	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:51:39.0799 1540	arcsas - ok
19:51:39.0815 1540	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:39.0815 1540	AsyncMac - ok
19:51:39.0846 1540	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:51:39.0846 1540	atapi - ok
19:51:39.0971 1540	athr            (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:51:40.0033 1540	athr - ok
19:51:40.0174 1540	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:51:40.0189 1540	AudioEndpointBuilder - ok
19:51:40.0189 1540	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:51:40.0205 1540	AudioSrv - ok
19:51:40.0252 1540	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:51:40.0252 1540	avgntflt - ok
19:51:40.0283 1540	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:51:40.0283 1540	avipbb - ok
19:51:40.0314 1540	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:51:40.0314 1540	avkmgr - ok
19:51:40.0377 1540	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:51:40.0377 1540	AxInstSV - ok
19:51:40.0439 1540	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:51:40.0455 1540	b06bdrv - ok
19:51:40.0501 1540	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:40.0517 1540	b57nd60a - ok
19:51:40.0564 1540	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:51:40.0564 1540	BDESVC - ok
19:51:40.0579 1540	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:51:40.0579 1540	Beep - ok
19:51:40.0642 1540	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:51:40.0657 1540	BFE - ok
19:51:40.0704 1540	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:51:40.0813 1540	BITS - ok
19:51:40.0876 1540	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:51:40.0876 1540	blbdrive - ok
19:51:40.0954 1540	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:51:40.0969 1540	Bonjour Service - ok
19:51:40.0985 1540	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:51:40.0985 1540	bowser - ok
19:51:41.0032 1540	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:51:41.0032 1540	BrFiltLo - ok
19:51:41.0032 1540	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:51:41.0032 1540	BrFiltUp - ok
19:51:41.0063 1540	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:51:41.0079 1540	Browser - ok
19:51:41.0110 1540	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:51:41.0125 1540	Brserid - ok
19:51:41.0141 1540	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:41.0141 1540	BrSerWdm - ok
19:51:41.0157 1540	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:41.0157 1540	BrUsbMdm - ok
19:51:41.0157 1540	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:41.0157 1540	BrUsbSer - ok
19:51:41.0172 1540	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:51:41.0172 1540	BTHMODEM - ok
19:51:41.0219 1540	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:51:41.0250 1540	BTHPORT - ok
19:51:41.0281 1540	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:51:41.0281 1540	bthserv - ok
19:51:41.0313 1540	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:51:41.0313 1540	BTHUSB - ok
19:51:41.0344 1540	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:51:41.0344 1540	cdfs - ok
19:51:41.0391 1540	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:51:41.0391 1540	cdrom - ok
19:51:41.0437 1540	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:51:41.0437 1540	CertPropSvc - ok
19:51:41.0469 1540	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:51:41.0469 1540	circlass - ok
19:51:41.0500 1540	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:51:41.0500 1540	CLFS - ok
19:51:41.0578 1540	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:41.0578 1540	clr_optimization_v2.0.50727_32 - ok
19:51:41.0625 1540	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:41.0625 1540	clr_optimization_v2.0.50727_64 - ok
19:51:41.0703 1540	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:41.0703 1540	clr_optimization_v4.0.30319_32 - ok
19:51:41.0734 1540	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:51:41.0734 1540	clr_optimization_v4.0.30319_64 - ok
19:51:41.0765 1540	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:51:41.0765 1540	CmBatt - ok
19:51:41.0796 1540	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:51:41.0796 1540	cmdide - ok
19:51:41.0843 1540	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:51:41.0843 1540	CNG - ok
19:51:41.0890 1540	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:51:41.0890 1540	Compbatt - ok
19:51:41.0905 1540	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:51:41.0905 1540	CompositeBus - ok
19:51:41.0921 1540	COMSysApp - ok
19:51:41.0937 1540	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:51:41.0937 1540	crcdisk - ok
19:51:41.0968 1540	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:51:41.0968 1540	CryptSvc - ok
19:51:42.0015 1540	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:51:42.0046 1540	DcomLaunch - ok
19:51:42.0077 1540	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:51:42.0093 1540	defragsvc - ok
19:51:42.0124 1540	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:51:42.0124 1540	DfsC - ok
19:51:42.0171 1540	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:51:42.0171 1540	Dhcp - ok
19:51:42.0202 1540	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:51:42.0202 1540	discache - ok
19:51:42.0233 1540	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:51:42.0233 1540	Disk - ok
19:51:42.0249 1540	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:51:42.0249 1540	Dnscache - ok
19:51:42.0280 1540	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:51:42.0295 1540	dot3svc - ok
19:51:42.0311 1540	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:51:42.0311 1540	DPS - ok
19:51:42.0358 1540	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:51:42.0358 1540	drmkaud - ok
19:51:42.0451 1540	DsiWMIService   (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:51:42.0467 1540	DsiWMIService - ok
19:51:42.0529 1540	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:51:42.0561 1540	DXGKrnl - ok
19:51:42.0592 1540	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:51:42.0592 1540	EapHost - ok
19:51:42.0732 1540	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:51:42.0826 1540	ebdrv - ok
19:51:42.0919 1540	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:51:42.0919 1540	EFS - ok
19:51:43.0013 1540	EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:51:43.0013 1540	EgisTec Ticket Service - ok
19:51:43.0107 1540	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:51:43.0138 1540	ehRecvr - ok
19:51:43.0169 1540	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:51:43.0169 1540	ehSched - ok
19:51:43.0263 1540	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:51:43.0278 1540	elxstor - ok
19:51:43.0387 1540	ePowerSvc       (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:51:43.0419 1540	ePowerSvc - ok
19:51:43.0528 1540	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:51:43.0528 1540	EpsonBidirectionalService - ok
19:51:43.0606 1540	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:51:43.0606 1540	ErrDev - ok
19:51:43.0637 1540	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:51:43.0653 1540	EventSystem - ok
19:51:43.0684 1540	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:51:43.0684 1540	exfat - ok
19:51:43.0699 1540	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:51:43.0699 1540	fastfat - ok
19:51:43.0762 1540	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:51:43.0777 1540	Fax - ok
19:51:43.0793 1540	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:51:43.0793 1540	fdc - ok
19:51:43.0809 1540	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:51:43.0809 1540	fdPHost - ok
19:51:43.0809 1540	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:51:43.0824 1540	FDResPub - ok
19:51:43.0840 1540	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:51:43.0840 1540	FileInfo - ok
19:51:43.0871 1540	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:51:43.0871 1540	Filetrace - ok
19:51:43.0965 1540	FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:51:43.0980 1540	FLEXnet Licensing Service - ok
19:51:44.0011 1540	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:51:44.0011 1540	flpydisk - ok
19:51:44.0043 1540	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:51:44.0058 1540	FltMgr - ok
19:51:44.0121 1540	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:51:44.0152 1540	FontCache - ok
19:51:44.0214 1540	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:51:44.0230 1540	FontCache3.0.0.0 - ok
19:51:44.0261 1540	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:51:44.0261 1540	FsDepends - ok
19:51:44.0292 1540	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:51:44.0292 1540	Fs_Rec - ok
19:51:44.0323 1540	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:51:44.0323 1540	fvevol - ok
19:51:44.0355 1540	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:51:44.0355 1540	gagp30kx - ok
19:51:44.0386 1540	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:51:44.0386 1540	GEARAspiWDM - ok
19:51:44.0433 1540	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:51:44.0464 1540	gpsvc - ok
19:51:44.0464 1540	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:51:44.0479 1540	hcw85cir - ok
19:51:44.0511 1540	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:51:44.0511 1540	HdAudAddService - ok
19:51:44.0557 1540	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:51:44.0557 1540	HDAudBus - ok
19:51:44.0557 1540	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:51:44.0557 1540	HidBatt - ok
19:51:44.0573 1540	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:51:44.0573 1540	HidBth - ok
19:51:44.0573 1540	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:51:44.0589 1540	HidIr - ok
19:51:44.0604 1540	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:51:44.0604 1540	hidserv - ok
19:51:44.0620 1540	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:51:44.0635 1540	HidUsb - ok
19:51:44.0651 1540	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:51:44.0651 1540	hkmsvc - ok
19:51:44.0682 1540	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:51:44.0698 1540	HomeGroupListener - ok
19:51:44.0729 1540	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:51:44.0745 1540	HomeGroupProvider - ok
19:51:44.0760 1540	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:51:44.0760 1540	HpSAMD - ok
19:51:44.0823 1540	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:51:44.0838 1540	HTTP - ok
19:51:44.0838 1540	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:51:44.0854 1540	hwpolicy - ok
19:51:44.0869 1540	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:51:44.0869 1540	i8042prt - ok
19:51:44.0916 1540	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:51:44.0916 1540	iaStor - ok
19:51:44.0947 1540	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:51:44.0963 1540	iaStorV - ok
19:51:45.0057 1540	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:51:45.0088 1540	idsvc - ok
19:51:45.0587 1540	igfx            (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:51:45.0837 1540	igfx - ok
19:51:45.0961 1540	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:51:45.0961 1540	iirsp - ok
19:51:46.0008 1540	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:51:46.0039 1540	IKEEXT - ok
19:51:46.0195 1540	IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:51:46.0273 1540	IntcAzAudAddService - ok
19:51:46.0383 1540	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:51:46.0398 1540	IntcDAud - ok
19:51:46.0414 1540	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:51:46.0414 1540	intelide - ok
19:51:46.0461 1540	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:51:46.0461 1540	intelppm - ok
19:51:46.0476 1540	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:51:46.0476 1540	IPBusEnum - ok
19:51:46.0507 1540	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:51:46.0523 1540	IpFilterDriver - ok
19:51:46.0570 1540	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:51:46.0601 1540	iphlpsvc - ok
19:51:46.0601 1540	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:51:46.0601 1540	IPMIDRV - ok
19:51:46.0617 1540	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:51:46.0617 1540	IPNAT - ok
19:51:46.0741 1540	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:51:46.0788 1540	iPod Service - ok
19:51:46.0804 1540	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:51:46.0804 1540	IRENUM - ok
19:51:46.0835 1540	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:51:46.0835 1540	isapnp - ok
19:51:46.0866 1540	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:51:46.0866 1540	iScsiPrt - ok
19:51:46.0897 1540	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:51:46.0897 1540	kbdclass - ok
19:51:46.0913 1540	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:51:46.0913 1540	kbdhid - ok
19:51:46.0944 1540	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:46.0944 1540	KeyIso - ok
19:51:46.0960 1540	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:51:46.0960 1540	KSecDD - ok
19:51:46.0975 1540	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:51:46.0975 1540	KSecPkg - ok
19:51:46.0991 1540	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:51:47.0007 1540	ksthunk - ok
19:51:47.0053 1540	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:51:47.0069 1540	KtmRm - ok
19:51:47.0116 1540	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:51:47.0116 1540	L1C - ok
19:51:47.0163 1540	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:51:47.0178 1540	LanmanServer - ok
19:51:47.0194 1540	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:51:47.0209 1540	LanmanWorkstation - ok
19:51:47.0272 1540	Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:51:47.0287 1540	Live Updater Service - ok
19:51:47.0303 1540	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:51:47.0319 1540	lltdio - ok
19:51:47.0350 1540	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:51:47.0365 1540	lltdsvc - ok
19:51:47.0381 1540	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:51:47.0381 1540	lmhosts - ok
19:51:47.0443 1540	LMS             (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:51:47.0459 1540	LMS - ok
19:51:47.0490 1540	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:51:47.0506 1540	LSI_FC - ok
19:51:47.0537 1540	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:51:47.0537 1540	LSI_SAS - ok
19:51:47.0553 1540	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:51:47.0553 1540	LSI_SAS2 - ok
19:51:47.0584 1540	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:51:47.0599 1540	LSI_SCSI - ok
19:51:47.0631 1540	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:51:47.0631 1540	luafv - ok
19:51:47.0662 1540	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:51:47.0662 1540	Mcx2Svc - ok
19:51:47.0662 1540	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:51:47.0662 1540	megasas - ok
19:51:47.0724 1540	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:51:47.0724 1540	MegaSR - ok
19:51:47.0787 1540	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:51:47.0787 1540	MEIx64 - ok
19:51:47.0849 1540	Microsoft SharePoint Workspace Audit Service - ok
19:51:47.0865 1540	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:47.0880 1540	MMCSS - ok
19:51:47.0896 1540	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:51:47.0896 1540	Modem - ok
19:51:47.0943 1540	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:51:47.0943 1540	monitor - ok
19:51:47.0958 1540	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:51:47.0958 1540	mouclass - ok
19:51:47.0974 1540	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:51:47.0989 1540	mouhid - ok
19:51:48.0005 1540	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:51:48.0021 1540	mountmgr - ok
19:51:48.0052 1540	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:51:48.0052 1540	mpio - ok
19:51:48.0052 1540	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:51:48.0052 1540	mpsdrv - ok
19:51:48.0114 1540	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:51:48.0145 1540	MpsSvc - ok
19:51:48.0161 1540	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:51:48.0161 1540	MRxDAV - ok
19:51:48.0192 1540	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:48.0192 1540	mrxsmb - ok
19:51:48.0270 1540	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:48.0286 1540	mrxsmb10 - ok
19:51:48.0301 1540	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:48.0301 1540	mrxsmb20 - ok
19:51:48.0317 1540	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:51:48.0317 1540	msahci - ok
19:51:48.0333 1540	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:51:48.0348 1540	msdsm - ok
19:51:48.0379 1540	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:51:48.0379 1540	MSDTC - ok
19:51:48.0395 1540	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:51:48.0395 1540	Msfs - ok
19:51:48.0411 1540	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:51:48.0411 1540	mshidkmdf - ok
19:51:48.0411 1540	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:51:48.0411 1540	msisadrv - ok
19:51:48.0473 1540	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:51:48.0473 1540	MSiSCSI - ok
19:51:48.0473 1540	msiserver - ok
19:51:48.0489 1540	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:51:48.0504 1540	MSKSSRV - ok
19:51:48.0504 1540	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:48.0504 1540	MSPCLOCK - ok
19:51:48.0504 1540	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:51:48.0504 1540	MSPQM - ok
19:51:48.0551 1540	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:51:48.0551 1540	MsRPC - ok
19:51:48.0551 1540	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:51:48.0551 1540	mssmbios - ok
19:51:48.0567 1540	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:51:48.0567 1540	MSTEE - ok
19:51:48.0582 1540	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:51:48.0582 1540	MTConfig - ok
19:51:48.0582 1540	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:51:48.0582 1540	Mup - ok
19:51:48.0598 1540	mwlPSDFilter    (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:51:48.0598 1540	mwlPSDFilter - ok
19:51:48.0598 1540	mwlPSDNServ     (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:51:48.0598 1540	mwlPSDNServ - ok
19:51:48.0598 1540	mwlPSDVDisk     (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:51:48.0613 1540	mwlPSDVDisk - ok
19:51:48.0660 1540	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:51:48.0691 1540	napagent - ok
19:51:48.0754 1540	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:51:48.0769 1540	NativeWifiP - ok
19:51:48.0816 1540	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:51:48.0847 1540	NDIS - ok
19:51:48.0879 1540	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:48.0879 1540	NdisCap - ok
19:51:48.0879 1540	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:48.0879 1540	NdisTapi - ok
19:51:48.0894 1540	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:48.0894 1540	Ndisuio - ok
19:51:48.0910 1540	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:48.0910 1540	NdisWan - ok
19:51:48.0925 1540	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:51:48.0925 1540	NDProxy - ok
19:51:48.0941 1540	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:51:48.0941 1540	NetBIOS - ok
19:51:48.0972 1540	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:51:49.0003 1540	NetBT - ok
19:51:49.0019 1540	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:49.0019 1540	Netlogon - ok
19:51:49.0050 1540	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:51:49.0066 1540	Netman - ok
19:51:49.0097 1540	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:51:49.0113 1540	netprofm - ok
19:51:49.0175 1540	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:51:49.0175 1540	NetTcpPortSharing - ok
19:51:49.0206 1540	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:51:49.0206 1540	nfrd960 - ok
19:51:49.0253 1540	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:51:49.0269 1540	NlaSvc - ok
19:51:49.0284 1540	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:51:49.0284 1540	Npfs - ok
19:51:49.0284 1540	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:51:49.0284 1540	nsi - ok
19:51:49.0284 1540	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:51:49.0284 1540	nsiproxy - ok
19:51:49.0362 1540	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:51:49.0409 1540	Ntfs - ok
19:51:49.0471 1540	NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:51:49.0487 1540	NTI IScheduleSvc - ok
19:51:49.0565 1540	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:51:49.0581 1540	NTIDrvr - ok
19:51:49.0581 1540	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:51:49.0581 1540	Null - ok
19:51:49.0627 1540	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:51:49.0627 1540	nvraid - ok
19:51:49.0643 1540	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:51:49.0643 1540	nvstor - ok
19:51:49.0690 1540	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:51:49.0705 1540	nv_agp - ok
19:51:49.0705 1540	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:51:49.0721 1540	ohci1394 - ok
19:51:49.0783 1540	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:49.0799 1540	ose - ok
19:51:50.0080 1540	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:50.0189 1540	osppsvc - ok
19:51:50.0439 1540	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:50.0454 1540	p2pimsvc - ok
19:51:50.0485 1540	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:51:50.0517 1540	p2psvc - ok
19:51:50.0563 1540	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:51:50.0563 1540	Parport - ok
19:51:50.0595 1540	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:51:50.0595 1540	partmgr - ok
19:51:50.0626 1540	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:51:50.0641 1540	PcaSvc - ok
19:51:50.0657 1540	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:51:50.0657 1540	pci - ok
19:51:50.0673 1540	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:51:50.0673 1540	pciide - ok
19:51:50.0688 1540	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:51:50.0688 1540	pcmcia - ok
19:51:50.0704 1540	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:51:50.0704 1540	pcw - ok
19:51:50.0766 1540	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:51:50.0797 1540	PEAUTH - ok
19:51:50.0891 1540	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:51:50.0891 1540	PerfHost - ok
19:51:50.0969 1540	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:51:51.0031 1540	pla - ok
19:51:51.0063 1540	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:51:51.0078 1540	PlugPlay - ok
19:51:51.0094 1540	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:51:51.0109 1540	PNRPAutoReg - ok
19:51:51.0125 1540	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:51.0141 1540	PNRPsvc - ok
19:51:51.0187 1540	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:51:51.0203 1540	PolicyAgent - ok
19:51:51.0234 1540	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:51:51.0234 1540	Power - ok
19:51:51.0297 1540	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:51:51.0297 1540	PptpMiniport - ok
19:51:51.0328 1540	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:51:51.0328 1540	Processor - ok
19:51:51.0375 1540	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:51:51.0390 1540	ProfSvc - ok
19:51:51.0406 1540	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:51.0406 1540	ProtectedStorage - ok
19:51:51.0437 1540	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:51:51.0437 1540	Psched - ok
19:51:51.0515 1540	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:51:51.0577 1540	ql2300 - ok
19:51:51.0671 1540	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:51:51.0671 1540	ql40xx - ok
19:51:51.0702 1540	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:51:51.0718 1540	QWAVE - ok
19:51:51.0733 1540	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:51:51.0733 1540	QWAVEdrv - ok
19:51:51.0733 1540	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:51:51.0733 1540	RasAcd - ok
19:51:51.0765 1540	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:51.0765 1540	RasAgileVpn - ok
19:51:51.0780 1540	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:51:51.0780 1540	RasAuto - ok
19:51:51.0811 1540	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:51.0811 1540	Rasl2tp - ok
19:51:51.0843 1540	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:51:51.0858 1540	RasMan - ok
19:51:51.0889 1540	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:51.0889 1540	RasPppoe - ok
19:51:51.0889 1540	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:51:51.0889 1540	RasSstp - ok
19:51:51.0936 1540	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:51:51.0952 1540	rdbss - ok
19:51:51.0967 1540	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:51:51.0967 1540	rdpbus - ok
19:51:51.0983 1540	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:51.0983 1540	RDPCDD - ok
19:51:51.0999 1540	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:51:51.0999 1540	RDPENCDD - ok
19:51:51.0999 1540	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:51:52.0014 1540	RDPREFMP - ok
19:51:52.0045 1540	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:51:52.0045 1540	RDPWD - ok
19:51:52.0092 1540	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:51:52.0092 1540	rdyboost - ok
19:51:52.0123 1540	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:51:52.0123 1540	RemoteAccess - ok
19:51:52.0155 1540	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:51:52.0155 1540	RemoteRegistry - ok
19:51:52.0170 1540	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:51:52.0170 1540	RpcEptMapper - ok
19:51:52.0201 1540	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:51:52.0201 1540	RpcLocator - ok
19:51:52.0233 1540	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:51:52.0233 1540	RpcSs - ok
19:51:52.0311 1540	RSPCIESTOR      (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:51:52.0311 1540	RSPCIESTOR - ok
19:51:52.0342 1540	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:51:52.0357 1540	rspndr - ok
19:51:52.0373 1540	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:52.0373 1540	SamSs - ok
19:51:52.0389 1540	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:51:52.0389 1540	sbp2port - ok
19:51:52.0435 1540	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:51:52.0435 1540	SCardSvr - ok
19:51:52.0451 1540	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:51:52.0467 1540	scfilter - ok
19:51:52.0513 1540	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:51:52.0545 1540	Schedule - ok
19:51:52.0560 1540	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:51:52.0560 1540	SCPolicySvc - ok
19:51:52.0591 1540	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:51:52.0591 1540	SDRSVC - ok
19:51:52.0654 1540	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:51:52.0654 1540	secdrv - ok
19:51:52.0669 1540	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:51:52.0669 1540	seclogon - ok
19:51:52.0685 1540	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:51:52.0685 1540	SENS - ok
19:51:52.0716 1540	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:51:52.0716 1540	SensrSvc - ok
19:51:52.0747 1540	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:51:52.0747 1540	Serenum - ok
19:51:52.0794 1540	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:51:52.0810 1540	Serial - ok
19:51:52.0810 1540	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:51:52.0825 1540	sermouse - ok
19:51:52.0857 1540	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:51:52.0857 1540	SessionEnv - ok
19:51:52.0872 1540	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:51:52.0872 1540	sffdisk - ok
19:51:52.0872 1540	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:51:52.0888 1540	sffp_mmc - ok
19:51:52.0888 1540	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:51:52.0888 1540	sffp_sd - ok
19:51:52.0888 1540	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:51:52.0888 1540	sfloppy - ok
19:51:52.0950 1540	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:51:52.0966 1540	SharedAccess - ok
19:51:52.0997 1540	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:51:53.0013 1540	ShellHWDetection - ok
19:51:53.0044 1540	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:51:53.0044 1540	SiSRaid2 - ok
19:51:53.0075 1540	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:51:53.0075 1540	SiSRaid4 - ok
19:51:53.0106 1540	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:51:53.0122 1540	Smb - ok
19:51:53.0153 1540	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:51:53.0153 1540	SNMPTRAP - ok
19:51:53.0169 1540	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:51:53.0169 1540	spldr - ok
19:51:53.0200 1540	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:51:53.0215 1540	Spooler - ok
19:51:53.0356 1540	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:51:53.0434 1540	sppsvc - ok
19:51:53.0527 1540	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:51:53.0527 1540	sppuinotify - ok
19:51:53.0574 1540	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:51:53.0574 1540	srv - ok
19:51:53.0605 1540	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:51:53.0621 1540	srv2 - ok
19:51:53.0637 1540	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:51:53.0637 1540	srvnet - ok
19:51:53.0668 1540	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:51:53.0683 1540	SSDPSRV - ok
19:51:53.0699 1540	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:51:53.0699 1540	SstpSvc - ok
19:51:53.0715 1540	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:51:53.0715 1540	stexstor - ok
19:51:53.0777 1540	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:51:53.0793 1540	stisvc - ok
19:51:53.0824 1540	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:51:53.0824 1540	swenum - ok
19:51:53.0871 1540	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:51:53.0886 1540	swprv - ok
19:51:53.0980 1540	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:51:54.0027 1540	SynTP - ok
19:51:54.0198 1540	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:51:54.0261 1540	SysMain - ok
19:51:54.0323 1540	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:51:54.0323 1540	TabletInputService - ok
19:51:54.0354 1540	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:51:54.0370 1540	TapiSrv - ok
19:51:54.0385 1540	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:51:54.0385 1540	TBS - ok
19:51:54.0510 1540	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:51:54.0557 1540	Tcpip - ok
19:51:54.0729 1540	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:51:54.0744 1540	TCPIP6 - ok
19:51:54.0807 1540	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:51:54.0807 1540	tcpipreg - ok
19:51:54.0838 1540	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:51:54.0838 1540	TDPIPE - ok
19:51:54.0869 1540	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:51:54.0869 1540	TDTCP - ok
19:51:54.0885 1540	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:51:54.0916 1540	tdx - ok
19:51:54.0916 1540	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:51:54.0916 1540	TermDD - ok
19:51:54.0963 1540	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:51:54.0994 1540	TermService - ok
19:51:54.0994 1540	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:51:55.0009 1540	Themes - ok
19:51:55.0025 1540	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:55.0025 1540	THREADORDER - ok
19:51:55.0041 1540	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:51:55.0041 1540	TrkWks - ok
19:51:55.0087 1540	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:51:55.0087 1540	TrustedInstaller - ok
19:51:55.0103 1540	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:55.0103 1540	tssecsrv - ok
19:51:55.0134 1540	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:51:55.0134 1540	TsUsbFlt - ok
19:51:55.0150 1540	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:51:55.0150 1540	TsUsbGD - ok
19:51:55.0181 1540	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:51:55.0181 1540	tunnel - ok
19:51:55.0197 1540	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:51:55.0197 1540	uagp35 - ok
19:51:55.0197 1540	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:51:55.0197 1540	UBHelper - ok
19:51:55.0228 1540	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:51:55.0243 1540	udfs - ok
19:51:55.0259 1540	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:51:55.0275 1540	UI0Detect - ok
19:51:55.0306 1540	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:51:55.0306 1540	uliagpkx - ok
19:51:55.0337 1540	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:51:55.0337 1540	umbus - ok
19:51:55.0337 1540	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:51:55.0337 1540	UmPass - ok
19:51:55.0493 1540	UNS             (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:51:55.0571 1540	UNS - ok
19:51:55.0680 1540	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:51:55.0696 1540	upnphost - ok
19:51:55.0743 1540	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:51:55.0743 1540	USBAAPL64 - ok
19:51:55.0774 1540	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:55.0774 1540	usbccgp - ok
19:51:55.0805 1540	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:51:55.0805 1540	usbcir - ok
19:51:55.0821 1540	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:51:55.0821 1540	usbehci - ok
19:51:55.0852 1540	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:51:55.0867 1540	usbhub - ok
19:51:55.0883 1540	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:51:55.0883 1540	usbohci - ok
19:51:55.0899 1540	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:51:55.0899 1540	usbprint - ok
19:51:55.0914 1540	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:55.0914 1540	USBSTOR - ok
19:51:55.0945 1540	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:51:55.0945 1540	usbuhci - ok
19:51:55.0977 1540	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:51:55.0977 1540	usbvideo - ok
19:51:56.0008 1540	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:51:56.0008 1540	UxSms - ok
19:51:56.0039 1540	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:56.0039 1540	VaultSvc - ok
19:51:56.0055 1540	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:51:56.0055 1540	vdrvroot - ok
19:51:56.0086 1540	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:51:56.0101 1540	vds - ok
19:51:56.0133 1540	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:56.0133 1540	vga - ok
19:51:56.0133 1540	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:51:56.0148 1540	VgaSave - ok
19:51:56.0164 1540	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:51:56.0179 1540	vhdmp - ok
19:51:56.0179 1540	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:51:56.0195 1540	viaide - ok
19:51:56.0195 1540	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:51:56.0195 1540	volmgr - ok
19:51:56.0242 1540	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:51:56.0257 1540	volmgrx - ok
19:51:56.0273 1540	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:51:56.0289 1540	volsnap - ok
19:51:56.0320 1540	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:51:56.0320 1540	vsmraid - ok
19:51:56.0413 1540	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:51:56.0445 1540	VSS - ok
19:51:56.0523 1540	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:56.0523 1540	vwifibus - ok
19:51:56.0538 1540	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:56.0538 1540	vwififlt - ok
19:51:56.0585 1540	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:51:56.0601 1540	W32Time - ok
19:51:56.0616 1540	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:51:56.0616 1540	WacomPen - ok
19:51:56.0647 1540	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:56.0647 1540	WANARP - ok
19:51:56.0647 1540	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:56.0647 1540	Wanarpv6 - ok
19:51:56.0725 1540	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:51:56.0757 1540	wbengine - ok
19:51:56.0850 1540	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:51:56.0850 1540	WbioSrvc - ok
19:51:56.0881 1540	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:51:56.0881 1540	wcncsvc - ok
19:51:56.0913 1540	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:51:56.0913 1540	WcsPlugInService - ok
19:51:56.0944 1540	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:51:56.0944 1540	Wd - ok
19:51:56.0991 1540	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:51:57.0006 1540	Wdf01000 - ok
19:51:57.0037 1540	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:57.0037 1540	WdiServiceHost - ok
19:51:57.0037 1540	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:57.0037 1540	WdiSystemHost - ok
19:51:57.0069 1540	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:51:57.0069 1540	WebClient - ok
19:51:57.0100 1540	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:51:57.0100 1540	Wecsvc - ok
19:51:57.0115 1540	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:51:57.0115 1540	wercplsupport - ok
19:51:57.0147 1540	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:51:57.0147 1540	WerSvc - ok
19:51:57.0193 1540	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:57.0193 1540	WfpLwf - ok
19:51:57.0209 1540	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:51:57.0209 1540	WIMMount - ok
19:51:57.0240 1540	WinDefend - ok
19:51:57.0240 1540	WinHttpAutoProxySvc - ok
19:51:57.0318 1540	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:51:57.0318 1540	Winmgmt - ok
19:51:57.0412 1540	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:51:57.0474 1540	WinRM - ok
19:51:57.0599 1540	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:51:57.0630 1540	Wlansvc - ok
19:51:57.0802 1540	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:57.0849 1540	wlidsvc - ok
19:51:57.0958 1540	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:51:57.0958 1540	WmiAcpi - ok
19:51:58.0036 1540	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:51:58.0036 1540	wmiApSrv - ok
19:51:58.0098 1540	WMPNetworkSvc - ok
19:51:58.0129 1540	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:51:58.0145 1540	WPCSvc - ok
19:51:58.0145 1540	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:51:58.0161 1540	WPDBusEnum - ok
19:51:58.0176 1540	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:51:58.0176 1540	ws2ifsl - ok
19:51:58.0192 1540	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:51:58.0192 1540	wscsvc - ok
19:51:58.0192 1540	WSearch - ok
19:51:58.0317 1540	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:51:58.0363 1540	wuauserv - ok
19:51:58.0457 1540	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:51:58.0473 1540	WudfPf - ok
19:51:58.0488 1540	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:58.0488 1540	WUDFRd - ok
19:51:58.0519 1540	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:51:58.0519 1540	wudfsvc - ok
19:51:58.0535 1540	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:51:58.0535 1540	WwanSvc - ok
19:51:58.0582 1540	MBR (0x1B8)     (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:51:58.0613 1540	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:51:58.0613 1540	\Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:51:58.0629 1540	MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:52:05.0118 1540	\Device\Harddisk1\DR1 - ok
19:52:05.0181 1540	Boot (0x1200)   (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:52:05.0181 1540	\Device\Harddisk0\DR0\Partition0 - ok
19:52:05.0196 1540	Boot (0x1200)   (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:52:05.0196 1540	\Device\Harddisk0\DR0\Partition1 - ok
19:52:05.0212 1540	Boot (0x1200)   (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:52:05.0212 1540	\Device\Harddisk0\DR0\Partition2 - ok
19:52:05.0227 1540	Boot (0x1200)   (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:52:05.0227 1540	\Device\Harddisk1\DR1\Partition0 - ok
19:52:05.0227 1540	============================================================
19:52:05.0227 1540	Scan finished
19:52:05.0227 1540	============================================================
19:52:05.0227 1288	Detected object count: 1
19:52:05.0227 1288	Actual detected object count: 1
19:52:17.0551 1288	\Device\Harddisk0\DR0\# - copied to quarantine
19:52:17.0551 1288	\Device\Harddisk0\DR0 - copied to quarantine
19:52:17.0770 1288	\Device\Harddisk0\DR0 - processing error
19:52:22.0949 1288	\Device\Harddisk0\DR0 - will be restored on reboot
19:52:23.0027 1288	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore 
19:52:26.0833 2044	Deinitialize success
         
Davon gleich noch einer...

Alt 05.07.2012, 18:12   #5
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Und hier davon der vorerst Letzte - hier schien das fiese Viech zumindest schon verschwunden...zumindest gab es auch keine Meldung mehr über schlimme Dinge. Das wird aber wohl nicht allzu heißen denke ich mal...

TDSS-log #4
Code:
ATTFilter
19:54:23.0402 1856	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
19:54:23.0683 1856	============================================================
19:54:23.0683 1856	Current date / time: 2012/07/04 19:54:23.0683
19:54:23.0683 1856	SystemInfo:
19:54:23.0683 1856	
19:54:23.0683 1856	OS Version: 6.1.7601 ServicePack: 1.0
19:54:23.0683 1856	Product type: Workstation
19:54:23.0683 1856	ComputerName: Sternekoch-PC
19:54:23.0683 1856	UserName: Sternekoch
19:54:23.0683 1856	Windows directory: C:\Windows
19:54:23.0683 1856	System windows directory: C:\Windows
19:54:23.0683 1856	Running under WOW64
19:54:23.0683 1856	Processor architecture: Intel x64
19:54:23.0683 1856	Number of processors: 4
19:54:23.0683 1856	Page size: 0x1000
19:54:23.0683 1856	Boot type: Safe boot with network
19:54:23.0683 1856	============================================================
19:54:24.0572 1856	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:24.0588 1856	Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:54:24.0588 1856	============================================================
19:54:24.0588 1856	\Device\Harddisk0\DR0:
19:54:24.0588 1856	MBR partitions:
19:54:24.0588 1856	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:54:24.0588 1856	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:54:24.0604 1856	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:54:24.0604 1856	\Device\Harddisk1\DR1:
19:54:24.0604 1856	MBR partitions:
19:54:24.0604 1856	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:54:24.0604 1856	============================================================
19:54:24.0650 1856	C: <-> \Device\Harddisk0\DR0\Partition1
19:54:24.0682 1856	E: <-> \Device\Harddisk0\DR0\Partition2
19:54:24.0682 1856	============================================================
19:54:24.0682 1856	Initialize success
19:54:24.0682 1856	============================================================
19:54:28.0348 1900	============================================================
19:54:28.0348 1900	Scan started
19:54:28.0348 1900	Mode: Manual; 
19:54:28.0348 1900	============================================================
19:54:28.0972 1900	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:54:28.0972 1900	1394ohci - ok
19:54:29.0018 1900	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:54:29.0034 1900	ACPI - ok
19:54:29.0065 1900	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:54:29.0065 1900	AcpiPmi - ok
19:54:29.0206 1900	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:29.0206 1900	AdobeARMservice - ok
19:54:29.0362 1900	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:29.0362 1900	AdobeFlashPlayerUpdateSvc - ok
19:54:29.0424 1900	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:54:29.0455 1900	adp94xx - ok
19:54:29.0502 1900	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:54:29.0518 1900	adpahci - ok
19:54:29.0533 1900	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:54:29.0533 1900	adpu320 - ok
19:54:29.0549 1900	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:54:29.0549 1900	AeLookupSvc - ok
19:54:29.0627 1900	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:54:29.0627 1900	AFD - ok
19:54:29.0658 1900	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:54:29.0658 1900	agp440 - ok
19:54:29.0689 1900	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:54:29.0689 1900	ALG - ok
19:54:29.0720 1900	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:54:29.0720 1900	aliide - ok
19:54:29.0720 1900	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:54:29.0720 1900	amdide - ok
19:54:29.0720 1900	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:54:29.0720 1900	AmdK8 - ok
19:54:29.0736 1900	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:54:29.0736 1900	AmdPPM - ok
19:54:29.0767 1900	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:54:29.0767 1900	amdsata - ok
19:54:29.0814 1900	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:54:29.0814 1900	amdsbs - ok
19:54:29.0845 1900	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:54:29.0845 1900	amdxata - ok
19:54:29.0954 1900	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:54:29.0954 1900	AntiVirSchedulerService - ok
19:54:29.0986 1900	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:54:29.0986 1900	AntiVirService - ok
19:54:30.0032 1900	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:54:30.0032 1900	AppID - ok
19:54:30.0064 1900	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:54:30.0064 1900	AppIDSvc - ok
19:54:30.0079 1900	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:54:30.0079 1900	Appinfo - ok
19:54:30.0157 1900	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:54:30.0173 1900	Apple Mobile Device - ok
19:54:30.0188 1900	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:54:30.0188 1900	arc - ok
19:54:30.0220 1900	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:54:30.0220 1900	arcsas - ok
19:54:30.0235 1900	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:30.0235 1900	AsyncMac - ok
19:54:30.0251 1900	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:54:30.0251 1900	atapi - ok
19:54:30.0376 1900	athr            (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:54:30.0438 1900	athr - ok
19:54:30.0563 1900	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:30.0594 1900	AudioEndpointBuilder - ok
19:54:30.0610 1900	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:30.0610 1900	AudioSrv - ok
19:54:30.0672 1900	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:54:30.0672 1900	avgntflt - ok
19:54:30.0688 1900	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:54:30.0688 1900	avipbb - ok
19:54:30.0719 1900	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:54:30.0719 1900	avkmgr - ok
19:54:30.0781 1900	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:54:30.0781 1900	AxInstSV - ok
19:54:30.0844 1900	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:54:30.0859 1900	b06bdrv - ok
19:54:30.0890 1900	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:30.0906 1900	b57nd60a - ok
19:54:30.0937 1900	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:54:30.0937 1900	BDESVC - ok
19:54:30.0968 1900	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:54:30.0968 1900	Beep - ok
19:54:31.0046 1900	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:54:31.0078 1900	BFE - ok
19:54:31.0140 1900	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:54:31.0156 1900	BITS - ok
19:54:31.0218 1900	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:54:31.0218 1900	blbdrive - ok
19:54:31.0296 1900	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:54:31.0296 1900	Bonjour Service - ok
19:54:31.0327 1900	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:54:31.0327 1900	bowser - ok
19:54:31.0374 1900	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:54:31.0374 1900	BrFiltLo - ok
19:54:31.0374 1900	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:54:31.0374 1900	BrFiltUp - ok
19:54:31.0421 1900	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:54:31.0421 1900	Browser - ok
19:54:31.0452 1900	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:54:31.0452 1900	Brserid - ok
19:54:31.0468 1900	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:31.0468 1900	BrSerWdm - ok
19:54:31.0483 1900	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:31.0483 1900	BrUsbMdm - ok
19:54:31.0499 1900	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:31.0499 1900	BrUsbSer - ok
19:54:31.0530 1900	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:54:31.0530 1900	BTHMODEM - ok
19:54:31.0592 1900	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:54:31.0608 1900	BTHPORT - ok
19:54:31.0639 1900	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:54:31.0655 1900	bthserv - ok
19:54:31.0670 1900	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:54:31.0670 1900	BTHUSB - ok
19:54:31.0717 1900	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:54:31.0717 1900	cdfs - ok
19:54:31.0748 1900	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:54:31.0748 1900	cdrom - ok
19:54:31.0795 1900	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:31.0795 1900	CertPropSvc - ok
19:54:31.0826 1900	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:54:31.0826 1900	circlass - ok
19:54:31.0858 1900	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:54:31.0873 1900	CLFS - ok
19:54:31.0951 1900	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:31.0967 1900	clr_optimization_v2.0.50727_32 - ok
19:54:32.0029 1900	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:32.0029 1900	clr_optimization_v2.0.50727_64 - ok
19:54:32.0107 1900	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:32.0170 1900	clr_optimization_v4.0.30319_32 - ok
19:54:32.0185 1900	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:32.0201 1900	clr_optimization_v4.0.30319_64 - ok
19:54:32.0232 1900	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:54:32.0232 1900	CmBatt - ok
19:54:32.0248 1900	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:54:32.0248 1900	cmdide - ok
19:54:32.0294 1900	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:54:32.0310 1900	CNG - ok
19:54:32.0357 1900	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:54:32.0357 1900	Compbatt - ok
19:54:32.0388 1900	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:54:32.0404 1900	CompositeBus - ok
19:54:32.0404 1900	COMSysApp - ok
19:54:32.0419 1900	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:54:32.0419 1900	crcdisk - ok
19:54:32.0466 1900	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:54:32.0466 1900	CryptSvc - ok
19:54:32.0528 1900	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:32.0544 1900	DcomLaunch - ok
19:54:32.0591 1900	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:54:32.0606 1900	defragsvc - ok
19:54:32.0638 1900	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:54:32.0638 1900	DfsC - ok
19:54:32.0669 1900	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:54:32.0669 1900	Dhcp - ok
19:54:32.0700 1900	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:54:32.0700 1900	discache - ok
19:54:32.0731 1900	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:54:32.0731 1900	Disk - ok
19:54:32.0762 1900	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:54:32.0762 1900	Dnscache - ok
19:54:32.0794 1900	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:54:32.0794 1900	dot3svc - ok
19:54:32.0825 1900	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:54:32.0825 1900	DPS - ok
19:54:32.0872 1900	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:54:32.0872 1900	drmkaud - ok
19:54:32.0965 1900	DsiWMIService   (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:54:32.0965 1900	DsiWMIService - ok
19:54:33.0043 1900	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:54:33.0043 1900	DXGKrnl - ok
19:54:33.0090 1900	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:54:33.0090 1900	EapHost - ok
19:54:33.0230 1900	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:54:33.0308 1900	ebdrv - ok
19:54:33.0402 1900	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:54:33.0402 1900	EFS - ok
19:54:33.0496 1900	EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:54:33.0496 1900	EgisTec Ticket Service - ok
19:54:33.0574 1900	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:54:33.0605 1900	ehRecvr - ok
19:54:33.0652 1900	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:54:33.0652 1900	ehSched - ok
19:54:33.0730 1900	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:54:33.0761 1900	elxstor - ok
19:54:33.0870 1900	ePowerSvc       (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:54:33.0870 1900	ePowerSvc - ok
19:54:33.0948 1900	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:54:33.0948 1900	EpsonBidirectionalService - ok
19:54:34.0026 1900	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:54:34.0026 1900	ErrDev - ok
19:54:34.0073 1900	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:54:34.0088 1900	EventSystem - ok
19:54:34.0135 1900	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:54:34.0135 1900	exfat - ok
19:54:34.0151 1900	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:54:34.0166 1900	fastfat - ok
19:54:34.0229 1900	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:54:34.0244 1900	Fax - ok
19:54:34.0260 1900	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:54:34.0260 1900	fdc - ok
19:54:34.0291 1900	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:54:34.0291 1900	fdPHost - ok
19:54:34.0291 1900	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:54:34.0291 1900	FDResPub - ok
19:54:34.0322 1900	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:54:34.0322 1900	FileInfo - ok
19:54:34.0338 1900	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:54:34.0338 1900	Filetrace - ok
19:54:34.0432 1900	FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:54:34.0478 1900	FLEXnet Licensing Service - ok
19:54:34.0510 1900	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:54:34.0510 1900	flpydisk - ok
19:54:34.0556 1900	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:54:34.0572 1900	FltMgr - ok
19:54:34.0619 1900	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:54:34.0666 1900	FontCache - ok
19:54:34.0728 1900	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:34.0728 1900	FontCache3.0.0.0 - ok
19:54:34.0775 1900	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:54:34.0775 1900	FsDepends - ok
19:54:34.0790 1900	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:54:34.0790 1900	Fs_Rec - ok
19:54:34.0822 1900	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:54:34.0837 1900	fvevol - ok
19:54:34.0868 1900	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:54:34.0868 1900	gagp30kx - ok
19:54:34.0900 1900	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:54:34.0900 1900	GEARAspiWDM - ok
19:54:34.0946 1900	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:54:34.0993 1900	gpsvc - ok
19:54:35.0009 1900	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:54:35.0009 1900	hcw85cir - ok
19:54:35.0056 1900	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:54:35.0071 1900	HdAudAddService - ok
19:54:35.0102 1900	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:54:35.0102 1900	HDAudBus - ok
19:54:35.0118 1900	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:54:35.0118 1900	HidBatt - ok
19:54:35.0134 1900	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:54:35.0134 1900	HidBth - ok
19:54:35.0149 1900	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:54:35.0149 1900	HidIr - ok
19:54:35.0243 1900	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:54:35.0243 1900	hidserv - ok
19:54:35.0290 1900	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:54:35.0290 1900	HidUsb - ok
19:54:35.0321 1900	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:54:35.0321 1900	hkmsvc - ok
19:54:35.0352 1900	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:54:35.0368 1900	HomeGroupListener - ok
19:54:35.0399 1900	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:54:35.0399 1900	HomeGroupProvider - ok
19:54:35.0414 1900	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:54:35.0430 1900	HpSAMD - ok
19:54:35.0477 1900	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:54:35.0492 1900	HTTP - ok
19:54:35.0492 1900	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:54:35.0492 1900	hwpolicy - ok
19:54:35.0508 1900	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:54:35.0508 1900	i8042prt - ok
19:54:35.0586 1900	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:54:35.0586 1900	iaStor - ok
19:54:35.0633 1900	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:54:35.0648 1900	iaStorV - ok
19:54:35.0742 1900	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:54:35.0789 1900	idsvc - ok
19:54:36.0319 1900	igfx            (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:54:36.0538 1900	igfx - ok
19:54:36.0631 1900	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:54:36.0631 1900	iirsp - ok
19:54:36.0678 1900	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:54:36.0709 1900	IKEEXT - ok
19:54:36.0850 1900	IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:54:36.0912 1900	IntcAzAudAddService - ok
19:54:37.0037 1900	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:54:37.0037 1900	IntcDAud - ok
19:54:37.0068 1900	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:54:37.0068 1900	intelide - ok
19:54:37.0099 1900	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:54:37.0099 1900	intelppm - ok
19:54:37.0130 1900	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:54:37.0130 1900	IPBusEnum - ok
19:54:37.0146 1900	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:54:37.0146 1900	IpFilterDriver - ok
19:54:37.0177 1900	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:54:37.0208 1900	iphlpsvc - ok
19:54:37.0224 1900	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:54:37.0224 1900	IPMIDRV - ok
19:54:37.0286 1900	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:54:37.0286 1900	IPNAT - ok
19:54:37.0427 1900	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:54:37.0442 1900	iPod Service - ok
19:54:37.0474 1900	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:54:37.0474 1900	IRENUM - ok
19:54:37.0489 1900	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:54:37.0489 1900	isapnp - ok
19:54:37.0520 1900	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:54:37.0536 1900	iScsiPrt - ok
19:54:37.0552 1900	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:54:37.0552 1900	kbdclass - ok
19:54:37.0567 1900	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:54:37.0567 1900	kbdhid - ok
19:54:37.0598 1900	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:37.0598 1900	KeyIso - ok
19:54:37.0614 1900	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:54:37.0614 1900	KSecDD - ok
19:54:37.0630 1900	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:54:37.0630 1900	KSecPkg - ok
19:54:37.0645 1900	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:54:37.0645 1900	ksthunk - ok
19:54:37.0676 1900	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:54:37.0692 1900	KtmRm - ok
19:54:37.0739 1900	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:54:37.0739 1900	L1C - ok
19:54:37.0786 1900	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:54:37.0786 1900	LanmanServer - ok
19:54:37.0817 1900	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:54:37.0817 1900	LanmanWorkstation - ok
19:54:37.0895 1900	Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:54:37.0895 1900	Live Updater Service - ok
19:54:37.0910 1900	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:54:37.0910 1900	lltdio - ok
19:54:37.0957 1900	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:54:37.0973 1900	lltdsvc - ok
19:54:37.0988 1900	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:54:37.0988 1900	lmhosts - ok
19:54:38.0066 1900	LMS             (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:54:38.0082 1900	LMS - ok
19:54:38.0113 1900	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:54:38.0113 1900	LSI_FC - ok
19:54:38.0144 1900	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:54:38.0144 1900	LSI_SAS - ok
19:54:38.0144 1900	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:54:38.0144 1900	LSI_SAS2 - ok
19:54:38.0160 1900	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:54:38.0160 1900	LSI_SCSI - ok
19:54:38.0191 1900	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:54:38.0191 1900	luafv - ok
19:54:38.0222 1900	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:54:38.0222 1900	Mcx2Svc - ok
19:54:38.0238 1900	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:54:38.0238 1900	megasas - ok
19:54:38.0269 1900	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:54:38.0285 1900	MegaSR - ok
19:54:38.0332 1900	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:54:38.0332 1900	MEIx64 - ok
19:54:38.0378 1900	Microsoft SharePoint Workspace Audit Service - ok
19:54:38.0410 1900	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:38.0410 1900	MMCSS - ok
19:54:38.0425 1900	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:54:38.0425 1900	Modem - ok
19:54:38.0472 1900	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:54:38.0472 1900	monitor - ok
19:54:38.0488 1900	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:54:38.0488 1900	mouclass - ok
19:54:38.0503 1900	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:54:38.0503 1900	mouhid - ok
19:54:38.0566 1900	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:54:38.0566 1900	mountmgr - ok
19:54:38.0815 1900	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:54:38.0815 1900	mpio - ok
19:54:38.0831 1900	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:54:38.0831 1900	mpsdrv - ok
19:54:38.0893 1900	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:54:38.0924 1900	MpsSvc - ok
19:54:38.0940 1900	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:54:38.0940 1900	MRxDAV - ok
19:54:38.0971 1900	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:54:38.0971 1900	mrxsmb - ok
19:54:39.0018 1900	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:54:39.0018 1900	mrxsmb10 - ok
19:54:39.0034 1900	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:54:39.0034 1900	mrxsmb20 - ok
19:54:39.0065 1900	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:54:39.0065 1900	msahci - ok
19:54:39.0065 1900	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:54:39.0065 1900	msdsm - ok
19:54:39.0096 1900	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:54:39.0112 1900	MSDTC - ok
19:54:39.0112 1900	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:54:39.0127 1900	Msfs - ok
19:54:39.0127 1900	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:54:39.0127 1900	mshidkmdf - ok
19:54:39.0127 1900	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:54:39.0127 1900	msisadrv - ok
19:54:39.0174 1900	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:54:39.0174 1900	MSiSCSI - ok
19:54:39.0174 1900	msiserver - ok
19:54:39.0205 1900	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:54:39.0205 1900	MSKSSRV - ok
19:54:39.0205 1900	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:54:39.0205 1900	MSPCLOCK - ok
19:54:39.0205 1900	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:54:39.0221 1900	MSPQM - ok
19:54:39.0236 1900	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:54:39.0252 1900	MsRPC - ok
19:54:39.0268 1900	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:54:39.0268 1900	mssmbios - ok
19:54:39.0268 1900	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:54:39.0268 1900	MSTEE - ok
19:54:39.0268 1900	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:54:39.0268 1900	MTConfig - ok
19:54:39.0268 1900	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:54:39.0268 1900	Mup - ok
19:54:39.0283 1900	mwlPSDFilter    (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:54:39.0283 1900	mwlPSDFilter - ok
19:54:39.0283 1900	mwlPSDNServ     (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:54:39.0283 1900	mwlPSDNServ - ok
19:54:39.0283 1900	mwlPSDVDisk     (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:54:39.0283 1900	mwlPSDVDisk - ok
19:54:39.0330 1900	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:54:39.0346 1900	napagent - ok
19:54:39.0408 1900	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:54:39.0408 1900	NativeWifiP - ok
19:54:39.0486 1900	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:54:39.0517 1900	NDIS - ok
19:54:39.0533 1900	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:54:39.0533 1900	NdisCap - ok
19:54:39.0548 1900	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:54:39.0548 1900	NdisTapi - ok
19:54:39.0564 1900	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:54:39.0564 1900	Ndisuio - ok
19:54:39.0580 1900	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:54:39.0580 1900	NdisWan - ok
19:54:39.0611 1900	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:54:39.0611 1900	NDProxy - ok
19:54:39.0611 1900	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:54:39.0611 1900	NetBIOS - ok
19:54:39.0626 1900	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:54:39.0626 1900	NetBT - ok
19:54:39.0658 1900	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:39.0658 1900	Netlogon - ok
19:54:39.0704 1900	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:54:39.0720 1900	Netman - ok
19:54:39.0736 1900	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:54:39.0751 1900	netprofm - ok
19:54:39.0814 1900	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:54:39.0814 1900	NetTcpPortSharing - ok
19:54:39.0845 1900	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:54:39.0845 1900	nfrd960 - ok
19:54:39.0907 1900	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:54:39.0907 1900	NlaSvc - ok
19:54:39.0923 1900	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:54:39.0923 1900	Npfs - ok
19:54:39.0923 1900	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:54:39.0923 1900	nsi - ok
19:54:39.0938 1900	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:54:39.0938 1900	nsiproxy - ok
19:54:40.0001 1900	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:54:40.0032 1900	Ntfs - ok
19:54:40.0094 1900	NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:54:40.0110 1900	NTI IScheduleSvc - ok
19:54:40.0188 1900	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:54:40.0188 1900	NTIDrvr - ok
19:54:40.0204 1900	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:54:40.0204 1900	Null - ok
19:54:40.0250 1900	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:54:40.0250 1900	nvraid - ok
19:54:40.0250 1900	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:54:40.0250 1900	nvstor - ok
19:54:40.0282 1900	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:54:40.0282 1900	nv_agp - ok
19:54:40.0297 1900	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:54:40.0297 1900	ohci1394 - ok
19:54:40.0360 1900	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:54:40.0375 1900	ose - ok
19:54:40.0640 1900	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:54:40.0750 1900	osppsvc - ok
19:54:40.0874 1900	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:40.0874 1900	p2pimsvc - ok
19:54:40.0906 1900	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:54:40.0906 1900	p2psvc - ok
19:54:40.0952 1900	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:54:40.0952 1900	Parport - ok
19:54:40.0968 1900	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:54:40.0968 1900	partmgr - ok
19:54:40.0999 1900	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:54:40.0999 1900	PcaSvc - ok
19:54:41.0015 1900	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:54:41.0030 1900	pci - ok
19:54:41.0030 1900	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:54:41.0030 1900	pciide - ok
19:54:41.0062 1900	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:54:41.0062 1900	pcmcia - ok
19:54:41.0062 1900	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:54:41.0062 1900	pcw - ok
19:54:41.0124 1900	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:54:41.0124 1900	PEAUTH - ok
19:54:41.0186 1900	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:54:41.0186 1900	PerfHost - ok
19:54:41.0280 1900	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:54:41.0311 1900	pla - ok
19:54:41.0342 1900	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:54:41.0358 1900	PlugPlay - ok
19:54:41.0374 1900	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:54:41.0374 1900	PNRPAutoReg - ok
19:54:41.0405 1900	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:41.0420 1900	PNRPsvc - ok
19:54:41.0467 1900	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:54:41.0483 1900	PolicyAgent - ok
19:54:41.0514 1900	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:54:41.0514 1900	Power - ok
19:54:41.0592 1900	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:54:41.0592 1900	PptpMiniport - ok
19:54:41.0608 1900	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:54:41.0608 1900	Processor - ok
19:54:41.0654 1900	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:54:41.0670 1900	ProfSvc - ok
19:54:41.0701 1900	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:41.0701 1900	ProtectedStorage - ok
19:54:41.0748 1900	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:54:41.0748 1900	Psched - ok
19:54:41.0826 1900	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:54:41.0888 1900	ql2300 - ok
19:54:41.0966 1900	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:54:41.0966 1900	ql40xx - ok
19:54:42.0013 1900	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:54:42.0013 1900	QWAVE - ok
19:54:42.0029 1900	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:54:42.0029 1900	QWAVEdrv - ok
19:54:42.0029 1900	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:54:42.0029 1900	RasAcd - ok
19:54:42.0060 1900	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:54:42.0060 1900	RasAgileVpn - ok
19:54:42.0076 1900	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:54:42.0076 1900	RasAuto - ok
19:54:42.0107 1900	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:54:42.0107 1900	Rasl2tp - ok
19:54:42.0138 1900	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:54:42.0154 1900	RasMan - ok
19:54:42.0169 1900	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:54:42.0169 1900	RasPppoe - ok
19:54:42.0185 1900	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:54:42.0185 1900	RasSstp - ok
19:54:42.0216 1900	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:54:42.0216 1900	rdbss - ok
19:54:42.0232 1900	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:54:42.0232 1900	rdpbus - ok
19:54:42.0247 1900	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:54:42.0247 1900	RDPCDD - ok
19:54:42.0263 1900	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:54:42.0263 1900	RDPENCDD - ok
19:54:42.0278 1900	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:54:42.0278 1900	RDPREFMP - ok
19:54:42.0310 1900	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:54:42.0325 1900	RDPWD - ok
19:54:42.0341 1900	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:54:42.0341 1900	rdyboost - ok
19:54:42.0372 1900	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:54:42.0372 1900	RemoteAccess - ok
19:54:42.0403 1900	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:54:42.0403 1900	RemoteRegistry - ok
19:54:42.0434 1900	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:54:42.0434 1900	RpcEptMapper - ok
19:54:42.0450 1900	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:54:42.0466 1900	RpcLocator - ok
19:54:42.0497 1900	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:42.0497 1900	RpcSs - ok
19:54:42.0575 1900	RSPCIESTOR      (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:54:42.0575 1900	RSPCIESTOR - ok
19:54:42.0606 1900	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:54:42.0606 1900	rspndr - ok
19:54:42.0622 1900	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:42.0622 1900	SamSs - ok
19:54:42.0653 1900	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:54:42.0653 1900	sbp2port - ok
19:54:42.0684 1900	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:54:42.0700 1900	SCardSvr - ok
19:54:42.0715 1900	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:54:42.0715 1900	scfilter - ok
19:54:42.0778 1900	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:54:42.0824 1900	Schedule - ok
19:54:42.0856 1900	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:42.0856 1900	SCPolicySvc - ok
19:54:42.0871 1900	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:54:42.0887 1900	SDRSVC - ok
19:54:42.0949 1900	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:54:42.0949 1900	secdrv - ok
19:54:42.0965 1900	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:54:42.0965 1900	seclogon - ok
19:54:42.0996 1900	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:54:42.0996 1900	SENS - ok
19:54:43.0027 1900	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:54:43.0027 1900	SensrSvc - ok
19:54:43.0058 1900	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:54:43.0058 1900	Serenum - ok
19:54:43.0090 1900	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:54:43.0090 1900	Serial - ok
19:54:43.0105 1900	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:54:43.0105 1900	sermouse - ok
19:54:43.0152 1900	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:54:43.0152 1900	SessionEnv - ok
19:54:43.0152 1900	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:54:43.0152 1900	sffdisk - ok
19:54:43.0168 1900	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:54:43.0168 1900	sffp_mmc - ok
19:54:43.0168 1900	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:54:43.0168 1900	sffp_sd - ok
19:54:43.0183 1900	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:54:43.0183 1900	sfloppy - ok
19:54:43.0214 1900	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:54:43.0230 1900	SharedAccess - ok
19:54:43.0261 1900	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:54:43.0277 1900	ShellHWDetection - ok
19:54:43.0324 1900	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:54:43.0324 1900	SiSRaid2 - ok
19:54:43.0324 1900	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:54:43.0324 1900	SiSRaid4 - ok
19:54:43.0339 1900	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:54:43.0339 1900	Smb - ok
19:54:43.0417 1900	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:54:43.0417 1900	SNMPTRAP - ok
19:54:43.0433 1900	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:54:43.0433 1900	spldr - ok
19:54:43.0464 1900	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:54:43.0480 1900	Spooler - ok
19:54:43.0682 1900	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:54:43.0760 1900	sppsvc - ok
19:54:43.0854 1900	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:54:43.0854 1900	sppuinotify - ok
19:54:43.0901 1900	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:54:43.0901 1900	srv - ok
19:54:43.0932 1900	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:54:43.0932 1900	srv2 - ok
19:54:43.0948 1900	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:54:43.0948 1900	srvnet - ok
19:54:43.0979 1900	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:54:43.0994 1900	SSDPSRV - ok
19:54:43.0994 1900	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:54:44.0010 1900	SstpSvc - ok
19:54:44.0026 1900	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:54:44.0026 1900	stexstor - ok
19:54:44.0072 1900	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:54:44.0104 1900	stisvc - ok
19:54:44.0135 1900	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:54:44.0135 1900	swenum - ok
19:54:44.0150 1900	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:54:44.0182 1900	swprv - ok
19:54:44.0275 1900	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:54:44.0291 1900	SynTP - ok
19:54:44.0462 1900	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:54:44.0494 1900	SysMain - ok
19:54:44.0556 1900	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:54:44.0556 1900	TabletInputService - ok
19:54:44.0587 1900	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:54:44.0587 1900	TapiSrv - ok
19:54:44.0603 1900	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:54:44.0603 1900	TBS - ok
19:54:44.0712 1900	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:54:44.0759 1900	Tcpip - ok
19:54:44.0915 1900	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:54:44.0930 1900	TCPIP6 - ok
19:54:45.0008 1900	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:54:45.0008 1900	tcpipreg - ok
19:54:45.0040 1900	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:54:45.0040 1900	TDPIPE - ok
19:54:45.0071 1900	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:54:45.0071 1900	TDTCP - ok
19:54:45.0086 1900	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:54:45.0086 1900	tdx - ok
19:54:45.0102 1900	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:54:45.0102 1900	TermDD - ok
19:54:45.0164 1900	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:54:45.0180 1900	TermService - ok
19:54:45.0196 1900	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:54:45.0196 1900	Themes - ok
19:54:45.0227 1900	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:45.0227 1900	THREADORDER - ok
19:54:45.0242 1900	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:54:45.0242 1900	TrkWks - ok
19:54:45.0289 1900	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:54:45.0289 1900	TrustedInstaller - ok
19:54:45.0305 1900	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:54:45.0305 1900	tssecsrv - ok
19:54:45.0336 1900	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:54:45.0336 1900	TsUsbFlt - ok
19:54:45.0352 1900	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:54:45.0352 1900	TsUsbGD - ok
19:54:45.0383 1900	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:54:45.0383 1900	tunnel - ok
19:54:45.0398 1900	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:54:45.0398 1900	uagp35 - ok
19:54:45.0398 1900	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:54:45.0398 1900	UBHelper - ok
19:54:45.0430 1900	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:54:45.0445 1900	udfs - ok
19:54:45.0461 1900	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:54:45.0476 1900	UI0Detect - ok
19:54:45.0508 1900	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:54:45.0508 1900	uliagpkx - ok
19:54:45.0539 1900	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:54:45.0539 1900	umbus - ok
19:54:45.0554 1900	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:54:45.0554 1900	UmPass - ok
19:54:45.0710 1900	UNS             (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:54:45.0773 1900	UNS - ok
19:54:45.0882 1900	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:54:45.0882 1900	upnphost - ok
19:54:45.0929 1900	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:54:45.0929 1900	USBAAPL64 - ok
19:54:45.0960 1900	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:54:45.0960 1900	usbccgp - ok
19:54:45.0991 1900	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:54:45.0991 1900	usbcir - ok
19:54:46.0007 1900	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:54:46.0007 1900	usbehci - ok
19:54:46.0054 1900	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:54:46.0054 1900	usbhub - ok
19:54:46.0085 1900	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:54:46.0085 1900	usbohci - ok
19:54:46.0100 1900	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:54:46.0100 1900	usbprint - ok
19:54:46.0116 1900	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:54:46.0116 1900	USBSTOR - ok
19:54:46.0132 1900	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:54:46.0132 1900	usbuhci - ok
19:54:46.0147 1900	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:54:46.0147 1900	usbvideo - ok
19:54:46.0163 1900	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:54:46.0178 1900	UxSms - ok
19:54:46.0194 1900	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:46.0194 1900	VaultSvc - ok
19:54:46.0210 1900	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:54:46.0210 1900	vdrvroot - ok
19:54:46.0225 1900	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:54:46.0256 1900	vds - ok
19:54:46.0272 1900	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:54:46.0288 1900	vga - ok
19:54:46.0288 1900	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:54:46.0288 1900	VgaSave - ok
19:54:46.0303 1900	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:54:46.0303 1900	vhdmp - ok
19:54:46.0303 1900	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:54:46.0303 1900	viaide - ok
19:54:46.0319 1900	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:54:46.0319 1900	volmgr - ok
19:54:46.0366 1900	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:54:46.0381 1900	volmgrx - ok
19:54:46.0397 1900	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:54:46.0397 1900	volsnap - ok
19:54:46.0428 1900	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:54:46.0428 1900	vsmraid - ok
19:54:46.0522 1900	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:54:46.0584 1900	VSS - ok
19:54:46.0678 1900	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:54:46.0678 1900	vwifibus - ok
19:54:46.0709 1900	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:54:46.0709 1900	vwififlt - ok
19:54:46.0740 1900	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:54:46.0756 1900	W32Time - ok
19:54:46.0771 1900	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:54:46.0771 1900	WacomPen - ok
19:54:46.0802 1900	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0802 1900	WANARP - ok
19:54:46.0802 1900	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0802 1900	Wanarpv6 - ok
19:54:46.0880 1900	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:54:46.0912 1900	wbengine - ok
19:54:46.0990 1900	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:54:46.0990 1900	WbioSrvc - ok
19:54:47.0036 1900	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:54:47.0036 1900	wcncsvc - ok
19:54:47.0052 1900	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:54:47.0052 1900	WcsPlugInService - ok
19:54:47.0099 1900	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:54:47.0099 1900	Wd - ok
19:54:47.0146 1900	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:54:47.0177 1900	Wdf01000 - ok
19:54:47.0208 1900	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:47.0208 1900	WdiServiceHost - ok
19:54:47.0208 1900	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:47.0208 1900	WdiSystemHost - ok
19:54:47.0239 1900	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:54:47.0239 1900	WebClient - ok
19:54:47.0270 1900	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:54:47.0270 1900	Wecsvc - ok
19:54:47.0286 1900	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:54:47.0286 1900	wercplsupport - ok
19:54:47.0317 1900	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:54:47.0317 1900	WerSvc - ok
19:54:47.0364 1900	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:54:47.0364 1900	WfpLwf - ok
19:54:47.0380 1900	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:54:47.0380 1900	WIMMount - ok
19:54:47.0411 1900	WinDefend - ok
19:54:47.0411 1900	WinHttpAutoProxySvc - ok
19:54:47.0489 1900	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:54:47.0489 1900	Winmgmt - ok
19:54:47.0583 1900	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:54:47.0629 1900	WinRM - ok
19:54:47.0770 1900	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:54:47.0801 1900	Wlansvc - ok
19:54:47.0973 1900	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:54:48.0035 1900	wlidsvc - ok
19:54:48.0144 1900	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:54:48.0144 1900	WmiAcpi - ok
19:54:48.0207 1900	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:54:48.0222 1900	wmiApSrv - ok
19:54:48.0285 1900	WMPNetworkSvc - ok
19:54:48.0316 1900	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:54:48.0316 1900	WPCSvc - ok
19:54:48.0331 1900	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:54:48.0331 1900	WPDBusEnum - ok
19:54:48.0363 1900	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:54:48.0363 1900	ws2ifsl - ok
19:54:48.0378 1900	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:54:48.0378 1900	wscsvc - ok
19:54:48.0378 1900	WSearch - ok
19:54:48.0503 1900	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:54:48.0550 1900	wuauserv - ok
19:54:48.0643 1900	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:54:48.0643 1900	WudfPf - ok
19:54:48.0659 1900	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:54:48.0659 1900	WUDFRd - ok
19:54:48.0690 1900	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:54:48.0690 1900	wudfsvc - ok
19:54:48.0706 1900	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:54:48.0721 1900	WwanSvc - ok
19:54:48.0753 1900	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:54:48.0955 1900	\Device\Harddisk0\DR0 - ok
19:54:48.0955 1900	MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:54:55.0398 1900	\Device\Harddisk1\DR1 - ok
19:54:55.0414 1900	Boot (0x1200)   (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:54:55.0414 1900	\Device\Harddisk0\DR0\Partition0 - ok
19:54:55.0476 1900	Boot (0x1200)   (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:54:55.0476 1900	\Device\Harddisk0\DR0\Partition1 - ok
19:54:55.0507 1900	Boot (0x1200)   (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:54:55.0507 1900	\Device\Harddisk0\DR0\Partition2 - ok
19:54:55.0507 1900	Boot (0x1200)   (fc67aa68c489909a3bf015625b206d8a) \Device\Harddisk1\DR1\Partition0
19:54:55.0507 1900	\Device\Harddisk1\DR1\Partition0 - ok
19:54:55.0507 1900	============================================================
19:54:55.0507 1900	Scan finished
19:54:55.0507 1900	============================================================
19:54:55.0523 1892	Detected object count: 0
19:54:55.0523 1892	Actual detected object count: 0
19:54:59.0844 1852	Deinitialize success
         
TDSS-log #5
Code:
ATTFilter
21:51:42.0582 3332	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
21:51:42.0940 3332	============================================================
21:51:42.0940 3332	Current date / time: 2012/07/04 21:51:42.0940
21:51:42.0940 3332	SystemInfo:
21:51:42.0940 3332	
21:51:42.0940 3332	OS Version: 6.1.7601 ServicePack: 1.0
21:51:42.0940 3332	Product type: Workstation
21:51:42.0940 3332	ComputerName: Sternekoch-PC
21:51:42.0940 3332	UserName: Sternekoch
21:51:42.0940 3332	Windows directory: C:\Windows
21:51:42.0940 3332	System windows directory: C:\Windows
21:51:42.0940 3332	Running under WOW64
21:51:42.0940 3332	Processor architecture: Intel x64
21:51:42.0940 3332	Number of processors: 4
21:51:42.0940 3332	Page size: 0x1000
21:51:42.0940 3332	Boot type: Normal boot
21:51:42.0940 3332	============================================================
21:51:44.0750 3332	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:44.0766 3332	Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:51:44.0766 3332	============================================================
21:51:44.0766 3332	\Device\Harddisk0\DR0:
21:51:44.0766 3332	MBR partitions:
21:51:44.0766 3332	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
21:51:44.0766 3332	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
21:51:44.0781 3332	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
21:51:44.0781 3332	\Device\Harddisk1\DR1:
21:51:44.0781 3332	MBR partitions:
21:51:44.0781 3332	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
21:51:44.0781 3332	============================================================
21:51:44.0890 3332	C: <-> \Device\Harddisk0\DR0\Partition1
21:51:44.0906 3332	E: <-> \Device\Harddisk0\DR0\Partition2
21:51:44.0906 3332	============================================================
21:51:44.0906 3332	Initialize success
21:51:44.0906 3332	============================================================
21:51:52.0815 4312	============================================================
21:51:52.0815 4312	Scan started
21:51:52.0815 4312	Mode: Manual; 
21:51:52.0815 4312	============================================================
21:51:54.0110 4312	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:51:54.0126 4312	1394ohci - ok
21:51:54.0172 4312	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:51:54.0188 4312	ACPI - ok
21:51:54.0219 4312	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:51:54.0219 4312	AcpiPmi - ok
21:51:54.0422 4312	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:51:54.0438 4312	AdobeARMservice - ok
21:51:55.0202 4312	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:51:55.0218 4312	AdobeFlashPlayerUpdateSvc - ok
21:51:55.0280 4312	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:51:55.0311 4312	adp94xx - ok
21:51:55.0405 4312	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:51:55.0436 4312	adpahci - ok
21:51:55.0483 4312	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:51:55.0483 4312	adpu320 - ok
21:51:55.0514 4312	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:51:55.0530 4312	AeLookupSvc - ok
21:51:55.0873 4312	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:51:55.0920 4312	AFD - ok
21:51:55.0951 4312	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:51:55.0966 4312	agp440 - ok
21:51:55.0998 4312	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:51:55.0998 4312	ALG - ok
21:51:56.0013 4312	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:51:56.0029 4312	aliide - ok
21:51:56.0029 4312	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:51:56.0044 4312	amdide - ok
21:51:56.0044 4312	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:51:56.0060 4312	AmdK8 - ok
21:51:56.0060 4312	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:51:56.0076 4312	AmdPPM - ok
21:51:56.0107 4312	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:51:56.0122 4312	amdsata - ok
21:51:56.0138 4312	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:51:56.0169 4312	amdsbs - ok
21:51:56.0185 4312	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:51:56.0200 4312	amdxata - ok
21:51:56.0450 4312	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:51:56.0450 4312	AntiVirSchedulerService - ok
21:51:56.0466 4312	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:51:56.0481 4312	AntiVirService - ok
21:51:56.0544 4312	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:51:56.0544 4312	AppID - ok
21:51:56.0622 4312	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:51:56.0622 4312	AppIDSvc - ok
21:51:56.0668 4312	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:51:56.0668 4312	Appinfo - ok
21:51:56.0793 4312	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:51:56.0809 4312	Apple Mobile Device - ok
21:51:56.0824 4312	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:51:56.0840 4312	arc - ok
21:51:56.0871 4312	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:51:56.0871 4312	arcsas - ok
21:51:56.0902 4312	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:51:56.0902 4312	AsyncMac - ok
21:51:56.0934 4312	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:51:56.0934 4312	atapi - ok
21:51:57.0277 4312	athr            (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
21:51:57.0355 4312	athr - ok
21:51:57.0714 4312	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:57.0870 4312	AudioEndpointBuilder - ok
21:51:57.0885 4312	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:57.0885 4312	AudioSrv - ok
21:51:57.0963 4312	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:51:57.0963 4312	avgntflt - ok
21:51:57.0994 4312	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:51:57.0994 4312	avipbb - ok
21:51:58.0026 4312	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:51:58.0026 4312	avkmgr - ok
21:51:58.0072 4312	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:51:58.0072 4312	AxInstSV - ok
21:51:58.0135 4312	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:51:58.0166 4312	b06bdrv - ok
21:51:58.0228 4312	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:51:58.0260 4312	b57nd60a - ok
21:51:58.0322 4312	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:51:58.0322 4312	BDESVC - ok
21:51:58.0338 4312	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:51:58.0338 4312	Beep - ok
21:51:58.0400 4312	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:51:58.0431 4312	BFE - ok
21:51:58.0494 4312	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:51:58.0572 4312	BITS - ok
21:51:58.0634 4312	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:51:58.0650 4312	blbdrive - ok
21:51:58.0743 4312	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:51:58.0743 4312	Bonjour Service - ok
21:51:58.0790 4312	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:51:58.0790 4312	bowser - ok
21:51:58.0837 4312	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:51:58.0837 4312	BrFiltLo - ok
21:51:58.0852 4312	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:51:58.0852 4312	BrFiltUp - ok
21:51:58.0884 4312	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:51:58.0899 4312	Browser - ok
21:51:58.0930 4312	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:51:58.0946 4312	Brserid - ok
21:51:58.0946 4312	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:51:58.0962 4312	BrSerWdm - ok
21:51:58.0962 4312	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:51:58.0962 4312	BrUsbMdm - ok
21:51:58.0962 4312	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:51:58.0962 4312	BrUsbSer - ok
21:51:58.0977 4312	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:51:58.0993 4312	BTHMODEM - ok
21:51:59.0071 4312	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:51:59.0086 4312	BTHPORT - ok
21:51:59.0149 4312	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:51:59.0149 4312	bthserv - ok
21:51:59.0180 4312	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:51:59.0196 4312	BTHUSB - ok
21:51:59.0274 4312	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:51:59.0274 4312	cdfs - ok
21:51:59.0320 4312	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:51:59.0320 4312	cdrom - ok
21:51:59.0383 4312	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:51:59.0383 4312	CertPropSvc - ok
21:51:59.0414 4312	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:51:59.0430 4312	circlass - ok
21:51:59.0461 4312	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:51:59.0508 4312	CLFS - ok
21:51:59.0570 4312	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:59.0586 4312	clr_optimization_v2.0.50727_32 - ok
21:51:59.0648 4312	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:51:59.0648 4312	clr_optimization_v2.0.50727_64 - ok
21:51:59.0742 4312	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:51:59.0820 4312	clr_optimization_v4.0.30319_32 - ok
21:51:59.0851 4312	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:51:59.0866 4312	clr_optimization_v4.0.30319_64 - ok
21:51:59.0913 4312	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:51:59.0913 4312	CmBatt - ok
21:51:59.0929 4312	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:51:59.0929 4312	cmdide - ok
21:52:00.0007 4312	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:52:00.0022 4312	CNG - ok
21:52:00.0085 4312	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:52:00.0085 4312	Compbatt - ok
21:52:00.0116 4312	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:52:00.0116 4312	CompositeBus - ok
21:52:00.0132 4312	COMSysApp - ok
21:52:00.0132 4312	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:52:00.0147 4312	crcdisk - ok
21:52:00.0194 4312	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:52:00.0334 4312	CryptSvc - ok
21:52:00.0444 4312	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:52:00.0475 4312	DcomLaunch - ok
21:52:00.0506 4312	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:52:00.0537 4312	defragsvc - ok
21:52:00.0568 4312	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:52:00.0568 4312	DfsC - ok
21:52:00.0615 4312	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:52:00.0631 4312	Dhcp - ok
21:52:00.0646 4312	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:52:00.0662 4312	discache - ok
21:52:00.0693 4312	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:52:00.0693 4312	Disk - ok
21:52:00.0740 4312	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:52:00.0756 4312	Dnscache - ok
21:52:00.0787 4312	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:52:00.0802 4312	dot3svc - ok
21:52:00.0834 4312	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:52:00.0834 4312	DPS - ok
21:52:00.0880 4312	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:52:00.0880 4312	drmkaud - ok
21:52:00.0990 4312	DsiWMIService   (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:52:00.0990 4312	DsiWMIService - ok
21:52:01.0068 4312	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:52:01.0068 4312	DXGKrnl - ok
21:52:01.0099 4312	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:52:01.0114 4312	EapHost - ok
21:52:01.0224 4312	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:52:01.0333 4312	ebdrv - ok
21:52:01.0442 4312	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:52:01.0442 4312	EFS - ok
21:52:01.0520 4312	EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
21:52:01.0520 4312	EgisTec Ticket Service - ok
21:52:01.0614 4312	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:52:01.0645 4312	ehRecvr - ok
21:52:01.0707 4312	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:52:01.0754 4312	ehSched - ok
21:52:01.0863 4312	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:52:01.0879 4312	elxstor - ok
21:52:02.0004 4312	ePowerSvc       (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:52:02.0050 4312	ePowerSvc - ok
21:52:02.0113 4312	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
21:52:02.0128 4312	EpsonBidirectionalService - ok
21:52:02.0222 4312	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:52:02.0222 4312	ErrDev - ok
21:52:02.0269 4312	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:52:02.0300 4312	EventSystem - ok
21:52:02.0331 4312	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:52:02.0331 4312	exfat - ok
21:52:02.0362 4312	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:52:02.0378 4312	fastfat - ok
21:52:02.0425 4312	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:52:02.0440 4312	Fax - ok
21:52:02.0456 4312	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:52:02.0472 4312	fdc - ok
21:52:02.0487 4312	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:52:02.0503 4312	fdPHost - ok
21:52:02.0503 4312	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:52:02.0503 4312	FDResPub - ok
21:52:02.0550 4312	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:52:02.0550 4312	FileInfo - ok
21:52:02.0565 4312	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:52:02.0565 4312	Filetrace - ok
21:52:02.0659 4312	FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:52:02.0706 4312	FLEXnet Licensing Service - ok
21:52:02.0737 4312	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:52:02.0737 4312	flpydisk - ok
21:52:02.0752 4312	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:52:02.0768 4312	FltMgr - ok
21:52:02.0830 4312	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:52:02.0908 4312	FontCache - ok
21:52:02.0986 4312	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:52:02.0986 4312	FontCache3.0.0.0 - ok
21:52:03.0033 4312	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:52:03.0049 4312	FsDepends - ok
21:52:03.0064 4312	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:52:03.0080 4312	Fs_Rec - ok
21:52:03.0220 4312	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:52:03.0252 4312	fvevol - ok
21:52:03.0283 4312	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:52:03.0283 4312	gagp30kx - ok
21:52:03.0314 4312	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:52:03.0330 4312	GEARAspiWDM - ok
21:52:03.0361 4312	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:52:03.0408 4312	gpsvc - ok
21:52:03.0454 4312	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:52:03.0454 4312	hcw85cir - ok
21:52:03.0501 4312	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:52:03.0517 4312	HdAudAddService - ok
21:52:03.0579 4312	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:52:03.0579 4312	HDAudBus - ok
21:52:03.0579 4312	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:52:03.0595 4312	HidBatt - ok
21:52:03.0610 4312	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:52:03.0610 4312	HidBth - ok
21:52:03.0657 4312	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:52:03.0657 4312	HidIr - ok
21:52:03.0720 4312	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:52:03.0720 4312	hidserv - ok
21:52:03.0751 4312	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:52:03.0766 4312	HidUsb - ok
21:52:03.0782 4312	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:52:03.0782 4312	hkmsvc - ok
21:52:03.0813 4312	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:52:03.0829 4312	HomeGroupListener - ok
21:52:03.0860 4312	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:52:03.0876 4312	HomeGroupProvider - ok
21:52:03.0907 4312	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:52:03.0907 4312	HpSAMD - ok
21:52:03.0969 4312	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:52:04.0032 4312	HTTP - ok
21:52:04.0063 4312	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:52:04.0078 4312	hwpolicy - ok
21:52:04.0078 4312	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:52:04.0110 4312	i8042prt - ok
21:52:04.0156 4312	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
21:52:04.0172 4312	iaStor - ok
21:52:04.0203 4312	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:52:04.0234 4312	iaStorV - ok
21:52:04.0344 4312	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:04.0500 4312	idsvc - ok
21:52:05.0186 4312	igfx            (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:52:05.0529 4312	igfx - ok
21:52:05.0638 4312	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:52:05.0654 4312	iirsp - ok
21:52:05.0732 4312	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:52:05.0810 4312	IKEEXT - ok
21:52:05.0982 4312	IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
21:52:06.0013 4312	IntcAzAudAddService - ok
21:52:06.0153 4312	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:52:06.0200 4312	IntcDAud - ok
21:52:06.0216 4312	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:52:06.0231 4312	intelide - ok
21:52:06.0262 4312	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:52:06.0262 4312	intelppm - ok
21:52:06.0309 4312	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:52:06.0325 4312	IPBusEnum - ok
21:52:06.0340 4312	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:06.0372 4312	IpFilterDriver - ok
21:52:06.0450 4312	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:52:06.0512 4312	iphlpsvc - ok
21:52:06.0528 4312	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:52:06.0528 4312	IPMIDRV - ok
21:52:06.0559 4312	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:52:06.0574 4312	IPNAT - ok
21:52:06.0715 4312	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
21:52:06.0793 4312	iPod Service - ok
21:52:06.0808 4312	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:52:06.0824 4312	IRENUM - ok
21:52:06.0840 4312	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:52:06.0855 4312	isapnp - ok
21:52:06.0871 4312	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:52:06.0902 4312	iScsiPrt - ok
21:52:06.0933 4312	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:06.0933 4312	kbdclass - ok
21:52:06.0949 4312	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:52:06.0949 4312	kbdhid - ok
21:52:06.0980 4312	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:06.0980 4312	KeyIso - ok
21:52:06.0996 4312	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:52:07.0011 4312	KSecDD - ok
21:52:07.0027 4312	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:52:07.0042 4312	KSecPkg - ok
21:52:07.0058 4312	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:52:07.0074 4312	ksthunk - ok
21:52:07.0120 4312	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:52:07.0152 4312	KtmRm - ok
21:52:07.0198 4312	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
21:52:07.0198 4312	L1C - ok
21:52:07.0245 4312	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:52:07.0276 4312	LanmanServer - ok
21:52:07.0308 4312	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:52:07.0339 4312	LanmanWorkstation - ok
21:52:07.0401 4312	Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:52:07.0417 4312	Live Updater Service - ok
21:52:07.0479 4312	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:52:07.0479 4312	lltdio - ok
21:52:07.0510 4312	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:52:07.0542 4312	lltdsvc - ok
21:52:07.0557 4312	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:52:07.0573 4312	lmhosts - ok
21:52:07.0635 4312	LMS             (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:52:07.0682 4312	LMS - ok
21:52:07.0713 4312	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:52:07.0729 4312	LSI_FC - ok
21:52:07.0744 4312	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:52:07.0760 4312	LSI_SAS - ok
21:52:07.0776 4312	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:52:07.0776 4312	LSI_SAS2 - ok
21:52:07.0791 4312	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:52:07.0807 4312	LSI_SCSI - ok
21:52:07.0822 4312	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:52:07.0822 4312	luafv - ok
21:52:07.0854 4312	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:52:07.0869 4312	Mcx2Svc - ok
21:52:07.0885 4312	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:52:07.0885 4312	megasas - ok
21:52:07.0916 4312	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:52:07.0963 4312	MegaSR - ok
21:52:07.0994 4312	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:52:08.0010 4312	MEIx64 - ok
21:52:08.0056 4312	Microsoft SharePoint Workspace Audit Service - ok
21:52:08.0103 4312	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:08.0119 4312	MMCSS - ok
21:52:08.0134 4312	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:52:08.0134 4312	Modem - ok
21:52:08.0181 4312	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:52:08.0181 4312	monitor - ok
21:52:08.0212 4312	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:52:08.0228 4312	mouclass - ok
21:52:08.0259 4312	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
21:52:08.0275 4312	mouhid - ok
21:52:08.0290 4312	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:52:08.0290 4312	mountmgr - ok
21:52:08.0306 4312	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:52:08.0322 4312	mpio - ok
21:52:08.0337 4312	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:52:08.0337 4312	mpsdrv - ok
21:52:08.0415 4312	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:52:08.0493 4312	MpsSvc - ok
21:52:08.0509 4312	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:52:08.0524 4312	MRxDAV - ok
21:52:08.0540 4312	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:08.0556 4312	mrxsmb - ok
21:52:08.0634 4312	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:08.0680 4312	mrxsmb10 - ok
21:52:08.0696 4312	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:08.0696 4312	mrxsmb20 - ok
21:52:08.0712 4312	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:52:08.0712 4312	msahci - ok
21:52:08.0727 4312	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:52:08.0743 4312	msdsm - ok
21:52:08.0774 4312	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:52:08.0774 4312	MSDTC - ok
21:52:08.0790 4312	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:52:08.0790 4312	Msfs - ok
21:52:08.0821 4312	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:52:08.0821 4312	mshidkmdf - ok
21:52:08.0821 4312	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:52:08.0821 4312	msisadrv - ok
21:52:08.0868 4312	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:52:08.0883 4312	MSiSCSI - ok
21:52:08.0899 4312	msiserver - ok
21:52:08.0930 4312	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:52:08.0930 4312	MSKSSRV - ok
21:52:08.0930 4312	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:52:08.0946 4312	MSPCLOCK - ok
21:52:08.0961 4312	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:52:08.0977 4312	MSPQM - ok
21:52:09.0024 4312	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:52:09.0039 4312	MsRPC - ok
21:52:09.0055 4312	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:52:09.0055 4312	mssmbios - ok
21:52:09.0055 4312	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:52:09.0070 4312	MSTEE - ok
21:52:09.0070 4312	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:52:09.0070 4312	MTConfig - ok
21:52:09.0086 4312	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:52:09.0086 4312	Mup - ok
21:52:09.0086 4312	mwlPSDFilter    (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:52:09.0086 4312	mwlPSDFilter - ok
21:52:09.0102 4312	mwlPSDNServ     (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:52:09.0102 4312	mwlPSDNServ - ok
21:52:09.0102 4312	mwlPSDVDisk     (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:52:09.0117 4312	mwlPSDVDisk - ok
21:52:09.0148 4312	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:52:09.0180 4312	napagent - ok
21:52:09.0226 4312	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:52:09.0226 4312	NativeWifiP - ok
21:52:09.0289 4312	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:52:09.0320 4312	NDIS - ok
21:52:09.0351 4312	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:52:09.0351 4312	NdisCap - ok
21:52:09.0367 4312	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:52:09.0382 4312	NdisTapi - ok
21:52:09.0398 4312	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:52:09.0414 4312	Ndisuio - ok
21:52:09.0429 4312	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:52:09.0429 4312	NdisWan - ok
21:52:09.0460 4312	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:52:09.0460 4312	NDProxy - ok
21:52:09.0476 4312	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:52:09.0476 4312	NetBIOS - ok
21:52:09.0507 4312	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:52:09.0507 4312	NetBT - ok
21:52:09.0538 4312	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:09.0538 4312	Netlogon - ok
21:52:09.0585 4312	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:52:09.0601 4312	Netman - ok
21:52:09.0632 4312	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:52:09.0648 4312	netprofm - ok
21:52:09.0726 4312	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:52:09.0741 4312	NetTcpPortSharing - ok
21:52:09.0788 4312	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:52:09.0788 4312	nfrd960 - ok
21:52:09.0850 4312	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:52:09.0866 4312	NlaSvc - ok
21:52:09.0882 4312	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:52:09.0897 4312	Npfs - ok
21:52:09.0897 4312	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:52:09.0913 4312	nsi - ok
21:52:09.0913 4312	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:52:09.0928 4312	nsiproxy - ok
21:52:10.0053 4312	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:52:10.0131 4312	Ntfs - ok
21:52:10.0412 4312	NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
21:52:10.0428 4312	NTI IScheduleSvc - ok
21:52:10.0833 4312	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
21:52:10.0833 4312	NTIDrvr - ok
21:52:10.0849 4312	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:52:10.0849 4312	Null - ok
21:52:11.0052 4312	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:52:11.0067 4312	nvraid - ok
21:52:11.0286 4312	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:52:11.0332 4312	nvstor - ok
21:52:11.0520 4312	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:52:11.0551 4312	nv_agp - ok
21:52:11.0660 4312	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:52:11.0722 4312	ohci1394 - ok
21:52:12.0159 4312	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:52:12.0190 4312	ose - ok
21:52:13.0111 4312	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:52:13.0407 4312	osppsvc - ok
21:52:13.0875 4312	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:13.0891 4312	p2pimsvc - ok
21:52:13.0938 4312	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:52:13.0984 4312	p2psvc - ok
21:52:14.0047 4312	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:52:14.0062 4312	Parport - ok
21:52:14.0094 4312	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:52:14.0109 4312	partmgr - ok
21:52:14.0156 4312	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:52:14.0187 4312	PcaSvc - ok
21:52:14.0218 4312	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:52:14.0250 4312	pci - ok
21:52:14.0281 4312	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:52:14.0281 4312	pciide - ok
21:52:14.0312 4312	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:52:14.0343 4312	pcmcia - ok
21:52:14.0359 4312	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:52:14.0359 4312	pcw - ok
21:52:14.0452 4312	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:52:14.0484 4312	PEAUTH - ok
21:52:14.0577 4312	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:52:14.0608 4312	PerfHost - ok
21:52:14.0702 4312	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:52:14.0780 4312	pla - ok
21:52:14.0827 4312	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:52:14.0858 4312	PlugPlay - ok
21:52:14.0874 4312	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:52:14.0874 4312	PNRPAutoReg - ok
21:52:14.0920 4312	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:14.0920 4312	PNRPsvc - ok
21:52:14.0998 4312	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:52:15.0030 4312	PolicyAgent - ok
21:52:15.0076 4312	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:52:15.0108 4312	Power - ok
21:52:15.0186 4312	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:52:15.0186 4312	PptpMiniport - ok
21:52:15.0217 4312	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:52:15.0232 4312	Processor - ok
21:52:15.0279 4312	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:52:15.0310 4312	ProfSvc - ok
21:52:15.0342 4312	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:15.0342 4312	ProtectedStorage - ok
21:52:15.0373 4312	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:52:15.0388 4312	Psched - ok
21:52:15.0482 4312	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:52:15.0576 4312	ql2300 - ok
21:52:15.0669 4312	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:52:15.0685 4312	ql40xx - ok
21:52:15.0732 4312	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:52:15.0763 4312	QWAVE - ok
21:52:15.0778 4312	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:52:15.0778 4312	QWAVEdrv - ok
21:52:15.0794 4312	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:52:15.0794 4312	RasAcd - ok
21:52:15.0841 4312	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:52:15.0841 4312	RasAgileVpn - ok
21:52:15.0872 4312	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:52:15.0872 4312	RasAuto - ok
21:52:15.0919 4312	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:52:15.0919 4312	Rasl2tp - ok
21:52:15.0966 4312	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:52:15.0997 4312	RasMan - ok
21:52:16.0012 4312	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:52:16.0012 4312	RasPppoe - ok
21:52:16.0028 4312	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:52:16.0044 4312	RasSstp - ok
21:52:16.0075 4312	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:52:16.0090 4312	rdbss - ok
21:52:16.0106 4312	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:52:16.0106 4312	rdpbus - ok
21:52:16.0137 4312	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:52:16.0137 4312	RDPCDD - ok
21:52:16.0137 4312	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:52:16.0137 4312	RDPENCDD - ok
21:52:16.0153 4312	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:52:16.0153 4312	RDPREFMP - ok
21:52:16.0184 4312	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:52:16.0200 4312	RDPWD - ok
21:52:16.0246 4312	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:52:16.0262 4312	rdyboost - ok
21:52:16.0293 4312	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:52:16.0309 4312	RemoteAccess - ok
21:52:16.0340 4312	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:52:16.0356 4312	RemoteRegistry - ok
21:52:16.0371 4312	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:52:16.0387 4312	RpcEptMapper - ok
21:52:16.0402 4312	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:52:16.0402 4312	RpcLocator - ok
21:52:16.0449 4312	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:52:16.0449 4312	RpcSs - ok
21:52:16.0512 4312	RSPCIESTOR      (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
21:52:16.0527 4312	RSPCIESTOR - ok
21:52:16.0558 4312	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:52:16.0574 4312	rspndr - ok
21:52:16.0590 4312	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:16.0590 4312	SamSs - ok
21:52:16.0636 4312	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:52:16.0652 4312	sbp2port - ok
21:52:16.0699 4312	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:52:16.0714 4312	SCardSvr - ok
21:52:16.0746 4312	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:52:16.0761 4312	scfilter - ok
21:52:16.0886 4312	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:52:17.0026 4312	Schedule - ok
21:52:17.0073 4312	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:52:17.0073 4312	SCPolicySvc - ok
21:52:17.0104 4312	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:52:17.0136 4312	SDRSVC - ok
21:52:17.0214 4312	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:52:17.0214 4312	secdrv - ok
21:52:17.0245 4312	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:52:17.0260 4312	seclogon - ok
21:52:17.0292 4312	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:52:17.0292 4312	SENS - ok
21:52:17.0323 4312	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:52:17.0323 4312	SensrSvc - ok
21:52:17.0354 4312	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:52:17.0370 4312	Serenum - ok
21:52:17.0416 4312	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:52:17.0432 4312	Serial - ok
21:52:17.0432 4312	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:52:17.0448 4312	sermouse - ok
21:52:17.0463 4312	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:52:17.0479 4312	SessionEnv - ok
21:52:17.0479 4312	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:52:17.0494 4312	sffdisk - ok
21:52:17.0494 4312	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:52:17.0494 4312	sffp_mmc - ok
21:52:17.0510 4312	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:52:17.0510 4312	sffp_sd - ok
21:52:17.0526 4312	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:52:17.0541 4312	sfloppy - ok
21:52:17.0588 4312	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:52:17.0619 4312	SharedAccess - ok
21:52:17.0666 4312	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:52:17.0697 4312	ShellHWDetection - ok
21:52:17.0728 4312	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:52:17.0744 4312	SiSRaid2 - ok
21:52:17.0760 4312	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:52:17.0760 4312	SiSRaid4 - ok
21:52:17.0791 4312	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:52:17.0806 4312	Smb - ok
21:52:17.0838 4312	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:52:17.0838 4312	SNMPTRAP - ok
21:52:17.0853 4312	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:52:17.0869 4312	spldr - ok
21:52:17.0900 4312	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:52:17.0916 4312	Spooler - ok
21:52:18.0134 4312	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:52:18.0321 4312	sppsvc - ok
21:52:18.0415 4312	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:52:18.0430 4312	sppuinotify - ok
21:52:18.0477 4312	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:52:18.0508 4312	srv - ok
21:52:18.0555 4312	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:52:18.0602 4312	srv2 - ok
21:52:18.0633 4312	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:52:18.0633 4312	srvnet - ok
21:52:18.0664 4312	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:52:18.0680 4312	SSDPSRV - ok
21:52:18.0696 4312	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:52:18.0711 4312	SstpSvc - ok
21:52:18.0711 4312	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:52:18.0727 4312	stexstor - ok
21:52:18.0805 4312	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:52:18.0852 4312	stisvc - ok
21:52:18.0867 4312	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:52:18.0867 4312	swenum - ok
21:52:18.0914 4312	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:52:18.0945 4312	swprv - ok
21:52:19.0054 4312	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
21:52:19.0086 4312	SynTP - ok
21:52:19.0273 4312	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:52:19.0335 4312	SysMain - ok
21:52:19.0413 4312	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:52:19.0429 4312	TabletInputService - ok
21:52:19.0460 4312	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:52:19.0491 4312	TapiSrv - ok
21:52:19.0507 4312	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:52:19.0507 4312	TBS - ok
21:52:19.0647 4312	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:52:19.0772 4312	Tcpip - ok
21:52:19.0959 4312	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:52:19.0975 4312	TCPIP6 - ok
21:52:20.0053 4312	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:52:20.0068 4312	tcpipreg - ok
21:52:20.0084 4312	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:52:20.0100 4312	TDPIPE - ok
21:52:20.0131 4312	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:52:20.0131 4312	TDTCP - ok
21:52:20.0162 4312	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:52:20.0162 4312	tdx - ok
21:52:20.0209 4312	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:52:20.0224 4312	TermDD - ok
21:52:20.0271 4312	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:52:20.0349 4312	TermService - ok
21:52:20.0365 4312	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:52:20.0380 4312	Themes - ok
21:52:20.0396 4312	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:20.0412 4312	THREADORDER - ok
21:52:20.0427 4312	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:52:20.0443 4312	TrkWks - ok
21:52:20.0490 4312	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:52:20.0521 4312	TrustedInstaller - ok
21:52:20.0536 4312	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:52:20.0552 4312	tssecsrv - ok
21:52:20.0599 4312	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:52:20.0599 4312	TsUsbFlt - ok
21:52:20.0630 4312	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:52:20.0646 4312	TsUsbGD - ok
21:52:20.0677 4312	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:52:20.0677 4312	tunnel - ok
21:52:20.0692 4312	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:52:20.0692 4312	uagp35 - ok
21:52:20.0708 4312	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
21:52:20.0708 4312	UBHelper - ok
21:52:20.0739 4312	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:52:20.0770 4312	udfs - ok
21:52:20.0802 4312	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:52:20.0817 4312	UI0Detect - ok
21:52:20.0848 4312	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:52:20.0864 4312	uliagpkx - ok
21:52:20.0895 4312	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:52:20.0895 4312	umbus - ok
21:52:20.0911 4312	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:52:20.0911 4312	UmPass - ok
21:52:21.0114 4312	UNS             (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:52:21.0254 4312	UNS - ok
21:52:21.0363 4312	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:52:21.0426 4312	upnphost - ok
21:52:21.0488 4312	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
21:52:21.0488 4312	USBAAPL64 - ok
21:52:21.0535 4312	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:52:21.0550 4312	usbccgp - ok
21:52:21.0582 4312	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:52:21.0597 4312	usbcir - ok
21:52:21.0613 4312	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:52:21.0613 4312	usbehci - ok
21:52:21.0660 4312	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:52:21.0675 4312	usbhub - ok
21:52:21.0691 4312	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:52:21.0691 4312	usbohci - ok
21:52:21.0706 4312	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:52:21.0722 4312	usbprint - ok
21:52:21.0738 4312	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:52:21.0753 4312	USBSTOR - ok
21:52:21.0753 4312	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:52:21.0769 4312	usbuhci - ok
21:52:21.0800 4312	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:52:21.0816 4312	usbvideo - ok
21:52:21.0847 4312	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:52:21.0847 4312	UxSms - ok
21:52:21.0894 4312	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:21.0894 4312	VaultSvc - ok
21:52:21.0925 4312	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:52:21.0940 4312	vdrvroot - ok
21:52:21.0972 4312	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:52:22.0003 4312	vds - ok
21:52:22.0034 4312	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:52:22.0034 4312	vga - ok
21:52:22.0034 4312	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:52:22.0050 4312	VgaSave - ok
21:52:22.0081 4312	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:52:22.0096 4312	vhdmp - ok
21:52:22.0128 4312	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:52:22.0128 4312	viaide - ok
21:52:22.0174 4312	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:52:22.0190 4312	volmgr - ok
21:52:22.0221 4312	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:52:22.0237 4312	volmgrx - ok
21:52:22.0299 4312	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:52:22.0315 4312	volsnap - ok
21:52:22.0346 4312	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:52:22.0377 4312	vsmraid - ok
21:52:22.0486 4312	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:52:22.0596 4312	VSS - ok
21:52:22.0689 4312	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:52:22.0705 4312	vwifibus - ok
21:52:22.0720 4312	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:52:22.0720 4312	vwififlt - ok
21:52:22.0783 4312	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:52:22.0814 4312	W32Time - ok
21:52:22.0830 4312	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:52:22.0830 4312	WacomPen - ok
21:52:22.0861 4312	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:22.0876 4312	WANARP - ok
21:52:22.0892 4312	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:22.0892 4312	Wanarpv6 - ok
21:52:22.0986 4312	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:52:23.0048 4312	wbengine - ok
21:52:23.0157 4312	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:52:23.0204 4312	WbioSrvc - ok
21:52:23.0235 4312	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:52:23.0266 4312	wcncsvc - ok
21:52:23.0298 4312	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:52:23.0313 4312	WcsPlugInService - ok
21:52:23.0344 4312	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:52:23.0360 4312	Wd - ok
21:52:23.0407 4312	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:52:23.0454 4312	Wdf01000 - ok
21:52:23.0500 4312	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:23.0516 4312	WdiServiceHost - ok
21:52:23.0516 4312	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:23.0516 4312	WdiSystemHost - ok
21:52:23.0563 4312	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:52:23.0578 4312	WebClient - ok
21:52:23.0610 4312	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:52:23.0625 4312	Wecsvc - ok
21:52:23.0656 4312	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:52:23.0672 4312	wercplsupport - ok
21:52:23.0688 4312	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:52:23.0688 4312	WerSvc - ok
21:52:23.0750 4312	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:52:23.0750 4312	WfpLwf - ok
21:52:23.0781 4312	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:52:23.0781 4312	WIMMount - ok
21:52:23.0828 4312	WinDefend - ok
21:52:23.0828 4312	WinHttpAutoProxySvc - ok
21:52:23.0906 4312	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:52:23.0937 4312	Winmgmt - ok
21:52:24.0078 4312	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:52:24.0187 4312	WinRM - ok
21:52:24.0327 4312	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:52:24.0390 4312	Wlansvc - ok
21:52:24.0592 4312	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:52:24.0655 4312	wlidsvc - ok
21:52:24.0764 4312	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:52:24.0764 4312	WmiAcpi - ok
21:52:24.0826 4312	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:52:24.0858 4312	wmiApSrv - ok
21:52:24.0920 4312	WMPNetworkSvc - ok
21:52:24.0967 4312	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:52:24.0983 4312	WPCSvc - ok
21:52:25.0014 4312	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:52:25.0029 4312	WPDBusEnum - ok
21:52:25.0045 4312	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:52:25.0061 4312	ws2ifsl - ok
21:52:25.0076 4312	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:52:25.0107 4312	wscsvc - ok
21:52:25.0107 4312	WSearch - ok
21:52:25.0263 4312	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:52:25.0373 4312	wuauserv - ok
21:52:25.0482 4312	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:52:25.0497 4312	WudfPf - ok
21:52:25.0529 4312	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:52:25.0544 4312	WUDFRd - ok
21:52:25.0607 4312	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:52:25.0622 4312	wudfsvc - ok
21:52:25.0653 4312	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:52:25.0669 4312	WwanSvc - ok
21:52:25.0716 4312	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:52:25.0950 4312	\Device\Harddisk0\DR0 - ok
21:52:25.0965 4312	MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
21:52:34.0046 4312	\Device\Harddisk1\DR1 - ok
21:52:34.0046 4312	Boot (0x1200)   (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
21:52:34.0046 4312	\Device\Harddisk0\DR0\Partition0 - ok
21:52:34.0062 4312	Boot (0x1200)   (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
21:52:34.0077 4312	\Device\Harddisk0\DR0\Partition1 - ok
21:52:34.0093 4312	Boot (0x1200)   (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
21:52:34.0093 4312	\Device\Harddisk0\DR0\Partition2 - ok
21:52:34.0093 4312	Boot (0x1200)   (d1877a7947ed729088843e8335f23f94) \Device\Harddisk1\DR1\Partition0
21:52:34.0109 4312	\Device\Harddisk1\DR1\Partition0 - ok
21:52:34.0109 4312	============================================================
21:52:34.0109 4312	Scan finished
21:52:34.0109 4312	============================================================
21:52:34.0124 2796	Detected object count: 0
21:52:34.0124 2796	Actual detected object count: 0
21:52:38.0726 5116	Deinitialize success
         
Gleich gehts weiter mit den Malwarebytes Anti-Malware-Logs

Und hier noch das, was ich von Malwarebytes habe:

Malwarebytes #1
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.05

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Sternekoch :: Sternekoch-PC [Administrator]

04.07.2012 19:10:10
mbam-log-2012-07-04 (19-10-10).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 334947
Laufzeit: 40 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
#2
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sternekoch :: Sternekoch-PC [Administrator]

04.07.2012 20:13:30
mbam-log-2012-07-04 (20-13-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206969
Laufzeit: 3 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
#3
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sternekoch :: Sternekoch-PC [Administrator]

04.07.2012 20:17:09
mbam-log-2012-07-04 (20-17-09).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206909
Laufzeit: 1 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
#4
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.06

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Sternekoch :: Sternekoch-PC [Administrator]

04.07.2012 21:36:44
mbam-log-2012-07-04 (21-36-44).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 204918
Laufzeit: 2 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
#5
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sternekoch :: Sternekoch-PC [Administrator]

04.07.2012 21:54:28
mbam-log-2012-07-04 (21-54-28).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205702
Laufzeit: 3 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Ich schau jetzt noch fix, ob ich aus Avira auch noch etwas rausgekitzelt bekomme...

Und hier noch der grad durchgeführte Scan von Avira...

Code:
ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 5. Juli 2012  19:22

Es wird nach 3836369 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : Sternekoch
Computername   : Sternekoch-PC

Versionsinformationen:
BUILD.DAT      : 12.0.0.1125    41829 Bytes  02.05.2012 16:34:00
AVSCAN.EXE     : 12.3.0.15     466896 Bytes  08.05.2012 20:15:13
AVSCAN.DLL     : 12.3.0.15      66256 Bytes  08.05.2012 20:15:13
LUKE.DLL       : 12.3.0.15      68304 Bytes  08.05.2012 20:15:13
AVSCPLR.DLL    : 12.3.0.14      97032 Bytes  08.05.2012 20:15:14
AVREG.DLL      : 12.3.0.17     232200 Bytes  11.05.2012 05:55:46
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 18:18:34
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 23:31:49
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 21:30:41
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 07:08:44
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 06:36:34
VBASE005.VDF   : 7.11.34.116  4034048 Bytes  29.06.2012 05:41:32
VBASE006.VDF   : 7.11.34.117     2048 Bytes  29.06.2012 05:41:32
VBASE007.VDF   : 7.11.34.118     2048 Bytes  29.06.2012 05:41:32
VBASE008.VDF   : 7.11.34.119     2048 Bytes  29.06.2012 05:41:32
VBASE009.VDF   : 7.11.34.120     2048 Bytes  29.06.2012 05:41:32
VBASE010.VDF   : 7.11.34.121     2048 Bytes  29.06.2012 05:41:32
VBASE011.VDF   : 7.11.34.122     2048 Bytes  29.06.2012 05:41:32
VBASE012.VDF   : 7.11.34.123     2048 Bytes  29.06.2012 05:41:32
VBASE013.VDF   : 7.11.34.124     2048 Bytes  29.06.2012 05:41:32
VBASE014.VDF   : 7.11.34.201   169472 Bytes  02.07.2012 18:18:57
VBASE015.VDF   : 7.11.35.19    122368 Bytes  04.07.2012 18:03:21
VBASE016.VDF   : 7.11.35.20      2048 Bytes  04.07.2012 18:03:21
VBASE017.VDF   : 7.11.35.21      2048 Bytes  04.07.2012 18:03:22
VBASE018.VDF   : 7.11.35.22      2048 Bytes  04.07.2012 18:03:22
VBASE019.VDF   : 7.11.35.23      2048 Bytes  04.07.2012 18:03:22
VBASE020.VDF   : 7.11.35.24      2048 Bytes  04.07.2012 18:03:22
VBASE021.VDF   : 7.11.35.25      2048 Bytes  04.07.2012 18:03:22
VBASE022.VDF   : 7.11.35.26      2048 Bytes  04.07.2012 18:03:22
VBASE023.VDF   : 7.11.35.27      2048 Bytes  04.07.2012 18:03:22
VBASE024.VDF   : 7.11.35.28      2048 Bytes  04.07.2012 18:03:22
VBASE025.VDF   : 7.11.35.29      2048 Bytes  04.07.2012 18:03:23
VBASE026.VDF   : 7.11.35.30      2048 Bytes  04.07.2012 18:03:23
VBASE027.VDF   : 7.11.35.31      2048 Bytes  04.07.2012 18:03:23
VBASE028.VDF   : 7.11.35.32      2048 Bytes  04.07.2012 18:03:23
VBASE029.VDF   : 7.11.35.33      2048 Bytes  04.07.2012 18:03:23
VBASE030.VDF   : 7.11.35.34      2048 Bytes  04.07.2012 18:03:23
VBASE031.VDF   : 7.11.35.46     22016 Bytes  04.07.2012 18:03:23
Engineversion  : 8.2.10.102
AEVDF.DLL      : 8.1.2.8       106867 Bytes  02.06.2012 09:58:05
AESCRIPT.DLL   : 8.1.4.28      455035 Bytes  21.06.2012 19:20:40
AESCN.DLL      : 8.1.8.2       131444 Bytes  28.01.2012 10:21:09
AESBX.DLL      : 8.2.5.12      606578 Bytes  15.06.2012 06:04:14
AERDL.DLL      : 8.1.9.15      639348 Bytes  14.12.2011 23:31:02
AEPACK.DLL     : 8.2.16.22     807288 Bytes  21.06.2012 19:20:39
AEOFFICE.DLL   : 8.1.2.40      201082 Bytes  29.06.2012 05:00:34
AEHEUR.DLL     : 8.1.4.58     4993399 Bytes  29.06.2012 05:00:34
AEHELP.DLL     : 8.1.23.2      258422 Bytes  29.06.2012 05:00:31
AEGEN.DLL      : 8.1.5.30      422261 Bytes  15.06.2012 06:04:11
AEEXP.DLL      : 8.1.0.58       82292 Bytes  29.06.2012 05:00:34
AEEMU.DLL      : 8.1.3.0       393589 Bytes  14.12.2011 23:30:58
AECORE.DLL     : 8.1.25.10     201080 Bytes  01.06.2012 06:01:57
AEBB.DLL       : 8.1.1.0        53618 Bytes  14.12.2011 23:30:58
AVWINLL.DLL    : 12.3.0.15      27344 Bytes  08.05.2012 20:15:13
AVPREF.DLL     : 12.3.0.15      51920 Bytes  08.05.2012 20:15:13
AVREP.DLL      : 12.3.0.15     179208 Bytes  08.05.2012 20:15:14
AVARKT.DLL     : 12.3.0.15     211408 Bytes  08.05.2012 20:15:13
AVEVTLOG.DLL   : 12.3.0.15     169168 Bytes  08.05.2012 20:15:13
SQLITE3.DLL    : 3.7.0.1       398288 Bytes  08.05.2012 20:15:14
AVSMTP.DLL     : 12.3.0.15      63440 Bytes  08.05.2012 20:15:13
NETNT.DLL      : 12.3.0.15      17104 Bytes  08.05.2012 20:15:13
RCIMAGE.DLL    : 12.3.0.15    4447952 Bytes  08.05.2012 20:15:13
RCTEXT.DLL     : 12.3.0.15      98512 Bytes  08.05.2012 20:15:13

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Suche nach Rootkits und aktiver Malware
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\rootkit.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig

Beginn des Suchlaufs: Donnerstag, 5. Juli 2012  19:22

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'EgisUpdate.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMworker.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'PmmUpdate.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SuiteTray.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMutilps32.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'dsiwmis.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'eEBSVC.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '40' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '769' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:' <Acer>
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs.CAB
  [WARNUNG]   Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt  (multiple volume)
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs2.CAB
  [WARNUNG]   Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt  (multiple volume)
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs3.CAB
  [WARNUNG]   Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt  (multiple volume)


Ende des Suchlaufs: Donnerstag, 5. Juli 2012  20:05
Benötigte Zeit: 42:24 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  24146 Verzeichnisse wurden überprüft
 346609 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 346609 Dateien ohne Befall
   3314 Archive wurden durchsucht
      3 Warnungen
      0 Hinweise
 589312 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         

Kann ich noch irgendwas nachliefern/machen, was bei der Analyse helfen könnte?
Bis dahin schonmal:


Alt 05.07.2012, 20:13   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
ATTFilter
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
         
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
ATTFilter
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
         
Poste nun den Inhalt der log.txt.
__________________
--> BOO/TDss.O - Kein Zugriff auf Dateien mehr

Alt 05.07.2012, 22:27   #7
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Ok, erledigt

Code:
ATTFilter
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3422847af5e7fe4c896b55be4a8f9a5e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-05 09:22:49
# local_time=2012-07-05 11:22:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 15289221 15289221 0 0
# compatibility_mode=5893 16776573 100 94 90633 93146472 0 0
# compatibility_mode=8192 67108863 100 0 151 151 0 0
# scanned=138275
# found=0
# cleaned=0
# scan_time=6748
         

Alt 06.07.2012, 09:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.07.2012, 12:24   #9
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hi,

1.) Windows fährt zwar ganz normal wieder hoch, und es gibt auch nicht mehr die ständigen Pop-Ups oder Warnmeldungen, dass irgendetwas nicht auf die Festplatte geschrieben werden kann, aber:

2.) Genau das: im Startmenü ist nichts mehr drin (außer 3 Office Verknüpfungen und 'Computer'; der gesamte Rest fehlt). Unter "Alle Programme" hängen auch jede Menge leere Ordner. Zusätzlich fehlen alle Desktop-Verknüpfungen, die mal da waren und ich kommen an keine Dateien mehr ran, weder über 'Computer' noch sonst irgendwie

Vielen Dank!!

Alt 06.07.2012, 14:02   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Das Startmenü wurde von der Ransomware gelöscht, wenn überhaupt kannst du mit unhide noch was wiederherstellen. Wenn nicht bist du ohne Backup angeschmiert

Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.07.2012, 08:44   #11
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hey, unhide hat funktioniert (ging auch richtig fix) - ich komme wieder an die Dateien heran und das Startmenü ist auch wieder komplett

Code:
ATTFilter
Unhide by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
  hxxp://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 07/07/2012 09:26:00 AM
Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 134922 files processed.

Processing the E:\ drive
Finished processing the E:\ drive. 28274 files processed.

Restoring the Start Menu.
 * 141 Shortcuts and Desktop items were restored.


Searching for Windows Registry changes made by FakeHDD rogues.
 - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
  * NoActiveDesktopChanges policy was found and deleted!
 - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  * Start_ShowControlPanel was set to 0! It was set back to 1!
  * Start_ShowHelp was set to 0! It was set back to 1!
  * Start_ShowMyDocs was set to 0! It was set back to 1!
  * Start_ShowMyMusic was set to 0! It was set back to 1!
  * Start_ShowMyPics was set to 0! It was set back to 1!
  * Start_ShowPrinters was set to 0! It was set back to 1!
  * Start_ShowRun was set to 0! It was set back to 1!
  * Start_ShowSetProgramAccessAndDefaults was set to 0! It was set back to 1!
  * Start_ShowRecentDocs was set to 0! It was set back to 2!
  * Start_ShowNetConn was set to 0! It was set back to 1!
  * Start_ShowNetPlaces was set to 0! It was set back to 1!
  * Start_TrackDocs was set to 0! It was set back to 1!
  * Start_TrackProgs was set to 0! It was set back to 1!
  * Start_ShowUser was set to 0! It was set back to 1!
  * Start_ShowMyGames was set to 0! It was set back to 1!

Restarting Explorer.exe in order to apply changes.

Program finished at: 07/07/2012 09:29:52 AM
Execution time: 0 hours(s), 3 minute(s), and 52 seconds(s)
         
Das einzige was nicht wiederhergestellt/zurückgedreht wurde, waren Desktophintergrund bzw. das komlpette Windows7-Design (kann man mit leben ;-)) und die Shortcuts in der Taskleiste (kann man auch gut mit leben)
Muss/Kann ich jetzt noch etwas machen?

Alt 09.07.2012, 10:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.07.2012, 19:29   #13
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hi,

erledigt:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.07.2012 20:11:48 - Run 3
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Sternekoch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,78% Memory free
7,71 Gb Paging File | 6,31 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,90 Gb Total Space | 51,83 Gb Free Space | 58,96% Space Free | Partition Type: NTFS
Drive E: | 362,76 Gb Total Space | 284,09 Gb Free Space | 78,31% Space Free | Partition Type: NTFS
Drive F: | 7,81 Gb Total Space | 7,79 Gb Free Space | 99,82% Space Free | Partition Type: FAT32
 
Computer Name: Sternekoch-PC | User Name: Sternekoch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe
PRC - [2012.05.08 22:15:13 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.07.01 04:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.04.02 23:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2011.03.29 04:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2011.03.29 04:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.06.23 11:10:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.08 21:13:45 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.05.10 14:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.08 22:15:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 22:15:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.16 09:23:34 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.08.16 09:23:34 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.08.16 09:23:34 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011.03.10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011.01.25 05:48:02 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.12.23 03:44:20 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.12.17 03:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.29 16:19:20 | 000,326,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Policies\Microsoft\Internet Explorer\Recovery present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{165E3CAD-B66C-41D8-B845-D44419A87475}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FC8A359-8699-4B25-9B91-FFA7CEBF435D}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: BackupManagerTray - hkey= - key= - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Global Registration - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.09 20:08:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe
[2012.07.07 09:57:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.07.07 09:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.07.07 09:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.07.07 09:57:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.07.07 09:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.07.07 09:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.07.05 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.05 19:48:45 | 000,000,000 | ---D | C] -- C:\Neuer Ordner
[2012.07.04 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012.07.04 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes
[2012.07.04 19:09:07 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.04 19:07:10 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.06.21 21:07:13 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\.jenny
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.09 20:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.09 20:09:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.09 20:09:22 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.09 20:09:22 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.09 20:09:22 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.09 20:09:22 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.09 19:57:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 19:57:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 19:49:45 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012.07.09 19:49:38 | 3103,838,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.07 09:57:59 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.07.04 20:54:48 | 000,009,290 | ---- | M] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr
[2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe
[2012.06.14 18:54:07 | 000,360,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.07.07 09:57:59 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.07.07 09:29:46 | 000,002,498 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.07.07 09:29:46 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.07 09:29:46 | 000,001,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk
[2012.07.07 09:29:46 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.07.07 09:29:46 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.07.07 09:29:46 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012.07.07 09:29:46 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.07.07 09:29:46 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012.07.07 09:29:46 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.07.07 09:29:46 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012.07.07 09:29:46 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012.07.07 09:29:46 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.07.07 09:29:46 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012.07.07 09:29:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.07.07 09:29:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.07.04 20:53:44 | 000,009,290 | ---- | C] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2012.07.04 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:51 | 000,000,256 | ---- | C] () -- C:\ProgramData\fXO0KpQrs02mTr
[2011.08.16 09:16:01 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.08.16 09:15:05 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.16 09:15:04 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.16 09:15:02 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== LOP Check ==========
 
[2012.01.28 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\elsterformular
[2012.01.10 22:49:26 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Opera
[2012.07.04 20:20:23 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.01.10 21:50:23 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Adobe
[2012.01.29 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Apple Computer
[2012.01.10 23:35:28 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Avira
[2012.01.10 21:39:59 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\CyberLink
[2012.01.28 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\elsterformular
[2012.01.10 21:42:01 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Identities
[2012.01.22 18:43:08 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\InstallShield
[2012.01.10 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Macromedia
[2012.07.04 19:09:18 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Media Center Programs
[2012.04.13 18:12:30 | 000,000,000 | --SD | M] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft
[2012.01.10 22:49:26 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Opera
 
< %APPDATA%\*.exe /s >
[2012.05.06 19:54:40 | 005,480,584 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_09_8086_8623.exe
[2012.05.06 19:54:49 | 006,388,152 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_10_8086_8623.exe
[2012.05.06 19:55:00 | 007,634,320 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_11_8086_8623.exe
[2012.05.06 19:54:23 | 007,941,880 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_pica_0_8086_8623.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\iaStor.sys
[2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
         
--- --- ---

Danke schonmal!

Alt 10.07.2012, 10:43   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found
[2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.07.2012, 19:09   #15
Sternekoch
 
BOO/TDss.O - Kein Zugriff auf Dateien mehr - Standard

BOO/TDss.O - Kein Zugriff auf Dateien mehr



Hi,

auch erledigt

Code:
ATTFilter
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry value HKEY_USERS\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Run\\biiWPEJPdbnXvw.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Epson Stylus SX235(Netzwerk) deleted successfully.
C:\ProgramData\-fXO0KpQrs02mTrr moved successfully.
C:\ProgramData\-fXO0KpQrs02mTr moved successfully.
C:\ProgramData\fXO0KpQrs02mTr moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Sternekoch
->Temp folder emptied: 112931344 bytes
->Temporary Internet Files folder emptied: 90891273 bytes
->Java cache emptied: 540433 bytes
->Opera cache emptied: 42863367 bytes
->Flash cache emptied: 1394 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 227344618 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 234445743 bytes
 
Total Files Cleaned = 676,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Sternekoch
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07102012_200156

Files\Folders moved on Reboot...
C:\Users\Sternekoch\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sternekoch\AppData\Local\Temp\MMDUtl.log moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\Sternekoch\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Sternekoch\AppData\Local\Temp\MMDUtl.log not found!
[2012.07.10 20:03:20 | 001,181,742 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5
[2012.07.10 20:03:16 | 001,155,003 | ---- | M] () C:\Windows\temp\LMutilps32.log : Unable to obtain MD5

Registry entries deleted on Reboot...
         
Jetzt bin ich ja gespannt
Wie immer, ein Riesen-

Antwort

Themen zu BOO/TDss.O - Kein Zugriff auf Dateien mehr
antivir, autorun, avg, avira, bho, bonjour, browser, computer, document, failed, firefox, flash player, format, home, kaspersky, langsam, launch, logfile, netzwerk, pop-up fenster, problem, realtek, registry, scan, searchscopes, sekunden, software, windows



Ähnliche Themen: BOO/TDss.O - Kein Zugriff auf Dateien mehr


  1. Kein Zugriff auf Arbeitsplatz Anwendungen, Ink Dateien oder Systemsteuerung.
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (15)
  2. Win 7 Ukash (IAC) Virus Kein Zugriff mehr im normalen Modus mehr
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (63)
  3. Smart HDD: Startleiste bleibt leer, kein Zugriff auf Eigene Dateien, Desktop-Verknüpfungen weg
    Log-Analyse und Auswertung - 30.03.2012 (1)
  4. externe festplatte, kein zugriff auf dateien möglich
    Log-Analyse und Auswertung - 29.12.2011 (38)
  5. Virus dank Malwarebytes weg - alle Dateien noch da, aber kein Zugriff möglich
    Plagegeister aller Art und deren Bekämpfung - 02.11.2011 (10)
  6. Kein Zugriff auf Dateien auf externen Karten, u.a. Probleme
    Log-Analyse und Auswertung - 26.10.2011 (37)
  7. Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen..
    Log-Analyse und Auswertung - 20.10.2011 (23)
  8. Nach Virusmeldung kein Zugriff mehr auf Dateien/Dateien nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 12.08.2011 (1)
  9. Desktop schwarz, kein Zugriff auf Dateien von Festplatte
    Log-Analyse und Auswertung - 06.07.2011 (29)
  10. Windows recovery, FakeALert!gbr- kein Zugriff mehr auf Dateien, teilweise Desktop verschwunden
    Plagegeister aller Art und deren Bekämpfung - 18.05.2011 (31)
  11. Desktop schwarz, Dateien nicht sichtbar und kein Zugriff auf Programme z.B. MS Office
    Plagegeister aller Art und deren Bekämpfung - 13.05.2011 (38)
  12. HDD Diagnostic entfernt,Desktop ist fast leer u. kein Zugriff auf Programme u. Dateien
    Plagegeister aller Art und deren Bekämpfung - 17.04.2011 (36)
  13. Kein Zugriff auf Programme und Dateien
    Alles rund um Windows - 07.03.2010 (8)
  14. Kein Zugriff mehr auf Router & kein Inet
    Alles rund um Windows - 27.11.2007 (12)
  15. Kein Zugriff auf Dateien nach I-Net Klick
    Plagegeister aller Art und deren Bekämpfung - 18.08.2007 (2)
  16. 2. festplatte - kein zugriff mehr!!??!!
    Log-Analyse und Auswertung - 15.11.2004 (9)
  17. Norton startet nicht mehr und kein Zugriff mehr auf Antiviren-Internetseiten!
    Plagegeister aller Art und deren Bekämpfung - 16.10.2004 (5)

Zum Thema BOO/TDss.O - Kein Zugriff auf Dateien mehr - Hallo zusammen, habe mir vorgestern anscheinend den BOO/TDss.O eingefangen - zumindest wurde der mir von Avira angezeigt. Der Desktophintergrund wurde schwarz und alle Desktopsymbole bis auf "Computer" und "Papierkorb" sind - BOO/TDss.O - Kein Zugriff auf Dateien mehr...
Archiv
Du betrachtest: BOO/TDss.O - Kein Zugriff auf Dateien mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.