| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.07.2012, 15:06
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Code:
ATTFilter Scan Mode: Current user
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.07.2012, 21:48
| #17 |
 | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. ich hoffe jetzt habe ich es richtig gemacht.
__________________Danke noch mal für den Hinweis. Code:
ATTFilter OTL logfile created on: 24.07.2012 21:58:13 - Run 3 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\***\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,75 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 61,61% Memory free 5,50 Gb Paging File | 4,30 Gb Available in Paging File | 78,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 75,59 Gb Total Space | 28,03 Gb Free Space | 37,08% Space Free | Partition Type: NTFS Drive D: | 12,00 Gb Total Space | 11,87 Gb Free Space | 98,95% Space Free | Partition Type: NTFS Drive E: | 210,41 Gb Total Space | 163,55 Gb Free Space | 77,73% Space Free | Partition Type: NTFS Drive H: | 3,75 Gb Total Space | 3,71 Gb Free Space | 98,72% Space Free | Partition Type: FAT32 Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.12 17:51:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.05.16 07:01:21 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.16 07:01:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.16 07:01:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2000.01.01 02:00:00 | 000,196,608 | ---- | M] () -- C:\Programme\Mouse\Amoumain.exe ========== Modules (No Company Name) ========== MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2000.01.01 02:00:00 | 000,196,608 | ---- | M] () -- C:\Programme\Mouse\Amoumain.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2000.01.01 02:00:00 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.05.16 07:01:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.16 07:01:21 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.05.16 07:01:22 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.16 07:01:22 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.08 22:39:17 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2011.12.08 22:39:17 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2011.09.15 23:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.05.11 18:11:40 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2009.09.03 19:37:02 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.04 22:44:48 | 000,015,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PuAcpi64.sys -- (MTsensor64) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2000.01.01 02:00:00 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2000.01.01 02:00:00 | 000,052,736 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64) DRV:64bit: - [2000.01.01 02:00:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\..\SearchScopes\{22789892-B8C5-4C17-9509-592C0BA40331}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=0FFA06CB-5B2F-475B-B76F-64903E19C4B1&apn_sauid=18088B35-F359-40B5-B47A-5DA77F6A6408& IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.28 10:47:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.06 15:51:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.12.24 14:59:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\hoqh1om8.default\extensions [2011.10.06 15:57:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\hoqh1om8.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.10.06 15:57:45 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\hoqh1om8.default\extensions\https-everywhere@eff.org [2011.12.08 22:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.12.08 22:38:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011.10.06 15:57:46 | 000,171,836 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HOQH1OM8.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI [2011.10.06 15:57:43 | 000,109,632 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HOQH1OM8.DEFAULT\EXTENSIONS\COMPATIBILITY@ADDONS.MOZILLA.ORG.XPI [2011.09.29 09:09:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.10.06 17:28:16 | 000,437,925 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15060 more lines... O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [WheelMouse] C:\Programme\Mouse\Amoumain.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3891845889-4225406144-588273056-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-3891845889-4225406144-588273056-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{621A4F78-3820-46AF-8AD2-68D2BC9FBAEB}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\Shell - "" = AutoRun O33 - MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\Shell\AutoRun\command - "" = H:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FFDS - ff_vfw.dll () Drivers32:64bit: VIDC.LAGS - lagarith.dll ( ) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.07.17 19:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.07.15 18:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.07.15 11:47:45 | 000,000,000 | ---D | C] -- C:\Users\Claudis Lappi\AppData\Roaming\Malwarebytes [2012.07.15 11:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.15 11:47:22 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.15 11:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.15 11:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.15 10:37:26 | 000,000,000 | ---D | C] -- C:\Users\Claudis Lappi\AppData\Roaming\TuneUp Software [2012.07.15 10:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.07.15 10:36:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.07.15 10:36:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012.07.12 17:51:11 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe ========== Files - Modified Within 30 Days ========== [2012.07.24 21:59:27 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.24 21:59:27 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.24 21:59:27 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.24 21:59:27 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.24 21:59:27 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.24 21:54:11 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.24 21:54:11 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.24 21:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.24 21:44:44 | 2213,969,920 | -HS- | M] () -- C:\hiberfil.sys [2012.07.15 11:47:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.12 17:57:18 | 000,000,188 | ---- | M] () -- C:\Users\***\defogger_reenable [2012.07.12 17:51:46 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\ipoxqxd8.exe [2012.07.12 17:51:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2012.07.12 17:50:50 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.07.15 11:47:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.12 17:57:18 | 000,000,188 | ---- | C] () -- C:\Users\***\defogger_reenable [2012.07.12 17:51:45 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\ipoxqxd8.exe [2012.07.12 17:50:49 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2012.02.01 18:14:40 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2012.01.31 21:13:51 | 000,007,600 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2011.10.06 18:18:56 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll [2011.10.06 18:15:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [1601.02.13 10:28:18 | 000,005,884 | ---- | C] () -- C:\Users\***\osjGpJfqueEdlgxL ========== LOP Check ========== [2011.10.06 21:31:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo [2011.10.06 21:38:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATViewer [2011.10.08 08:52:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite [2011.12.24 11:30:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2012.01.31 18:27:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDISC [2012.07.15 10:37:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2011.10.06 16:11:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinBatch [2012.05.17 13:49:51 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.10.06 16:24:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe [2012.05.18 01:26:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Apple Computer [2011.10.06 21:31:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo [2011.10.06 21:38:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATViewer [2011.10.06 16:58:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira [2011.10.08 08:52:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite [2011.12.24 11:30:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2011.10.06 15:33:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities [2011.10.06 18:22:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield [2011.10.06 16:24:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia [2012.07.15 11:47:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes [2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs [2012.07.15 11:09:09 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft [2011.10.06 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla [2012.01.31 18:27:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDISC [2012.07.15 10:37:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2011.10.06 16:11:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinBatch [2011.10.06 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\BackUp Treiber\***-PC-2011-Oct-06 141946.420173\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\BackUp Treiber\***-PC-2011-Oct-06 141946.420173\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\BackUp Treiber\***-PC-2011-Oct-06 141946.420173\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\BackUp Treiber\CLAUDISLAPPI-PC-2011-Oct-06 141946.420173\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***i\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T145243540224\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T145243540224\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T160735308792\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T160735308792\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T161840602887\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T161840602887\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T162717586422\internal_ide_channel\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\***\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111006T162717586422\pci\cc_0101\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 05:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
24.07.2012, 22:24
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-3891845889-4225406144-588273056-1000\..\SearchScopes\{22789892-B8C5-4C17-9509-592C0BA40331}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=0FFA06CB-5B2F-475B-B76F-64903E19C4B1&apn_sauid=18088B35-F359-40B5-B47A-5DA77F6A6408&
FF - user.js - File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\Shell - "" = AutoRun
O33 - MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\Shell\AutoRun\command - "" = H:\Startme.exe
:Files
C:\Program Files (x86)\PDFCreator\Toolbar
C:\Users\***\Downloads\2012.zip
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
26.07.2012, 07:39
| #19 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. gemacht: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3891845889-4225406144-588273056-1000\Software\Microsoft\Internet Explorer\SearchScopes\{22789892-B8C5-4C17-9509-592C0BA40331}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22789892-B8C5-4C17-9509-592C0BA40331}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62aec2ef-21db-11e1-9875-002354a0f7c8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62aec2ef-21db-11e1-9875-002354a0f7c8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62aec2ef-21db-11e1-9875-002354a0f7c8}\ not found.
File H:\Startme.exe not found.
========== FILES ==========
C:\Program Files (x86)\PDFCreator\Toolbar folder moved successfully.
File\Folder C:\Users\***\Downloads\2012.zip not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: ***
->Temp folder emptied: 70963512 bytes
->Temporary Internet Files folder emptied: 254642878 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 242085262 bytes
->Apple Safari cache emptied: 1223680 bytes
->Flash cache emptied: 27146 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 242758761 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 5963590973 bytes
Total Files Cleaned = 6.462,00 mb
[EMPTYFLASH]
User: All Users
User: ***
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.54.0 log created on 07262012_082335
Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Claudis Lappi\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
26.07.2012, 14:52
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2012, 11:58
| #21 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. TDSS: Code:
ATTFilter 12:51:06.0339 1140 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:51:06.0402 1140 ============================================================
12:51:06.0402 1140 Current date / time: 2012/07/29 12:51:06.0402
12:51:06.0402 1140 SystemInfo:
12:51:06.0402 1140
12:51:06.0402 1140 OS Version: 6.1.7601 ServicePack: 1.0
12:51:06.0402 1140 Product type: Workstation
12:51:06.0402 1140 ComputerName: ***-PC
12:51:06.0402 1140 UserName: ***
12:51:06.0402 1140 Windows directory: C:\Windows
12:51:06.0402 1140 System windows directory: C:\Windows
12:51:06.0402 1140 Running under WOW64
12:51:06.0402 1140 Processor architecture: Intel x64
12:51:06.0402 1140 Number of processors: 2
12:51:06.0402 1140 Page size: 0x1000
12:51:06.0402 1140 Boot type: Normal boot
12:51:06.0402 1140 ============================================================
12:51:08.0102 1140 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:51:08.0102 1140 Drive \Device\Harddisk1\DR1 - Size: 0xF0D8EE00 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:51:08.0102 1140 ============================================================
12:51:08.0102 1140 \Device\Harddisk0\DR0:
12:51:08.0102 1140 MBR partitions:
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1800000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x972C000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAF5E800, BlocksNum 0x1A4CF800
12:51:08.0102 1140 \Device\Harddisk1\DR1:
12:51:08.0102 1140 MBR partitions:
12:51:08.0102 1140 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x785BEC
12:51:08.0102 1140 ============================================================
12:51:08.0149 1140 C: <-> \Device\Harddisk0\DR0\Partition2
12:51:08.0196 1140 D: <-> \Device\Harddisk0\DR0\Partition0
12:51:08.0227 1140 E: <-> \Device\Harddisk0\DR0\Partition3
12:51:08.0227 1140 ============================================================
12:51:08.0227 1140 Initialize success
12:51:08.0227 1140 ============================================================
12:51:37.0337 4004 ============================================================
12:51:37.0337 4004 Scan started
12:51:37.0337 4004 Mode: Manual; SigCheck; TDLFS;
12:51:37.0337 4004 ============================================================
12:51:38.0304 4004 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:51:38.0429 4004 1394ohci - ok
12:51:38.0476 4004 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
12:51:38.0538 4004 acedrv11 - ok
12:51:38.0585 4004 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:51:38.0600 4004 ACPI - ok
12:51:38.0632 4004 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:51:38.0710 4004 AcpiPmi - ok
12:51:38.0803 4004 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:51:38.0834 4004 adp94xx - ok
12:51:38.0897 4004 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:51:38.0959 4004 adpahci - ok
12:51:38.0990 4004 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:51:39.0022 4004 adpu320 - ok
12:51:39.0084 4004 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:51:39.0271 4004 AeLookupSvc - ok
12:51:39.0349 4004 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:51:39.0427 4004 AFD - ok
12:51:39.0458 4004 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:51:39.0474 4004 agp440 - ok
12:51:39.0505 4004 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:51:39.0568 4004 ALG - ok
12:51:39.0583 4004 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:51:39.0599 4004 aliide - ok
12:51:39.0630 4004 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:51:39.0646 4004 amdide - ok
12:51:39.0692 4004 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:51:39.0739 4004 AmdK8 - ok
12:51:39.0755 4004 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:51:39.0802 4004 AmdPPM - ok
12:51:39.0864 4004 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:51:39.0880 4004 amdsata - ok
12:51:39.0942 4004 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:51:39.0973 4004 amdsbs - ok
12:51:40.0004 4004 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:51:40.0036 4004 amdxata - ok
12:51:40.0114 4004 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:51:40.0129 4004 AntiVirSchedulerService - ok
12:51:40.0160 4004 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:51:40.0176 4004 AntiVirService - ok
12:51:40.0223 4004 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:51:40.0410 4004 AppID - ok
12:51:40.0426 4004 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:51:40.0504 4004 AppIDSvc - ok
12:51:40.0535 4004 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:51:40.0597 4004 Appinfo - ok
12:51:40.0769 4004 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:51:40.0784 4004 Apple Mobile Device - ok
12:51:40.0816 4004 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:51:40.0878 4004 AppMgmt - ok
12:51:40.0925 4004 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:51:40.0940 4004 arc - ok
12:51:40.0956 4004 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:51:40.0987 4004 arcsas - ok
12:51:41.0018 4004 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:51:41.0081 4004 AsyncMac - ok
12:51:41.0143 4004 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:51:41.0159 4004 atapi - ok
12:51:41.0408 4004 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
12:51:41.0455 4004 athr - ok
12:51:41.0721 4004 Ati External Event Utility (09c792635224bcf1f4436b67e1ff3172) C:\Windows\system32\Ati2evxx.exe
12:51:41.0784 4004 Ati External Event Utility - ok
12:51:42.0501 4004 atikmdag (d491f749b487d7cb5aee12436802ad88) C:\Windows\system32\DRIVERS\atikmdag.sys
12:51:42.0704 4004 atikmdag - ok
12:51:42.0969 4004 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:51:43.0001 4004 AtiPcie - ok
12:51:43.0063 4004 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:51:43.0141 4004 AudioEndpointBuilder - ok
12:51:43.0157 4004 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:51:43.0219 4004 AudioSrv - ok
12:51:43.0313 4004 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
12:51:43.0344 4004 avgntflt - ok
12:51:43.0484 4004 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
12:51:43.0515 4004 avipbb - ok
12:51:43.0547 4004 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
12:51:43.0578 4004 avkmgr - ok
12:51:43.0609 4004 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:51:43.0718 4004 AxInstSV - ok
12:51:43.0843 4004 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:51:43.0905 4004 b06bdrv - ok
12:51:43.0937 4004 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:51:44.0046 4004 b57nd60a - ok
12:51:44.0093 4004 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:51:44.0124 4004 BDESVC - ok
12:51:44.0124 4004 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:51:44.0202 4004 Beep - ok
12:51:44.0405 4004 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:51:44.0451 4004 BFE - ok
12:51:44.0607 4004 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:51:44.0701 4004 BITS - ok
12:51:44.0779 4004 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:51:44.0826 4004 blbdrive - ok
12:51:44.0982 4004 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:51:45.0013 4004 Bonjour Service - ok
12:51:45.0060 4004 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:51:45.0091 4004 bowser - ok
12:51:45.0122 4004 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:51:45.0200 4004 BrFiltLo - ok
12:51:45.0216 4004 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:51:45.0231 4004 BrFiltUp - ok
12:51:45.0278 4004 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:51:45.0372 4004 Browser - ok
12:51:45.0653 4004 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:51:45.0731 4004 Brserid - ok
12:51:45.0746 4004 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:51:45.0777 4004 BrSerWdm - ok
12:51:45.0809 4004 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:51:45.0840 4004 BrUsbMdm - ok
12:51:45.0855 4004 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:51:45.0887 4004 BrUsbSer - ok
12:51:45.0918 4004 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:51:45.0949 4004 BTHMODEM - ok
12:51:45.0996 4004 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:51:46.0058 4004 bthserv - ok
12:51:46.0089 4004 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:51:46.0136 4004 cdfs - ok
12:51:46.0199 4004 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:51:46.0230 4004 cdrom - ok
12:51:46.0277 4004 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:51:46.0339 4004 CertPropSvc - ok
12:51:46.0370 4004 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:51:46.0401 4004 circlass - ok
12:51:46.0448 4004 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:51:46.0479 4004 CLFS - ok
12:51:46.0573 4004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:51:46.0589 4004 clr_optimization_v2.0.50727_32 - ok
12:51:46.0651 4004 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:51:46.0667 4004 clr_optimization_v2.0.50727_64 - ok
12:51:46.0760 4004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:51:46.0776 4004 clr_optimization_v4.0.30319_32 - ok
12:51:46.0807 4004 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:51:46.0823 4004 clr_optimization_v4.0.30319_64 - ok
12:51:46.0854 4004 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:51:46.0885 4004 CmBatt - ok
12:51:46.0916 4004 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:51:46.0932 4004 cmdide - ok
12:51:46.0979 4004 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:51:47.0025 4004 CNG - ok
12:51:47.0057 4004 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:51:47.0072 4004 Compbatt - ok
12:51:47.0119 4004 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:51:47.0150 4004 CompositeBus - ok
12:51:47.0166 4004 COMSysApp - ok
12:51:47.0181 4004 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:51:47.0197 4004 crcdisk - ok
12:51:47.0244 4004 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:51:47.0306 4004 CryptSvc - ok
12:51:47.0369 4004 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:51:47.0447 4004 CSC - ok
12:51:47.0509 4004 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:51:47.0571 4004 CscService - ok
12:51:47.0634 4004 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:51:47.0712 4004 DcomLaunch - ok
12:51:47.0759 4004 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:51:47.0837 4004 defragsvc - ok
12:51:47.0899 4004 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:51:47.0977 4004 DfsC - ok
12:51:48.0071 4004 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:51:48.0133 4004 Dhcp - ok
12:51:48.0180 4004 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:51:48.0227 4004 discache - ok
12:51:48.0273 4004 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:51:48.0289 4004 Disk - ok
12:51:48.0461 4004 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:51:48.0523 4004 Dnscache - ok
12:51:48.0554 4004 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:51:48.0632 4004 dot3svc - ok
12:51:48.0773 4004 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:51:48.0835 4004 DPS - ok
12:51:48.0882 4004 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:51:48.0913 4004 drmkaud - ok
12:51:49.0147 4004 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:51:49.0178 4004 DXGKrnl - ok
12:51:49.0241 4004 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
12:51:49.0287 4004 E1G60 - ok
12:51:49.0319 4004 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:51:49.0381 4004 EapHost - ok
12:51:51.0378 4004 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:51:51.0518 4004 ebdrv - ok
12:51:51.0971 4004 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:51:52.0049 4004 EFS - ok
12:51:52.0329 4004 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:51:52.0423 4004 ehRecvr - ok
12:51:52.0517 4004 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:51:52.0563 4004 ehSched - ok
12:51:52.0657 4004 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:51:52.0704 4004 elxstor - ok
12:51:52.0766 4004 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:51:52.0813 4004 ErrDev - ok
12:51:52.0891 4004 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:51:52.0953 4004 EventSystem - ok
12:51:53.0078 4004 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:51:53.0156 4004 exfat - ok
12:51:53.0328 4004 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:51:53.0390 4004 fastfat - ok
12:51:53.0468 4004 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:51:53.0515 4004 Fax - ok
12:51:53.0546 4004 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:51:53.0577 4004 fdc - ok
12:51:53.0609 4004 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:51:53.0671 4004 fdPHost - ok
12:51:53.0718 4004 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:51:53.0780 4004 FDResPub - ok
12:51:53.0843 4004 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:51:53.0874 4004 FileInfo - ok
12:51:53.0936 4004 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:51:54.0014 4004 Filetrace - ok
12:51:54.0045 4004 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:51:54.0061 4004 flpydisk - ok
12:51:54.0123 4004 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:51:54.0139 4004 FltMgr - ok
12:51:54.0248 4004 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:51:54.0326 4004 FontCache - ok
12:51:54.0404 4004 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:51:54.0420 4004 FontCache3.0.0.0 - ok
12:51:54.0513 4004 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:51:54.0529 4004 FsDepends - ok
12:51:54.0560 4004 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:51:54.0576 4004 Fs_Rec - ok
12:51:54.0623 4004 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:51:54.0654 4004 fvevol - ok
12:51:54.0685 4004 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:51:54.0701 4004 gagp30kx - ok
12:51:54.0732 4004 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:51:54.0747 4004 GEARAspiWDM - ok
12:51:54.0779 4004 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:51:54.0810 4004 ggflt - ok
12:51:54.0841 4004 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:51:54.0872 4004 ggsemc - ok
12:51:55.0184 4004 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:51:55.0262 4004 gpsvc - ok
12:51:55.0309 4004 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:51:55.0356 4004 hcw85cir - ok
12:51:55.0418 4004 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:51:55.0465 4004 HdAudAddService - ok
12:51:55.0496 4004 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:51:55.0527 4004 HDAudBus - ok
12:51:55.0543 4004 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:51:55.0559 4004 HidBatt - ok
12:51:55.0574 4004 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:51:55.0605 4004 HidBth - ok
12:51:55.0621 4004 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:51:55.0652 4004 HidIr - ok
12:51:55.0699 4004 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:51:55.0761 4004 hidserv - ok
12:51:55.0793 4004 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:51:55.0824 4004 HidUsb - ok
12:51:55.0886 4004 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:51:55.0995 4004 hkmsvc - ok
12:51:56.0027 4004 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:51:56.0089 4004 HomeGroupListener - ok
12:51:56.0120 4004 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:51:56.0167 4004 HomeGroupProvider - ok
12:51:56.0245 4004 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:51:56.0261 4004 HpSAMD - ok
12:51:56.0354 4004 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:51:56.0432 4004 HTTP - ok
12:51:56.0479 4004 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:51:56.0495 4004 hwpolicy - ok
12:51:56.0557 4004 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:51:56.0573 4004 i8042prt - ok
12:51:56.0651 4004 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:51:56.0682 4004 iaStorV - ok
12:51:57.0243 4004 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:51:57.0306 4004 idsvc - ok
12:51:57.0337 4004 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:51:57.0368 4004 iirsp - ok
12:51:57.0649 4004 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:51:57.0743 4004 IKEEXT - ok
12:51:57.0774 4004 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:51:57.0789 4004 intelide - ok
12:51:57.0836 4004 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:51:57.0867 4004 intelppm - ok
12:51:57.0914 4004 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:51:57.0961 4004 IPBusEnum - ok
12:51:57.0977 4004 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:51:58.0039 4004 IpFilterDriver - ok
12:51:58.0101 4004 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:51:58.0164 4004 iphlpsvc - ok
12:51:58.0211 4004 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:51:58.0242 4004 IPMIDRV - ok
12:51:58.0273 4004 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:51:58.0335 4004 IPNAT - ok
12:51:58.0460 4004 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
12:51:58.0491 4004 iPod Service - ok
12:51:58.0507 4004 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:51:58.0538 4004 IRENUM - ok
12:51:58.0585 4004 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:51:58.0601 4004 isapnp - ok
12:51:58.0663 4004 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:51:58.0694 4004 iScsiPrt - ok
12:51:58.0741 4004 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:51:58.0757 4004 kbdclass - ok
12:51:58.0803 4004 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:51:58.0850 4004 kbdhid - ok
12:51:58.0866 4004 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:58.0881 4004 KeyIso - ok
12:51:58.0975 4004 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:51:59.0006 4004 KSecDD - ok
12:51:59.0022 4004 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:51:59.0053 4004 KSecPkg - ok
12:51:59.0100 4004 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:51:59.0162 4004 ksthunk - ok
12:51:59.0209 4004 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:51:59.0287 4004 KtmRm - ok
12:51:59.0334 4004 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:51:59.0412 4004 LanmanServer - ok
12:51:59.0474 4004 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:51:59.0537 4004 LanmanWorkstation - ok
12:51:59.0568 4004 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:51:59.0646 4004 lltdio - ok
12:51:59.0693 4004 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:51:59.0771 4004 lltdsvc - ok
12:51:59.0802 4004 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:51:59.0849 4004 lmhosts - ok
12:51:59.0895 4004 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:51:59.0911 4004 LSI_FC - ok
12:51:59.0942 4004 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:51:59.0973 4004 LSI_SAS - ok
12:51:59.0989 4004 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:52:00.0005 4004 LSI_SAS2 - ok
12:52:00.0051 4004 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:52:00.0067 4004 LSI_SCSI - ok
12:52:00.0098 4004 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:52:00.0161 4004 luafv - ok
12:52:00.0223 4004 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
12:52:00.0254 4004 MBAMProtector - ok
12:52:00.0426 4004 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:52:00.0441 4004 MBAMService - ok
12:52:00.0566 4004 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:52:00.0597 4004 Mcx2Svc - ok
12:52:00.0691 4004 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:52:00.0722 4004 MDM ( UnsignedFile.Multi.Generic ) - warning
12:52:00.0722 4004 MDM - detected UnsignedFile.Multi.Generic (1)
12:52:00.0753 4004 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:52:00.0769 4004 megasas - ok
12:52:00.0816 4004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:52:00.0831 4004 MegaSR - ok
12:52:00.0878 4004 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:52:00.0941 4004 MMCSS - ok
12:52:01.0003 4004 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:52:01.0081 4004 Modem - ok
12:52:01.0128 4004 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:52:01.0159 4004 monitor - ok
12:52:01.0190 4004 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:52:01.0206 4004 mouclass - ok
12:52:01.0237 4004 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:52:01.0268 4004 mouhid - ok
12:52:01.0315 4004 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:52:01.0331 4004 mountmgr - ok
12:52:01.0377 4004 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:52:01.0393 4004 mpio - ok
12:52:01.0409 4004 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:52:01.0455 4004 mpsdrv - ok
12:52:01.0596 4004 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:52:01.0674 4004 MpsSvc - ok
12:52:01.0705 4004 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:52:01.0767 4004 MRxDAV - ok
12:52:01.0799 4004 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:52:01.0861 4004 mrxsmb - ok
12:52:01.0908 4004 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:52:01.0955 4004 mrxsmb10 - ok
12:52:01.0986 4004 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:52:02.0001 4004 mrxsmb20 - ok
12:52:02.0064 4004 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:52:02.0095 4004 msahci - ok
12:52:02.0126 4004 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:52:02.0157 4004 msdsm - ok
12:52:02.0204 4004 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:52:02.0267 4004 MSDTC - ok
12:52:02.0313 4004 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:52:02.0376 4004 Msfs - ok
12:52:02.0391 4004 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:52:02.0454 4004 mshidkmdf - ok
12:52:02.0485 4004 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:52:02.0501 4004 msisadrv - ok
12:52:02.0579 4004 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:52:02.0641 4004 MSiSCSI - ok
12:52:02.0641 4004 msiserver - ok
12:52:02.0672 4004 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:52:02.0735 4004 MSKSSRV - ok
12:52:02.0750 4004 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:52:02.0813 4004 MSPCLOCK - ok
12:52:02.0813 4004 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:52:02.0859 4004 MSPQM - ok
12:52:03.0031 4004 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:52:03.0047 4004 MsRPC - ok
12:52:03.0078 4004 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:52:03.0093 4004 mssmbios - ok
12:52:03.0140 4004 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:52:03.0203 4004 MSTEE - ok
12:52:03.0203 4004 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:52:03.0218 4004 MTConfig - ok
12:52:03.0249 4004 MTsensor64 (0df53a9649073cebbc0988d6353fed6e) C:\Windows\system32\DRIVERS\PuAcpi64.sys
12:52:03.0281 4004 MTsensor64 - ok
12:52:03.0296 4004 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:52:03.0312 4004 Mup - ok
12:52:03.0374 4004 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:52:03.0437 4004 napagent - ok
12:52:03.0530 4004 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:52:03.0561 4004 NativeWifiP - ok
12:52:03.0764 4004 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:52:03.0812 4004 NDIS - ok
12:52:03.0859 4004 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:52:03.0921 4004 NdisCap - ok
12:52:03.0937 4004 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:52:03.0999 4004 NdisTapi - ok
12:52:04.0046 4004 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:52:04.0108 4004 Ndisuio - ok
12:52:04.0140 4004 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:52:04.0218 4004 NdisWan - ok
12:52:04.0296 4004 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:52:04.0342 4004 NDProxy - ok
12:52:04.0389 4004 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:52:04.0452 4004 NetBIOS - ok
12:52:04.0545 4004 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:52:04.0608 4004 NetBT - ok
12:52:04.0639 4004 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:04.0654 4004 Netlogon - ok
12:52:04.0748 4004 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:52:04.0810 4004 Netman - ok
12:52:04.0951 4004 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:52:05.0029 4004 netprofm - ok
12:52:05.0247 4004 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:52:05.0294 4004 NetTcpPortSharing - ok
12:52:05.0325 4004 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:52:05.0341 4004 nfrd960 - ok
12:52:05.0388 4004 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:52:05.0466 4004 NlaSvc - ok
12:52:05.0512 4004 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:52:05.0575 4004 Npfs - ok
12:52:05.0590 4004 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:52:05.0668 4004 nsi - ok
12:52:05.0700 4004 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:52:05.0778 4004 nsiproxy - ok
12:52:06.0058 4004 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:52:06.0121 4004 Ntfs - ok
12:52:06.0417 4004 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:52:06.0480 4004 Null - ok
12:52:06.0511 4004 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:52:06.0542 4004 nvraid - ok
12:52:06.0573 4004 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:52:06.0589 4004 nvstor - ok
12:52:06.0682 4004 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:52:06.0698 4004 nv_agp - ok
12:52:06.0823 4004 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:52:06.0854 4004 odserv - ok
12:52:06.0870 4004 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:52:06.0901 4004 ohci1394 - ok
12:52:06.0963 4004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:52:06.0979 4004 ose - ok
12:52:07.0026 4004 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:52:07.0104 4004 p2pimsvc - ok
12:52:07.0135 4004 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:52:07.0166 4004 p2psvc - ok
12:52:07.0197 4004 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:52:07.0244 4004 Parport - ok
12:52:07.0260 4004 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:52:07.0275 4004 partmgr - ok
12:52:07.0291 4004 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:52:07.0338 4004 PcaSvc - ok
12:52:07.0431 4004 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:52:07.0447 4004 pci - ok
12:52:07.0478 4004 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:52:07.0494 4004 pciide - ok
12:52:07.0572 4004 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:52:07.0603 4004 pcmcia - ok
12:52:07.0618 4004 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:52:07.0634 4004 pcw - ok
12:52:07.0821 4004 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:52:07.0899 4004 PEAUTH - ok
12:52:08.0149 4004 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:52:08.0242 4004 PeerDistSvc - ok
12:52:08.0430 4004 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:52:08.0461 4004 PerfHost - ok
12:52:08.0773 4004 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:52:08.0866 4004 pla - ok
12:52:08.0913 4004 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:52:08.0976 4004 PlugPlay - ok
12:52:09.0007 4004 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:52:09.0022 4004 PNRPAutoReg - ok
12:52:09.0069 4004 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:52:09.0100 4004 PNRPsvc - ok
12:52:09.0163 4004 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:52:09.0241 4004 PolicyAgent - ok
12:52:09.0272 4004 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:52:09.0350 4004 Power - ok
12:52:09.0412 4004 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:52:09.0475 4004 PptpMiniport - ok
12:52:09.0522 4004 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:52:09.0553 4004 Processor - ok
12:52:09.0600 4004 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:52:09.0662 4004 ProfSvc - ok
12:52:09.0724 4004 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:09.0740 4004 ProtectedStorage - ok
12:52:09.0802 4004 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:52:09.0849 4004 Psched - ok
12:52:10.0224 4004 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:52:10.0302 4004 ql2300 - ok
12:52:10.0567 4004 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:52:10.0582 4004 ql40xx - ok
12:52:10.0629 4004 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:52:10.0676 4004 QWAVE - ok
12:52:10.0707 4004 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:52:10.0738 4004 QWAVEdrv - ok
12:52:10.0785 4004 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:52:10.0848 4004 RasAcd - ok
12:52:10.0894 4004 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:52:10.0941 4004 RasAgileVpn - ok
12:52:10.0972 4004 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:52:11.0019 4004 RasAuto - ok
12:52:11.0066 4004 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:52:11.0128 4004 Rasl2tp - ok
12:52:11.0175 4004 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:52:11.0253 4004 RasMan - ok
12:52:11.0284 4004 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:52:11.0347 4004 RasPppoe - ok
12:52:11.0378 4004 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:52:11.0440 4004 RasSstp - ok
12:52:11.0487 4004 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:52:11.0565 4004 rdbss - ok
12:52:11.0581 4004 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:52:11.0612 4004 rdpbus - ok
12:52:11.0643 4004 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:52:11.0690 4004 RDPCDD - ok
12:52:11.0752 4004 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:52:11.0784 4004 RDPDR - ok
12:52:11.0799 4004 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:52:11.0862 4004 RDPENCDD - ok
12:52:11.0893 4004 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:52:11.0940 4004 RDPREFMP - ok
12:52:11.0971 4004 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
12:52:12.0018 4004 RdpVideoMiniport - ok
12:52:12.0158 4004 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:52:12.0220 4004 RDPWD - ok
12:52:12.0252 4004 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:52:12.0283 4004 rdyboost - ok
12:52:12.0330 4004 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:52:12.0408 4004 RemoteAccess - ok
12:52:12.0501 4004 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:52:12.0579 4004 RemoteRegistry - ok
12:52:12.0954 4004 rimmptsk (f45d6e12eb99a668f52201637c67c8f5) C:\Windows\system32\DRIVERS\rimmpx64.sys
12:52:13.0016 4004 rimmptsk - ok
12:52:13.0047 4004 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
12:52:13.0094 4004 rimsptsk - ok
12:52:13.0141 4004 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:52:13.0203 4004 RpcEptMapper - ok
12:52:13.0234 4004 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:52:13.0266 4004 RpcLocator - ok
12:52:13.0312 4004 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:52:13.0359 4004 RpcSs - ok
12:52:13.0406 4004 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:52:13.0468 4004 rspndr - ok
12:52:13.0515 4004 RTL8023x64 (c02ff907a2de4f6c6f7e34fbad08660e) C:\Windows\system32\DRIVERS\Rtnic64.sys
12:52:13.0546 4004 RTL8023x64 - ok
12:52:13.0578 4004 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:52:13.0624 4004 s3cap - ok
12:52:13.0656 4004 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:13.0671 4004 SamSs - ok
12:52:13.0702 4004 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:52:13.0718 4004 sbp2port - ok
12:52:13.0983 4004 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:52:14.0014 4004 SBSDWSCService - ok
12:52:14.0077 4004 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:52:14.0155 4004 SCardSvr - ok
12:52:14.0280 4004 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:52:14.0358 4004 scfilter - ok
12:52:14.0763 4004 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:52:14.0857 4004 Schedule - ok
12:52:14.0951 4004 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:52:14.0998 4004 SCPolicySvc - ok
12:52:15.0061 4004 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
12:52:15.0076 4004 sdbus - ok
12:52:15.0248 4004 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:52:15.0326 4004 SDRSVC - ok
12:52:15.0451 4004 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:52:15.0513 4004 secdrv - ok
12:52:15.0544 4004 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:52:15.0607 4004 seclogon - ok
12:52:15.0731 4004 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:52:15.0809 4004 SENS - ok
12:52:15.0841 4004 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:52:15.0887 4004 SensrSvc - ok
12:52:15.0919 4004 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:52:15.0950 4004 Serenum - ok
12:52:16.0090 4004 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:52:16.0121 4004 Serial - ok
12:52:16.0215 4004 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:52:16.0246 4004 sermouse - ok
12:52:16.0309 4004 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:52:16.0371 4004 SessionEnv - ok
12:52:16.0402 4004 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:52:16.0433 4004 sffdisk - ok
12:52:16.0449 4004 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:52:16.0480 4004 sffp_mmc - ok
12:52:16.0496 4004 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:52:16.0543 4004 sffp_sd - ok
12:52:16.0558 4004 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:52:16.0574 4004 sfloppy - ok
12:52:16.0730 4004 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:52:16.0808 4004 SharedAccess - ok
12:52:16.0855 4004 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:52:16.0933 4004 ShellHWDetection - ok
12:52:16.0964 4004 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:52:16.0979 4004 SiSRaid2 - ok
12:52:17.0073 4004 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:52:17.0089 4004 SiSRaid4 - ok
12:52:17.0120 4004 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:52:17.0182 4004 Smb - ok
12:52:17.0260 4004 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:52:17.0307 4004 SNMPTRAP - ok
12:52:17.0416 4004 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
12:52:17.0447 4004 Sony Ericsson PCCompanion - ok
12:52:17.0494 4004 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:52:17.0510 4004 spldr - ok
12:52:17.0572 4004 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:52:17.0635 4004 Spooler - ok
12:52:18.0243 4004 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:52:18.0415 4004 sppsvc - ok
12:52:18.0649 4004 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:52:18.0711 4004 sppuinotify - ok
12:52:18.0742 4004 sptd - ok
12:52:18.0820 4004 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:52:18.0883 4004 srv - ok
12:52:18.0945 4004 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:52:18.0992 4004 srv2 - ok
12:52:19.0039 4004 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:52:19.0085 4004 srvnet - ok
12:52:19.0148 4004 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:52:19.0210 4004 SSDPSRV - ok
12:52:19.0226 4004 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:52:19.0288 4004 SstpSvc - ok
12:52:19.0319 4004 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:52:19.0335 4004 stexstor - ok
12:52:19.0522 4004 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:52:19.0569 4004 stisvc - ok
12:52:19.0616 4004 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:52:19.0631 4004 storflt - ok
12:52:19.0663 4004 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:52:19.0678 4004 storvsc - ok
12:52:19.0694 4004 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:52:19.0709 4004 swenum - ok
12:52:19.0803 4004 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:52:19.0865 4004 swprv - ok
12:52:19.0897 4004 Synth3dVsc - ok
12:52:20.0209 4004 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:52:20.0302 4004 SysMain - ok
12:52:20.0489 4004 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:52:20.0536 4004 TabletInputService - ok
12:52:20.0583 4004 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:52:20.0645 4004 TapiSrv - ok
12:52:20.0692 4004 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:52:20.0755 4004 TBS - ok
12:52:21.0176 4004 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:52:21.0254 4004 Tcpip - ok
12:52:21.0737 4004 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:52:21.0784 4004 TCPIP6 - ok
12:52:22.0159 4004 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:52:22.0205 4004 tcpipreg - ok
12:52:22.0252 4004 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:52:22.0283 4004 TDPIPE - ok
12:52:22.0315 4004 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:52:22.0346 4004 TDTCP - ok
12:52:22.0408 4004 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:52:22.0471 4004 tdx - ok
12:52:22.0564 4004 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:52:22.0580 4004 TermDD - ok
12:52:23.0110 4004 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:52:23.0204 4004 TermService - ok
12:52:23.0251 4004 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:52:23.0266 4004 Themes - ok
12:52:23.0422 4004 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:52:23.0469 4004 THREADORDER - ok
12:52:23.0531 4004 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:52:23.0594 4004 TrkWks - ok
12:52:23.0750 4004 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:52:23.0797 4004 TrustedInstaller - ok
12:52:23.0859 4004 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:52:23.0906 4004 tssecsrv - ok
12:52:23.0937 4004 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:52:23.0999 4004 TsUsbFlt - ok
12:52:23.0999 4004 tsusbhub - ok
12:52:24.0077 4004 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:52:24.0140 4004 tunnel - ok
12:52:24.0171 4004 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:52:24.0187 4004 uagp35 - ok
12:52:24.0265 4004 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:52:24.0327 4004 udfs - ok
12:52:24.0405 4004 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:52:24.0421 4004 UI0Detect - ok
12:52:24.0514 4004 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:52:24.0530 4004 uliagpkx - ok
12:52:24.0655 4004 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:52:24.0701 4004 umbus - ok
12:52:24.0764 4004 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:52:24.0795 4004 UmPass - ok
12:52:24.0842 4004 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:52:24.0889 4004 UmRdpService - ok
12:52:25.0029 4004 UnlockerDriver5 (9dc07e73a4abb9acf692113b36a5009f) C:\Program Files\Unlocker\UnlockerDriver5.sys
12:52:25.0060 4004 UnlockerDriver5 - ok
12:52:25.0341 4004 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:52:25.0403 4004 upnphost - ok
12:52:25.0450 4004 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:52:25.0513 4004 USBAAPL64 - ok
12:52:25.0606 4004 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:52:25.0637 4004 usbaudio - ok
12:52:25.0747 4004 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:52:25.0793 4004 usbccgp - ok
12:52:25.0856 4004 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:52:25.0871 4004 usbcir - ok
12:52:25.0918 4004 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:52:25.0949 4004 usbehci - ok
12:52:26.0012 4004 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:52:26.0060 4004 usbhub - ok
12:52:26.0106 4004 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:52:26.0122 4004 usbohci - ok
12:52:26.0153 4004 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:52:26.0200 4004 usbprint - ok
12:52:26.0231 4004 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:52:26.0278 4004 USBSTOR - ok
12:52:26.0294 4004 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:52:26.0340 4004 usbuhci - ok
12:52:26.0387 4004 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:52:26.0450 4004 UxSms - ok
12:52:26.0496 4004 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:26.0512 4004 VaultSvc - ok
12:52:26.0621 4004 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:52:26.0637 4004 vdrvroot - ok
12:52:26.0808 4004 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:52:26.0871 4004 vds - ok
12:52:26.0918 4004 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:52:26.0933 4004 vga - ok
12:52:26.0964 4004 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:52:27.0011 4004 VgaSave - ok
12:52:27.0027 4004 VGPU - ok
12:52:27.0074 4004 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:52:27.0105 4004 vhdmp - ok
12:52:27.0136 4004 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:52:27.0152 4004 viaide - ok
12:52:27.0183 4004 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:52:27.0214 4004 vmbus - ok
12:52:27.0230 4004 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:52:27.0261 4004 VMBusHID - ok
12:52:27.0292 4004 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:52:27.0308 4004 volmgr - ok
12:52:27.0432 4004 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:52:27.0464 4004 volmgrx - ok
12:52:27.0510 4004 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:52:27.0542 4004 volsnap - ok
12:52:27.0588 4004 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:52:27.0620 4004 vsmraid - ok
12:52:28.0181 4004 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:52:28.0306 4004 VSS - ok
12:52:28.0540 4004 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:52:28.0587 4004 vwifibus - ok
12:52:28.0618 4004 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:52:28.0634 4004 vwififlt - ok
12:52:28.0805 4004 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:52:28.0868 4004 W32Time - ok
12:52:28.0946 4004 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:52:28.0961 4004 WacomPen - ok
12:52:29.0008 4004 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:52:29.0086 4004 WANARP - ok
12:52:29.0102 4004 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:52:29.0148 4004 Wanarpv6 - ok
12:52:29.0398 4004 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:52:29.0492 4004 wbengine - ok
12:52:29.0694 4004 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:52:29.0726 4004 WbioSrvc - ok
12:52:29.0772 4004 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:52:29.0819 4004 wcncsvc - ok
12:52:29.0850 4004 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:52:29.0897 4004 WcsPlugInService - ok
12:52:29.0960 4004 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:52:29.0991 4004 Wd - ok
12:52:30.0084 4004 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:52:30.0131 4004 Wdf01000 - ok
12:52:30.0147 4004 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:52:30.0240 4004 WdiServiceHost - ok
12:52:30.0240 4004 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:52:30.0272 4004 WdiSystemHost - ok
12:52:30.0350 4004 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:52:30.0396 4004 WebClient - ok
12:52:30.0443 4004 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:52:30.0537 4004 Wecsvc - ok
12:52:30.0584 4004 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:52:30.0662 4004 wercplsupport - ok
12:52:30.0693 4004 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:52:30.0740 4004 WerSvc - ok
12:52:30.0802 4004 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:52:30.0849 4004 WfpLwf - ok
12:52:30.0880 4004 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:52:30.0911 4004 WIMMount - ok
12:52:30.0942 4004 WinDefend - ok
12:52:30.0958 4004 WinHttpAutoProxySvc - ok
12:52:31.0067 4004 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:52:31.0130 4004 Winmgmt - ok
12:52:31.0254 4004 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:52:31.0364 4004 WinRM - ok
12:52:31.0504 4004 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:52:31.0520 4004 WinUsb - ok
12:52:31.0598 4004 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:52:31.0644 4004 Wlansvc - ok
12:52:31.0676 4004 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:52:31.0707 4004 WmiAcpi - ok
12:52:31.0785 4004 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:52:31.0832 4004 wmiApSrv - ok
12:52:31.0863 4004 WMPNetworkSvc - ok
12:52:31.0894 4004 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:52:31.0941 4004 WPCSvc - ok
12:52:31.0956 4004 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:52:31.0988 4004 WPDBusEnum - ok
12:52:32.0003 4004 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:52:32.0081 4004 ws2ifsl - ok
12:52:32.0097 4004 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:52:32.0145 4004 wscsvc - ok
12:52:32.0145 4004 WSearch - ok
12:52:32.0301 4004 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:52:32.0379 4004 wuauserv - ok
12:52:32.0488 4004 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:52:32.0550 4004 WudfPf - ok
12:52:32.0597 4004 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:52:32.0675 4004 WUDFRd - ok
12:52:32.0691 4004 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:52:32.0737 4004 wudfsvc - ok
12:52:32.0784 4004 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:52:32.0831 4004 WwanSvc - ok
12:52:32.0893 4004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:52:33.0112 4004 \Device\Harddisk0\DR0 - ok
12:52:33.0112 4004 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
12:52:36.0673 4004 \Device\Harddisk1\DR1 - ok
12:52:36.0719 4004 Boot (0x1200) (a65861140742e2283c0b1c7a387bb4c0) \Device\Harddisk0\DR0\Partition0
12:52:36.0719 4004 \Device\Harddisk0\DR0\Partition0 - ok
12:52:36.0719 4004 Boot (0x1200) (121fc360747a23a73f6c69d22cf82f14) \Device\Harddisk0\DR0\Partition1
12:52:36.0735 4004 \Device\Harddisk0\DR0\Partition1 - ok
12:52:36.0751 4004 Boot (0x1200) (7825221b43ef73816bbdedecbdc4befa) \Device\Harddisk0\DR0\Partition2
12:52:36.0751 4004 \Device\Harddisk0\DR0\Partition2 - ok
12:52:36.0782 4004 Boot (0x1200) (4e96d27601d945ee7f15b4947e01c70c) \Device\Harddisk0\DR0\Partition3
12:52:36.0782 4004 \Device\Harddisk0\DR0\Partition3 - ok
12:52:36.0782 4004 Boot (0x1200) (c2948df7fca58a31c2e1c92e02bf1b23) \Device\Harddisk1\DR1\Partition0
12:52:36.0782 4004 \Device\Harddisk1\DR1\Partition0 - ok
12:52:36.0782 4004 ============================================================
12:52:36.0782 4004 Scan finished
12:52:36.0782 4004 ============================================================
12:52:36.0797 3396 Detected object count: 1
12:52:36.0797 3396 Actual detected object count: 1
|
|
29.07.2012, 17:34
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Log ist unvollständig, die untere Zusammenfassung fehlt! Da das anderen bei diesem TDSS-Killer auch schon ofter passiert würd eich gern mal wissen warum man nicht STRG+A für Alles Kopieren verwendet?! Geht auch Bearbeiten => Alles kopieren 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2012, 19:27
| #23 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Hallo ich habe alles gepostet, es ist nicht mehr vorhanden! Gruß Casandra |
|
29.07.2012, 20:25
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Die untere Zusammenfassung fehlt aber! Muss ich nochmal auf STRG+A hinweisen?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2012, 20:34
| #25 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Code:
ATTFilter 12:51:06.0339 1140 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:51:06.0402 1140 ============================================================
12:51:06.0402 1140 Current date / time: 2012/07/29 12:51:06.0402
12:51:06.0402 1140 SystemInfo:
12:51:06.0402 1140
12:51:06.0402 1140 OS Version: 6.1.7601 ServicePack: 1.0
12:51:06.0402 1140 Product type: Workstation
12:51:06.0402 1140 ComputerName: ***-PC
12:51:06.0402 1140 UserName: ***
12:51:06.0402 1140 Windows directory: C:\Windows
12:51:06.0402 1140 System windows directory: C:\Windows
12:51:06.0402 1140 Running under WOW64
12:51:06.0402 1140 Processor architecture: Intel x64
12:51:06.0402 1140 Number of processors: 2
12:51:06.0402 1140 Page size: 0x1000
12:51:06.0402 1140 Boot type: Normal boot
12:51:06.0402 1140 ============================================================
12:51:08.0102 1140 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:51:08.0102 1140 Drive \Device\Harddisk1\DR1 - Size: 0xF0D8EE00 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:51:08.0102 1140 ============================================================
12:51:08.0102 1140 \Device\Harddisk0\DR0:
12:51:08.0102 1140 MBR partitions:
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1800000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x972C000
12:51:08.0102 1140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAF5E800, BlocksNum 0x1A4CF800
12:51:08.0102 1140 \Device\Harddisk1\DR1:
12:51:08.0102 1140 MBR partitions:
12:51:08.0102 1140 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x785BEC
12:51:08.0102 1140 ============================================================
12:51:08.0149 1140 C: <-> \Device\Harddisk0\DR0\Partition2
12:51:08.0196 1140 D: <-> \Device\Harddisk0\DR0\Partition0
12:51:08.0227 1140 E: <-> \Device\Harddisk0\DR0\Partition3
12:51:08.0227 1140 ============================================================
12:51:08.0227 1140 Initialize success
12:51:08.0227 1140 ============================================================
12:51:37.0337 4004 ============================================================
12:51:37.0337 4004 Scan started
12:51:37.0337 4004 Mode: Manual; SigCheck; TDLFS;
12:51:37.0337 4004 ============================================================
12:51:38.0304 4004 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:51:38.0429 4004 1394ohci - ok
12:51:38.0476 4004 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
12:51:38.0538 4004 acedrv11 - ok
12:51:38.0585 4004 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:51:38.0600 4004 ACPI - ok
12:51:38.0632 4004 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:51:38.0710 4004 AcpiPmi - ok
12:51:38.0803 4004 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:51:38.0834 4004 adp94xx - ok
12:51:38.0897 4004 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:51:38.0959 4004 adpahci - ok
12:51:38.0990 4004 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:51:39.0022 4004 adpu320 - ok
12:51:39.0084 4004 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:51:39.0271 4004 AeLookupSvc - ok
12:51:39.0349 4004 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:51:39.0427 4004 AFD - ok
12:51:39.0458 4004 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:51:39.0474 4004 agp440 - ok
12:51:39.0505 4004 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:51:39.0568 4004 ALG - ok
12:51:39.0583 4004 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:51:39.0599 4004 aliide - ok
12:51:39.0630 4004 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:51:39.0646 4004 amdide - ok
12:51:39.0692 4004 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:51:39.0739 4004 AmdK8 - ok
12:51:39.0755 4004 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:51:39.0802 4004 AmdPPM - ok
12:51:39.0864 4004 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:51:39.0880 4004 amdsata - ok
12:51:39.0942 4004 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:51:39.0973 4004 amdsbs - ok
12:51:40.0004 4004 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:51:40.0036 4004 amdxata - ok
12:51:40.0114 4004 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:51:40.0129 4004 AntiVirSchedulerService - ok
12:51:40.0160 4004 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:51:40.0176 4004 AntiVirService - ok
12:51:40.0223 4004 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:51:40.0410 4004 AppID - ok
12:51:40.0426 4004 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:51:40.0504 4004 AppIDSvc - ok
12:51:40.0535 4004 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:51:40.0597 4004 Appinfo - ok
12:51:40.0769 4004 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:51:40.0784 4004 Apple Mobile Device - ok
12:51:40.0816 4004 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:51:40.0878 4004 AppMgmt - ok
12:51:40.0925 4004 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:51:40.0940 4004 arc - ok
12:51:40.0956 4004 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:51:40.0987 4004 arcsas - ok
12:51:41.0018 4004 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:51:41.0081 4004 AsyncMac - ok
12:51:41.0143 4004 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:51:41.0159 4004 atapi - ok
12:51:41.0408 4004 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
12:51:41.0455 4004 athr - ok
12:51:41.0721 4004 Ati External Event Utility (09c792635224bcf1f4436b67e1ff3172) C:\Windows\system32\Ati2evxx.exe
12:51:41.0784 4004 Ati External Event Utility - ok
12:51:42.0501 4004 atikmdag (d491f749b487d7cb5aee12436802ad88) C:\Windows\system32\DRIVERS\atikmdag.sys
12:51:42.0704 4004 atikmdag - ok
12:51:42.0969 4004 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:51:43.0001 4004 AtiPcie - ok
12:51:43.0063 4004 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:51:43.0141 4004 AudioEndpointBuilder - ok
12:51:43.0157 4004 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:51:43.0219 4004 AudioSrv - ok
12:51:43.0313 4004 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
12:51:43.0344 4004 avgntflt - ok
12:51:43.0484 4004 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
12:51:43.0515 4004 avipbb - ok
12:51:43.0547 4004 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
12:51:43.0578 4004 avkmgr - ok
12:51:43.0609 4004 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:51:43.0718 4004 AxInstSV - ok
12:51:43.0843 4004 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:51:43.0905 4004 b06bdrv - ok
12:51:43.0937 4004 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:51:44.0046 4004 b57nd60a - ok
12:51:44.0093 4004 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:51:44.0124 4004 BDESVC - ok
12:51:44.0124 4004 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:51:44.0202 4004 Beep - ok
12:51:44.0405 4004 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:51:44.0451 4004 BFE - ok
12:51:44.0607 4004 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:51:44.0701 4004 BITS - ok
12:51:44.0779 4004 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:51:44.0826 4004 blbdrive - ok
12:51:44.0982 4004 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:51:45.0013 4004 Bonjour Service - ok
12:51:45.0060 4004 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:51:45.0091 4004 bowser - ok
12:51:45.0122 4004 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:51:45.0200 4004 BrFiltLo - ok
12:51:45.0216 4004 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:51:45.0231 4004 BrFiltUp - ok
12:51:45.0278 4004 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:51:45.0372 4004 Browser - ok
12:51:45.0653 4004 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:51:45.0731 4004 Brserid - ok
12:51:45.0746 4004 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:51:45.0777 4004 BrSerWdm - ok
12:51:45.0809 4004 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:51:45.0840 4004 BrUsbMdm - ok
12:51:45.0855 4004 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:51:45.0887 4004 BrUsbSer - ok
12:51:45.0918 4004 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:51:45.0949 4004 BTHMODEM - ok
12:51:45.0996 4004 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:51:46.0058 4004 bthserv - ok
12:51:46.0089 4004 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:51:46.0136 4004 cdfs - ok
12:51:46.0199 4004 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:51:46.0230 4004 cdrom - ok
12:51:46.0277 4004 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:51:46.0339 4004 CertPropSvc - ok
12:51:46.0370 4004 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:51:46.0401 4004 circlass - ok
12:51:46.0448 4004 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:51:46.0479 4004 CLFS - ok
12:51:46.0573 4004 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:51:46.0589 4004 clr_optimization_v2.0.50727_32 - ok
12:51:46.0651 4004 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:51:46.0667 4004 clr_optimization_v2.0.50727_64 - ok
12:51:46.0760 4004 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:51:46.0776 4004 clr_optimization_v4.0.30319_32 - ok
12:51:46.0807 4004 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:51:46.0823 4004 clr_optimization_v4.0.30319_64 - ok
12:51:46.0854 4004 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:51:46.0885 4004 CmBatt - ok
12:51:46.0916 4004 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:51:46.0932 4004 cmdide - ok
12:51:46.0979 4004 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:51:47.0025 4004 CNG - ok
12:51:47.0057 4004 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:51:47.0072 4004 Compbatt - ok
12:51:47.0119 4004 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:51:47.0150 4004 CompositeBus - ok
12:51:47.0166 4004 COMSysApp - ok
12:51:47.0181 4004 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:51:47.0197 4004 crcdisk - ok
12:51:47.0244 4004 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:51:47.0306 4004 CryptSvc - ok
12:51:47.0369 4004 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:51:47.0447 4004 CSC - ok
12:51:47.0509 4004 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:51:47.0571 4004 CscService - ok
12:51:47.0634 4004 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:51:47.0712 4004 DcomLaunch - ok
12:51:47.0759 4004 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:51:47.0837 4004 defragsvc - ok
12:51:47.0899 4004 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:51:47.0977 4004 DfsC - ok
12:51:48.0071 4004 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:51:48.0133 4004 Dhcp - ok
12:51:48.0180 4004 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:51:48.0227 4004 discache - ok
12:51:48.0273 4004 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:51:48.0289 4004 Disk - ok
12:51:48.0461 4004 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:51:48.0523 4004 Dnscache - ok
12:51:48.0554 4004 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:51:48.0632 4004 dot3svc - ok
12:51:48.0773 4004 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:51:48.0835 4004 DPS - ok
12:51:48.0882 4004 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:51:48.0913 4004 drmkaud - ok
12:51:49.0147 4004 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:51:49.0178 4004 DXGKrnl - ok
12:51:49.0241 4004 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
12:51:49.0287 4004 E1G60 - ok
12:51:49.0319 4004 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:51:49.0381 4004 EapHost - ok
12:51:51.0378 4004 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:51:51.0518 4004 ebdrv - ok
12:51:51.0971 4004 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:51:52.0049 4004 EFS - ok
12:51:52.0329 4004 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:51:52.0423 4004 ehRecvr - ok
12:51:52.0517 4004 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:51:52.0563 4004 ehSched - ok
12:51:52.0657 4004 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:51:52.0704 4004 elxstor - ok
12:51:52.0766 4004 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:51:52.0813 4004 ErrDev - ok
12:51:52.0891 4004 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:51:52.0953 4004 EventSystem - ok
12:51:53.0078 4004 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:51:53.0156 4004 exfat - ok
12:51:53.0328 4004 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:51:53.0390 4004 fastfat - ok
12:51:53.0468 4004 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:51:53.0515 4004 Fax - ok
12:51:53.0546 4004 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:51:53.0577 4004 fdc - ok
12:51:53.0609 4004 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:51:53.0671 4004 fdPHost - ok
12:51:53.0718 4004 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:51:53.0780 4004 FDResPub - ok
12:51:53.0843 4004 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:51:53.0874 4004 FileInfo - ok
12:51:53.0936 4004 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:51:54.0014 4004 Filetrace - ok
12:51:54.0045 4004 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:51:54.0061 4004 flpydisk - ok
12:51:54.0123 4004 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:51:54.0139 4004 FltMgr - ok
12:51:54.0248 4004 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:51:54.0326 4004 FontCache - ok
12:51:54.0404 4004 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:51:54.0420 4004 FontCache3.0.0.0 - ok
12:51:54.0513 4004 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:51:54.0529 4004 FsDepends - ok
12:51:54.0560 4004 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:51:54.0576 4004 Fs_Rec - ok
12:51:54.0623 4004 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:51:54.0654 4004 fvevol - ok
12:51:54.0685 4004 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:51:54.0701 4004 gagp30kx - ok
12:51:54.0732 4004 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:51:54.0747 4004 GEARAspiWDM - ok
12:51:54.0779 4004 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:51:54.0810 4004 ggflt - ok
12:51:54.0841 4004 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:51:54.0872 4004 ggsemc - ok
12:51:55.0184 4004 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:51:55.0262 4004 gpsvc - ok
12:51:55.0309 4004 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:51:55.0356 4004 hcw85cir - ok
12:51:55.0418 4004 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:51:55.0465 4004 HdAudAddService - ok
12:51:55.0496 4004 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:51:55.0527 4004 HDAudBus - ok
12:51:55.0543 4004 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:51:55.0559 4004 HidBatt - ok
12:51:55.0574 4004 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:51:55.0605 4004 HidBth - ok
12:51:55.0621 4004 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:51:55.0652 4004 HidIr - ok
12:51:55.0699 4004 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:51:55.0761 4004 hidserv - ok
12:51:55.0793 4004 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:51:55.0824 4004 HidUsb - ok
12:51:55.0886 4004 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:51:55.0995 4004 hkmsvc - ok
12:51:56.0027 4004 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:51:56.0089 4004 HomeGroupListener - ok
12:51:56.0120 4004 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:51:56.0167 4004 HomeGroupProvider - ok
12:51:56.0245 4004 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:51:56.0261 4004 HpSAMD - ok
12:51:56.0354 4004 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:51:56.0432 4004 HTTP - ok
12:51:56.0479 4004 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:51:56.0495 4004 hwpolicy - ok
12:51:56.0557 4004 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:51:56.0573 4004 i8042prt - ok
12:51:56.0651 4004 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:51:56.0682 4004 iaStorV - ok
12:51:57.0243 4004 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:51:57.0306 4004 idsvc - ok
12:51:57.0337 4004 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:51:57.0368 4004 iirsp - ok
12:51:57.0649 4004 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:51:57.0743 4004 IKEEXT - ok
12:51:57.0774 4004 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:51:57.0789 4004 intelide - ok
12:51:57.0836 4004 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:51:57.0867 4004 intelppm - ok
12:51:57.0914 4004 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:51:57.0961 4004 IPBusEnum - ok
12:51:57.0977 4004 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:51:58.0039 4004 IpFilterDriver - ok
12:51:58.0101 4004 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:51:58.0164 4004 iphlpsvc - ok
12:51:58.0211 4004 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:51:58.0242 4004 IPMIDRV - ok
12:51:58.0273 4004 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:51:58.0335 4004 IPNAT - ok
12:51:58.0460 4004 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
12:51:58.0491 4004 iPod Service - ok
12:51:58.0507 4004 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:51:58.0538 4004 IRENUM - ok
12:51:58.0585 4004 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:51:58.0601 4004 isapnp - ok
12:51:58.0663 4004 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:51:58.0694 4004 iScsiPrt - ok
12:51:58.0741 4004 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:51:58.0757 4004 kbdclass - ok
12:51:58.0803 4004 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:51:58.0850 4004 kbdhid - ok
12:51:58.0866 4004 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:58.0881 4004 KeyIso - ok
12:51:58.0975 4004 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:51:59.0006 4004 KSecDD - ok
12:51:59.0022 4004 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:51:59.0053 4004 KSecPkg - ok
12:51:59.0100 4004 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:51:59.0162 4004 ksthunk - ok
12:51:59.0209 4004 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:51:59.0287 4004 KtmRm - ok
12:51:59.0334 4004 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:51:59.0412 4004 LanmanServer - ok
12:51:59.0474 4004 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:51:59.0537 4004 LanmanWorkstation - ok
12:51:59.0568 4004 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:51:59.0646 4004 lltdio - ok
12:51:59.0693 4004 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:51:59.0771 4004 lltdsvc - ok
12:51:59.0802 4004 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:51:59.0849 4004 lmhosts - ok
12:51:59.0895 4004 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:51:59.0911 4004 LSI_FC - ok
12:51:59.0942 4004 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:51:59.0973 4004 LSI_SAS - ok
12:51:59.0989 4004 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:52:00.0005 4004 LSI_SAS2 - ok
12:52:00.0051 4004 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:52:00.0067 4004 LSI_SCSI - ok
12:52:00.0098 4004 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:52:00.0161 4004 luafv - ok
12:52:00.0223 4004 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
12:52:00.0254 4004 MBAMProtector - ok
12:52:00.0426 4004 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:52:00.0441 4004 MBAMService - ok
12:52:00.0566 4004 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:52:00.0597 4004 Mcx2Svc - ok
12:52:00.0691 4004 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:52:00.0722 4004 MDM ( UnsignedFile.Multi.Generic ) - warning
12:52:00.0722 4004 MDM - detected UnsignedFile.Multi.Generic (1)
12:52:00.0753 4004 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:52:00.0769 4004 megasas - ok
12:52:00.0816 4004 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:52:00.0831 4004 MegaSR - ok
12:52:00.0878 4004 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:52:00.0941 4004 MMCSS - ok
12:52:01.0003 4004 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:52:01.0081 4004 Modem - ok
12:52:01.0128 4004 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:52:01.0159 4004 monitor - ok
12:52:01.0190 4004 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:52:01.0206 4004 mouclass - ok
12:52:01.0237 4004 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:52:01.0268 4004 mouhid - ok
12:52:01.0315 4004 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:52:01.0331 4004 mountmgr - ok
12:52:01.0377 4004 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:52:01.0393 4004 mpio - ok
12:52:01.0409 4004 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:52:01.0455 4004 mpsdrv - ok
12:52:01.0596 4004 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:52:01.0674 4004 MpsSvc - ok
12:52:01.0705 4004 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:52:01.0767 4004 MRxDAV - ok
12:52:01.0799 4004 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:52:01.0861 4004 mrxsmb - ok
12:52:01.0908 4004 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:52:01.0955 4004 mrxsmb10 - ok
12:52:01.0986 4004 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:52:02.0001 4004 mrxsmb20 - ok
12:52:02.0064 4004 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:52:02.0095 4004 msahci - ok
12:52:02.0126 4004 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:52:02.0157 4004 msdsm - ok
12:52:02.0204 4004 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:52:02.0267 4004 MSDTC - ok
12:52:02.0313 4004 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:52:02.0376 4004 Msfs - ok
12:52:02.0391 4004 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:52:02.0454 4004 mshidkmdf - ok
12:52:02.0485 4004 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:52:02.0501 4004 msisadrv - ok
12:52:02.0579 4004 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:52:02.0641 4004 MSiSCSI - ok
12:52:02.0641 4004 msiserver - ok
12:52:02.0672 4004 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:52:02.0735 4004 MSKSSRV - ok
12:52:02.0750 4004 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:52:02.0813 4004 MSPCLOCK - ok
12:52:02.0813 4004 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:52:02.0859 4004 MSPQM - ok
12:52:03.0031 4004 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:52:03.0047 4004 MsRPC - ok
12:52:03.0078 4004 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:52:03.0093 4004 mssmbios - ok
12:52:03.0140 4004 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:52:03.0203 4004 MSTEE - ok
12:52:03.0203 4004 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:52:03.0218 4004 MTConfig - ok
12:52:03.0249 4004 MTsensor64 (0df53a9649073cebbc0988d6353fed6e) C:\Windows\system32\DRIVERS\PuAcpi64.sys
12:52:03.0281 4004 MTsensor64 - ok
12:52:03.0296 4004 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:52:03.0312 4004 Mup - ok
12:52:03.0374 4004 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:52:03.0437 4004 napagent - ok
12:52:03.0530 4004 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:52:03.0561 4004 NativeWifiP - ok
12:52:03.0764 4004 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:52:03.0812 4004 NDIS - ok
12:52:03.0859 4004 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:52:03.0921 4004 NdisCap - ok
12:52:03.0937 4004 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:52:03.0999 4004 NdisTapi - ok
12:52:04.0046 4004 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:52:04.0108 4004 Ndisuio - ok
12:52:04.0140 4004 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:52:04.0218 4004 NdisWan - ok
12:52:04.0296 4004 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:52:04.0342 4004 NDProxy - ok
12:52:04.0389 4004 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:52:04.0452 4004 NetBIOS - ok
12:52:04.0545 4004 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:52:04.0608 4004 NetBT - ok
12:52:04.0639 4004 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:04.0654 4004 Netlogon - ok
12:52:04.0748 4004 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:52:04.0810 4004 Netman - ok
12:52:04.0951 4004 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:52:05.0029 4004 netprofm - ok
12:52:05.0247 4004 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:52:05.0294 4004 NetTcpPortSharing - ok
12:52:05.0325 4004 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:52:05.0341 4004 nfrd960 - ok
12:52:05.0388 4004 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:52:05.0466 4004 NlaSvc - ok
12:52:05.0512 4004 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:52:05.0575 4004 Npfs - ok
12:52:05.0590 4004 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:52:05.0668 4004 nsi - ok
12:52:05.0700 4004 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:52:05.0778 4004 nsiproxy - ok
12:52:06.0058 4004 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:52:06.0121 4004 Ntfs - ok
12:52:06.0417 4004 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:52:06.0480 4004 Null - ok
12:52:06.0511 4004 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:52:06.0542 4004 nvraid - ok
12:52:06.0573 4004 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:52:06.0589 4004 nvstor - ok
12:52:06.0682 4004 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:52:06.0698 4004 nv_agp - ok
12:52:06.0823 4004 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:52:06.0854 4004 odserv - ok
12:52:06.0870 4004 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:52:06.0901 4004 ohci1394 - ok
12:52:06.0963 4004 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:52:06.0979 4004 ose - ok
12:52:07.0026 4004 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:52:07.0104 4004 p2pimsvc - ok
12:52:07.0135 4004 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:52:07.0166 4004 p2psvc - ok
12:52:07.0197 4004 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:52:07.0244 4004 Parport - ok
12:52:07.0260 4004 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:52:07.0275 4004 partmgr - ok
12:52:07.0291 4004 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:52:07.0338 4004 PcaSvc - ok
12:52:07.0431 4004 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:52:07.0447 4004 pci - ok
12:52:07.0478 4004 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:52:07.0494 4004 pciide - ok
12:52:07.0572 4004 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:52:07.0603 4004 pcmcia - ok
12:52:07.0618 4004 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:52:07.0634 4004 pcw - ok
12:52:07.0821 4004 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:52:07.0899 4004 PEAUTH - ok
12:52:08.0149 4004 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:52:08.0242 4004 PeerDistSvc - ok
12:52:08.0430 4004 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:52:08.0461 4004 PerfHost - ok
12:52:08.0773 4004 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:52:08.0866 4004 pla - ok
12:52:08.0913 4004 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:52:08.0976 4004 PlugPlay - ok
12:52:09.0007 4004 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:52:09.0022 4004 PNRPAutoReg - ok
12:52:09.0069 4004 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:52:09.0100 4004 PNRPsvc - ok
12:52:09.0163 4004 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:52:09.0241 4004 PolicyAgent - ok
12:52:09.0272 4004 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:52:09.0350 4004 Power - ok
12:52:09.0412 4004 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:52:09.0475 4004 PptpMiniport - ok
12:52:09.0522 4004 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:52:09.0553 4004 Processor - ok
12:52:09.0600 4004 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:52:09.0662 4004 ProfSvc - ok
12:52:09.0724 4004 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:09.0740 4004 ProtectedStorage - ok
12:52:09.0802 4004 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:52:09.0849 4004 Psched - ok
12:52:10.0224 4004 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:52:10.0302 4004 ql2300 - ok
12:52:10.0567 4004 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:52:10.0582 4004 ql40xx - ok
12:52:10.0629 4004 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:52:10.0676 4004 QWAVE - ok
12:52:10.0707 4004 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:52:10.0738 4004 QWAVEdrv - ok
12:52:10.0785 4004 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:52:10.0848 4004 RasAcd - ok
12:52:10.0894 4004 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:52:10.0941 4004 RasAgileVpn - ok
12:52:10.0972 4004 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:52:11.0019 4004 RasAuto - ok
12:52:11.0066 4004 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:52:11.0128 4004 Rasl2tp - ok
12:52:11.0175 4004 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:52:11.0253 4004 RasMan - ok
12:52:11.0284 4004 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:52:11.0347 4004 RasPppoe - ok
12:52:11.0378 4004 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:52:11.0440 4004 RasSstp - ok
12:52:11.0487 4004 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:52:11.0565 4004 rdbss - ok
12:52:11.0581 4004 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:52:11.0612 4004 rdpbus - ok
12:52:11.0643 4004 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:52:11.0690 4004 RDPCDD - ok
12:52:11.0752 4004 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:52:11.0784 4004 RDPDR - ok
12:52:11.0799 4004 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:52:11.0862 4004 RDPENCDD - ok
12:52:11.0893 4004 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:52:11.0940 4004 RDPREFMP - ok
12:52:11.0971 4004 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
12:52:12.0018 4004 RdpVideoMiniport - ok
12:52:12.0158 4004 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:52:12.0220 4004 RDPWD - ok
12:52:12.0252 4004 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:52:12.0283 4004 rdyboost - ok
12:52:12.0330 4004 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:52:12.0408 4004 RemoteAccess - ok
12:52:12.0501 4004 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:52:12.0579 4004 RemoteRegistry - ok
12:52:12.0954 4004 rimmptsk (f45d6e12eb99a668f52201637c67c8f5) C:\Windows\system32\DRIVERS\rimmpx64.sys
12:52:13.0016 4004 rimmptsk - ok
12:52:13.0047 4004 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
12:52:13.0094 4004 rimsptsk - ok
12:52:13.0141 4004 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:52:13.0203 4004 RpcEptMapper - ok
12:52:13.0234 4004 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:52:13.0266 4004 RpcLocator - ok
12:52:13.0312 4004 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:52:13.0359 4004 RpcSs - ok
12:52:13.0406 4004 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:52:13.0468 4004 rspndr - ok
12:52:13.0515 4004 RTL8023x64 (c02ff907a2de4f6c6f7e34fbad08660e) C:\Windows\system32\DRIVERS\Rtnic64.sys
12:52:13.0546 4004 RTL8023x64 - ok
12:52:13.0578 4004 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:52:13.0624 4004 s3cap - ok
12:52:13.0656 4004 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:13.0671 4004 SamSs - ok
12:52:13.0702 4004 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:52:13.0718 4004 sbp2port - ok
12:52:13.0983 4004 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:52:14.0014 4004 SBSDWSCService - ok
12:52:14.0077 4004 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:52:14.0155 4004 SCardSvr - ok
12:52:14.0280 4004 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:52:14.0358 4004 scfilter - ok
12:52:14.0763 4004 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:52:14.0857 4004 Schedule - ok
12:52:14.0951 4004 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:52:14.0998 4004 SCPolicySvc - ok
12:52:15.0061 4004 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
12:52:15.0076 4004 sdbus - ok
12:52:15.0248 4004 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:52:15.0326 4004 SDRSVC - ok
12:52:15.0451 4004 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:52:15.0513 4004 secdrv - ok
12:52:15.0544 4004 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:52:15.0607 4004 seclogon - ok
12:52:15.0731 4004 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:52:15.0809 4004 SENS - ok
12:52:15.0841 4004 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:52:15.0887 4004 SensrSvc - ok
12:52:15.0919 4004 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:52:15.0950 4004 Serenum - ok
12:52:16.0090 4004 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:52:16.0121 4004 Serial - ok
12:52:16.0215 4004 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:52:16.0246 4004 sermouse - ok
12:52:16.0309 4004 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:52:16.0371 4004 SessionEnv - ok
12:52:16.0402 4004 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:52:16.0433 4004 sffdisk - ok
12:52:16.0449 4004 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:52:16.0480 4004 sffp_mmc - ok
12:52:16.0496 4004 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:52:16.0543 4004 sffp_sd - ok
12:52:16.0558 4004 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:52:16.0574 4004 sfloppy - ok
12:52:16.0730 4004 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:52:16.0808 4004 SharedAccess - ok
12:52:16.0855 4004 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:52:16.0933 4004 ShellHWDetection - ok
12:52:16.0964 4004 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:52:16.0979 4004 SiSRaid2 - ok
12:52:17.0073 4004 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:52:17.0089 4004 SiSRaid4 - ok
12:52:17.0120 4004 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:52:17.0182 4004 Smb - ok
12:52:17.0260 4004 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:52:17.0307 4004 SNMPTRAP - ok
12:52:17.0416 4004 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
12:52:17.0447 4004 Sony Ericsson PCCompanion - ok
12:52:17.0494 4004 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:52:17.0510 4004 spldr - ok
12:52:17.0572 4004 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:52:17.0635 4004 Spooler - ok
12:52:18.0243 4004 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:52:18.0415 4004 sppsvc - ok
12:52:18.0649 4004 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:52:18.0711 4004 sppuinotify - ok
12:52:18.0742 4004 sptd - ok
12:52:18.0820 4004 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:52:18.0883 4004 srv - ok
12:52:18.0945 4004 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:52:18.0992 4004 srv2 - ok
12:52:19.0039 4004 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:52:19.0085 4004 srvnet - ok
12:52:19.0148 4004 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:52:19.0210 4004 SSDPSRV - ok
12:52:19.0226 4004 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:52:19.0288 4004 SstpSvc - ok
12:52:19.0319 4004 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:52:19.0335 4004 stexstor - ok
12:52:19.0522 4004 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:52:19.0569 4004 stisvc - ok
12:52:19.0616 4004 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:52:19.0631 4004 storflt - ok
12:52:19.0663 4004 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:52:19.0678 4004 storvsc - ok
12:52:19.0694 4004 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:52:19.0709 4004 swenum - ok
12:52:19.0803 4004 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:52:19.0865 4004 swprv - ok
12:52:19.0897 4004 Synth3dVsc - ok
12:52:20.0209 4004 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:52:20.0302 4004 SysMain - ok
12:52:20.0489 4004 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:52:20.0536 4004 TabletInputService - ok
12:52:20.0583 4004 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:52:20.0645 4004 TapiSrv - ok
12:52:20.0692 4004 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:52:20.0755 4004 TBS - ok
12:52:21.0176 4004 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:52:21.0254 4004 Tcpip - ok
12:52:21.0737 4004 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:52:21.0784 4004 TCPIP6 - ok
12:52:22.0159 4004 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:52:22.0205 4004 tcpipreg - ok
12:52:22.0252 4004 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:52:22.0283 4004 TDPIPE - ok
12:52:22.0315 4004 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:52:22.0346 4004 TDTCP - ok
12:52:22.0408 4004 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:52:22.0471 4004 tdx - ok
12:52:22.0564 4004 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:52:22.0580 4004 TermDD - ok
12:52:23.0110 4004 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:52:23.0204 4004 TermService - ok
12:52:23.0251 4004 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:52:23.0266 4004 Themes - ok
12:52:23.0422 4004 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:52:23.0469 4004 THREADORDER - ok
12:52:23.0531 4004 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:52:23.0594 4004 TrkWks - ok
12:52:23.0750 4004 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:52:23.0797 4004 TrustedInstaller - ok
12:52:23.0859 4004 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:52:23.0906 4004 tssecsrv - ok
12:52:23.0937 4004 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:52:23.0999 4004 TsUsbFlt - ok
12:52:23.0999 4004 tsusbhub - ok
12:52:24.0077 4004 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:52:24.0140 4004 tunnel - ok
12:52:24.0171 4004 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:52:24.0187 4004 uagp35 - ok
12:52:24.0265 4004 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:52:24.0327 4004 udfs - ok
12:52:24.0405 4004 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:52:24.0421 4004 UI0Detect - ok
12:52:24.0514 4004 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:52:24.0530 4004 uliagpkx - ok
12:52:24.0655 4004 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:52:24.0701 4004 umbus - ok
12:52:24.0764 4004 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:52:24.0795 4004 UmPass - ok
12:52:24.0842 4004 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:52:24.0889 4004 UmRdpService - ok
12:52:25.0029 4004 UnlockerDriver5 (9dc07e73a4abb9acf692113b36a5009f) C:\Program Files\Unlocker\UnlockerDriver5.sys
12:52:25.0060 4004 UnlockerDriver5 - ok
12:52:25.0341 4004 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:52:25.0403 4004 upnphost - ok
12:52:25.0450 4004 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:52:25.0513 4004 USBAAPL64 - ok
12:52:25.0606 4004 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:52:25.0637 4004 usbaudio - ok
12:52:25.0747 4004 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:52:25.0793 4004 usbccgp - ok
12:52:25.0856 4004 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:52:25.0871 4004 usbcir - ok
12:52:25.0918 4004 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:52:25.0949 4004 usbehci - ok
12:52:26.0012 4004 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:52:26.0060 4004 usbhub - ok
12:52:26.0106 4004 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:52:26.0122 4004 usbohci - ok
12:52:26.0153 4004 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:52:26.0200 4004 usbprint - ok
12:52:26.0231 4004 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:52:26.0278 4004 USBSTOR - ok
12:52:26.0294 4004 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:52:26.0340 4004 usbuhci - ok
12:52:26.0387 4004 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:52:26.0450 4004 UxSms - ok
12:52:26.0496 4004 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:52:26.0512 4004 VaultSvc - ok
12:52:26.0621 4004 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:52:26.0637 4004 vdrvroot - ok
12:52:26.0808 4004 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:52:26.0871 4004 vds - ok
12:52:26.0918 4004 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:52:26.0933 4004 vga - ok
12:52:26.0964 4004 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:52:27.0011 4004 VgaSave - ok
12:52:27.0027 4004 VGPU - ok
12:52:27.0074 4004 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:52:27.0105 4004 vhdmp - ok
12:52:27.0136 4004 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:52:27.0152 4004 viaide - ok
12:52:27.0183 4004 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:52:27.0214 4004 vmbus - ok
12:52:27.0230 4004 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:52:27.0261 4004 VMBusHID - ok
12:52:27.0292 4004 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:52:27.0308 4004 volmgr - ok
12:52:27.0432 4004 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:52:27.0464 4004 volmgrx - ok
12:52:27.0510 4004 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:52:27.0542 4004 volsnap - ok
12:52:27.0588 4004 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:52:27.0620 4004 vsmraid - ok
12:52:28.0181 4004 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:52:28.0306 4004 VSS - ok
12:52:28.0540 4004 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:52:28.0587 4004 vwifibus - ok
12:52:28.0618 4004 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:52:28.0634 4004 vwififlt - ok
12:52:28.0805 4004 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:52:28.0868 4004 W32Time - ok
12:52:28.0946 4004 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:52:28.0961 4004 WacomPen - ok
12:52:29.0008 4004 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:52:29.0086 4004 WANARP - ok
12:52:29.0102 4004 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:52:29.0148 4004 Wanarpv6 - ok
12:52:29.0398 4004 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:52:29.0492 4004 wbengine - ok
12:52:29.0694 4004 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:52:29.0726 4004 WbioSrvc - ok
12:52:29.0772 4004 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:52:29.0819 4004 wcncsvc - ok
12:52:29.0850 4004 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:52:29.0897 4004 WcsPlugInService - ok
12:52:29.0960 4004 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:52:29.0991 4004 Wd - ok
12:52:30.0084 4004 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:52:30.0131 4004 Wdf01000 - ok
12:52:30.0147 4004 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:52:30.0240 4004 WdiServiceHost - ok
12:52:30.0240 4004 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:52:30.0272 4004 WdiSystemHost - ok
12:52:30.0350 4004 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:52:30.0396 4004 WebClient - ok
12:52:30.0443 4004 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:52:30.0537 4004 Wecsvc - ok
12:52:30.0584 4004 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:52:30.0662 4004 wercplsupport - ok
12:52:30.0693 4004 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:52:30.0740 4004 WerSvc - ok
12:52:30.0802 4004 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:52:30.0849 4004 WfpLwf - ok
12:52:30.0880 4004 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:52:30.0911 4004 WIMMount - ok
12:52:30.0942 4004 WinDefend - ok
12:52:30.0958 4004 WinHttpAutoProxySvc - ok
12:52:31.0067 4004 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:52:31.0130 4004 Winmgmt - ok
12:52:31.0254 4004 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:52:31.0364 4004 WinRM - ok
12:52:31.0504 4004 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:52:31.0520 4004 WinUsb - ok
12:52:31.0598 4004 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:52:31.0644 4004 Wlansvc - ok
12:52:31.0676 4004 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:52:31.0707 4004 WmiAcpi - ok
12:52:31.0785 4004 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:52:31.0832 4004 wmiApSrv - ok
12:52:31.0863 4004 WMPNetworkSvc - ok
12:52:31.0894 4004 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:52:31.0941 4004 WPCSvc - ok
12:52:31.0956 4004 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:52:31.0988 4004 WPDBusEnum - ok
12:52:32.0003 4004 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:52:32.0081 4004 ws2ifsl - ok
12:52:32.0097 4004 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:52:32.0145 4004 wscsvc - ok
12:52:32.0145 4004 WSearch - ok
12:52:32.0301 4004 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:52:32.0379 4004 wuauserv - ok
12:52:32.0488 4004 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:52:32.0550 4004 WudfPf - ok
12:52:32.0597 4004 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:52:32.0675 4004 WUDFRd - ok
12:52:32.0691 4004 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:52:32.0737 4004 wudfsvc - ok
12:52:32.0784 4004 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:52:32.0831 4004 WwanSvc - ok
12:52:32.0893 4004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:52:33.0112 4004 \Device\Harddisk0\DR0 - ok
12:52:33.0112 4004 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
12:52:36.0673 4004 \Device\Harddisk1\DR1 - ok
12:52:36.0719 4004 Boot (0x1200) (a65861140742e2283c0b1c7a387bb4c0) \Device\Harddisk0\DR0\Partition0
12:52:36.0719 4004 \Device\Harddisk0\DR0\Partition0 - ok
12:52:36.0719 4004 Boot (0x1200) (121fc360747a23a73f6c69d22cf82f14) \Device\Harddisk0\DR0\Partition1
12:52:36.0735 4004 \Device\Harddisk0\DR0\Partition1 - ok
12:52:36.0751 4004 Boot (0x1200) (7825221b43ef73816bbdedecbdc4befa) \Device\Harddisk0\DR0\Partition2
12:52:36.0751 4004 \Device\Harddisk0\DR0\Partition2 - ok
12:52:36.0782 4004 Boot (0x1200) (4e96d27601d945ee7f15b4947e01c70c) \Device\Harddisk0\DR0\Partition3
12:52:36.0782 4004 \Device\Harddisk0\DR0\Partition3 - ok
12:52:36.0782 4004 Boot (0x1200) (c2948df7fca58a31c2e1c92e02bf1b23) \Device\Harddisk1\DR1\Partition0
12:52:36.0782 4004 \Device\Harddisk1\DR1\Partition0 - ok
12:52:36.0782 4004 ============================================================
12:52:36.0782 4004 Scan finished
12:52:36.0782 4004 ============================================================
12:52:36.0797 3396 Detected object count: 1
12:52:36.0797 3396 Actual detected object count: 1
Mehr spuckt das Programm nicht raus. P.S. ich bin 'ne faule socke und kenne natürlich Strg + A da alles andere mir zu aufwendig ist. Gruß Geändert von casandra00 (29.07.2012 um 20:41 Uhr) |
|
29.07.2012, 21:02
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Wäre aber das erste Mal, dass der TDSS-Killer die untere Zusammenfassung vergisst  Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2012, 21:13
| #27 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Code:
ATTFilter 20:42:32.0281 3988 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:42:32.0328 3988 ============================================================
20:42:32.0328 3988 Current date / time: 2012/07/29 20:42:32.0328
20:42:32.0328 3988 SystemInfo:
20:42:32.0328 3988
20:42:32.0328 3988 OS Version: 6.1.7601 ServicePack: 1.0
20:42:32.0328 3988 Product type: Workstation
20:42:32.0328 3988 ComputerName: ***-PC
20:42:32.0328 3988 UserName: ***
20:42:32.0328 3988 Windows directory: C:\Windows
20:42:32.0328 3988 System windows directory: C:\Windows
20:42:32.0328 3988 Running under WOW64
20:42:32.0328 3988 Processor architecture: Intel x64
20:42:32.0328 3988 Number of processors: 2
20:42:32.0328 3988 Page size: 0x1000
20:42:32.0328 3988 Boot type: Normal boot
20:42:32.0328 3988 ============================================================
20:42:33.0451 3988 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:42:33.0451 3988 Drive \Device\Harddisk1\DR2 - Size: 0xF0D8EE00 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:42:33.0451 3988 ============================================================
20:42:33.0451 3988 \Device\Harddisk0\DR0:
20:42:33.0451 3988 MBR partitions:
20:42:33.0451 3988 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1800000
20:42:33.0451 3988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
20:42:33.0451 3988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x972C000
20:42:33.0451 3988 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAF5E800, BlocksNum 0x1A4CF800
20:42:33.0451 3988 \Device\Harddisk1\DR2:
20:42:33.0451 3988 MBR partitions:
20:42:33.0451 3988 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x785BEC
20:42:33.0451 3988 ============================================================
20:42:33.0498 3988 C: <-> \Device\Harddisk0\DR0\Partition2
20:42:33.0544 3988 D: <-> \Device\Harddisk0\DR0\Partition0
20:42:33.0576 3988 E: <-> \Device\Harddisk0\DR0\Partition3
20:42:33.0576 3988 ============================================================
20:42:33.0576 3988 Initialize success
20:42:33.0576 3988 ============================================================
20:42:39.0472 2256 ============================================================
20:42:39.0472 2256 Scan started
20:42:39.0472 2256 Mode: Manual; SigCheck; TDLFS;
20:42:39.0472 2256 ============================================================
20:42:40.0330 2256 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:42:40.0424 2256 1394ohci - ok
20:42:40.0471 2256 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
20:42:40.0518 2256 acedrv11 - ok
20:42:40.0564 2256 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:42:40.0580 2256 ACPI - ok
20:42:40.0596 2256 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:42:40.0627 2256 AcpiPmi - ok
20:42:40.0705 2256 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:42:40.0736 2256 adp94xx - ok
20:42:40.0783 2256 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:42:40.0798 2256 adpahci - ok
20:42:40.0830 2256 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:42:40.0845 2256 adpu320 - ok
20:42:40.0892 2256 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:42:40.0939 2256 AeLookupSvc - ok
20:42:41.0001 2256 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:42:41.0032 2256 AFD - ok
20:42:41.0064 2256 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:42:41.0079 2256 agp440 - ok
20:42:41.0110 2256 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:42:41.0126 2256 ALG - ok
20:42:41.0142 2256 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:42:41.0157 2256 aliide - ok
20:42:41.0173 2256 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:42:41.0188 2256 amdide - ok
20:42:41.0235 2256 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:42:41.0251 2256 AmdK8 - ok
20:42:41.0266 2256 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:42:41.0282 2256 AmdPPM - ok
20:42:41.0329 2256 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:42:41.0344 2256 amdsata - ok
20:42:41.0376 2256 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:42:41.0391 2256 amdsbs - ok
20:42:41.0407 2256 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:42:41.0422 2256 amdxata - ok
20:42:41.0485 2256 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:42:41.0516 2256 AntiVirSchedulerService - ok
20:42:41.0547 2256 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:42:41.0563 2256 AntiVirService - ok
20:42:41.0594 2256 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:42:41.0641 2256 AppID - ok
20:42:41.0656 2256 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:42:41.0703 2256 AppIDSvc - ok
20:42:41.0734 2256 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:42:41.0781 2256 Appinfo - ok
20:42:41.0875 2256 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:42:41.0890 2256 Apple Mobile Device - ok
20:42:41.0922 2256 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:42:41.0953 2256 AppMgmt - ok
20:42:42.0000 2256 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:42:42.0015 2256 arc - ok
20:42:42.0031 2256 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:42:42.0046 2256 arcsas - ok
20:42:42.0078 2256 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:42:42.0124 2256 AsyncMac - ok
20:42:42.0156 2256 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:42:42.0171 2256 atapi - ok
20:42:42.0296 2256 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
20:42:42.0358 2256 athr - ok
20:42:42.0514 2256 Ati External Event Utility (09c792635224bcf1f4436b67e1ff3172) C:\Windows\system32\Ati2evxx.exe
20:42:42.0546 2256 Ati External Event Utility - ok
20:42:42.0889 2256 atikmdag (d491f749b487d7cb5aee12436802ad88) C:\Windows\system32\DRIVERS\atikmdag.sys
20:42:42.0982 2256 atikmdag - ok
20:42:43.0154 2256 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:42:43.0185 2256 AtiPcie - ok
20:42:43.0248 2256 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:42:43.0310 2256 AudioEndpointBuilder - ok
20:42:43.0326 2256 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:42:43.0372 2256 AudioSrv - ok
20:42:43.0404 2256 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
20:42:43.0435 2256 avgntflt - ok
20:42:43.0497 2256 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
20:42:43.0528 2256 avipbb - ok
20:42:43.0544 2256 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:42:43.0575 2256 avkmgr - ok
20:42:43.0622 2256 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:42:43.0653 2256 AxInstSV - ok
20:42:43.0700 2256 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:42:43.0731 2256 b06bdrv - ok
20:42:43.0762 2256 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:42:43.0778 2256 b57nd60a - ok
20:42:43.0825 2256 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:42:43.0840 2256 BDESVC - ok
20:42:43.0856 2256 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:42:43.0903 2256 Beep - ok
20:42:43.0981 2256 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:42:44.0028 2256 BFE - ok
20:42:44.0106 2256 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:42:44.0168 2256 BITS - ok
20:42:44.0215 2256 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:42:44.0230 2256 blbdrive - ok
20:42:44.0324 2256 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:42:44.0340 2256 Bonjour Service - ok
20:42:44.0386 2256 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:42:44.0402 2256 bowser - ok
20:42:44.0433 2256 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:42:44.0449 2256 BrFiltLo - ok
20:42:44.0464 2256 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:42:44.0480 2256 BrFiltUp - ok
20:42:44.0511 2256 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:42:44.0558 2256 Browser - ok
20:42:44.0589 2256 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:42:44.0620 2256 Brserid - ok
20:42:44.0620 2256 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:42:44.0652 2256 BrSerWdm - ok
20:42:44.0652 2256 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:42:44.0683 2256 BrUsbMdm - ok
20:42:44.0683 2256 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:42:44.0698 2256 BrUsbSer - ok
20:42:44.0714 2256 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:42:44.0730 2256 BTHMODEM - ok
20:42:44.0776 2256 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:42:44.0823 2256 bthserv - ok
20:42:44.0839 2256 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:42:44.0901 2256 cdfs - ok
20:42:45.0073 2256 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:42:45.0104 2256 cdrom - ok
20:42:45.0135 2256 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:42:45.0182 2256 CertPropSvc - ok
20:42:45.0213 2256 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:42:45.0229 2256 circlass - ok
20:42:45.0276 2256 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:42:45.0291 2256 CLFS - ok
20:42:45.0354 2256 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:42:45.0369 2256 clr_optimization_v2.0.50727_32 - ok
20:42:45.0400 2256 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:42:45.0416 2256 clr_optimization_v2.0.50727_64 - ok
20:42:45.0525 2256 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:42:45.0541 2256 clr_optimization_v4.0.30319_32 - ok
20:42:45.0556 2256 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:42:45.0588 2256 clr_optimization_v4.0.30319_64 - ok
20:42:45.0619 2256 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:42:45.0634 2256 CmBatt - ok
20:42:45.0650 2256 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:42:45.0666 2256 cmdide - ok
20:42:45.0712 2256 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:42:45.0744 2256 CNG - ok
20:42:45.0775 2256 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:42:45.0790 2256 Compbatt - ok
20:42:45.0822 2256 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:42:45.0837 2256 CompositeBus - ok
20:42:45.0868 2256 COMSysApp - ok
20:42:45.0884 2256 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:42:45.0900 2256 crcdisk - ok
20:42:45.0946 2256 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:42:45.0993 2256 CryptSvc - ok
20:42:46.0040 2256 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:42:46.0056 2256 CSC - ok
20:42:46.0134 2256 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:42:46.0165 2256 CscService - ok
20:42:46.0212 2256 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:42:46.0274 2256 DcomLaunch - ok
20:42:46.0305 2256 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:42:46.0368 2256 defragsvc - ok
20:42:46.0430 2256 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:42:46.0477 2256 DfsC - ok
20:42:46.0508 2256 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:42:46.0570 2256 Dhcp - ok
20:42:46.0586 2256 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:42:46.0633 2256 discache - ok
20:42:46.0664 2256 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:42:46.0680 2256 Disk - ok
20:42:46.0711 2256 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:42:46.0742 2256 Dnscache - ok
20:42:46.0773 2256 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:42:46.0820 2256 dot3svc - ok
20:42:46.0867 2256 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:42:46.0914 2256 DPS - ok
20:42:46.0960 2256 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:42:46.0976 2256 drmkaud - ok
20:42:47.0054 2256 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:42:47.0101 2256 DXGKrnl - ok
20:42:47.0148 2256 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
20:42:47.0163 2256 E1G60 - ok
20:42:47.0179 2256 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:42:47.0241 2256 EapHost - ok
20:42:47.0413 2256 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:42:47.0475 2256 ebdrv - ok
20:42:47.0553 2256 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:42:47.0584 2256 EFS - ok
20:42:47.0678 2256 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:42:47.0709 2256 ehRecvr - ok
20:42:47.0740 2256 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:42:47.0756 2256 ehSched - ok
20:42:47.0850 2256 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:42:47.0865 2256 elxstor - ok
20:42:47.0896 2256 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:42:47.0912 2256 ErrDev - ok
20:42:47.0974 2256 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:42:48.0021 2256 EventSystem - ok
20:42:48.0052 2256 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:42:48.0115 2256 exfat - ok
20:42:48.0146 2256 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:42:48.0193 2256 fastfat - ok
20:42:48.0271 2256 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:42:48.0302 2256 Fax - ok
20:42:48.0318 2256 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:42:48.0333 2256 fdc - ok
20:42:48.0349 2256 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:42:48.0396 2256 fdPHost - ok
20:42:48.0411 2256 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:42:48.0458 2256 FDResPub - ok
20:42:48.0474 2256 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:42:48.0489 2256 FileInfo - ok
20:42:48.0505 2256 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:42:48.0552 2256 Filetrace - ok
20:42:48.0567 2256 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:42:48.0583 2256 flpydisk - ok
20:42:48.0630 2256 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:42:48.0645 2256 FltMgr - ok
20:42:48.0739 2256 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:42:48.0770 2256 FontCache - ok
20:42:48.0848 2256 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:42:48.0864 2256 FontCache3.0.0.0 - ok
20:42:48.0895 2256 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:42:48.0910 2256 FsDepends - ok
20:42:48.0942 2256 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:42:48.0957 2256 Fs_Rec - ok
20:42:49.0004 2256 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:42:49.0035 2256 fvevol - ok
20:42:49.0066 2256 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:42:49.0082 2256 gagp30kx - ok
20:42:49.0113 2256 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:42:49.0129 2256 GEARAspiWDM - ok
20:42:49.0160 2256 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
20:42:49.0191 2256 ggflt - ok
20:42:49.0238 2256 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
20:42:49.0269 2256 ggsemc - ok
20:42:49.0332 2256 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:42:49.0410 2256 gpsvc - ok
20:42:49.0441 2256 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:42:49.0456 2256 hcw85cir - ok
20:42:49.0519 2256 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:42:49.0550 2256 HdAudAddService - ok
20:42:49.0581 2256 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:42:49.0597 2256 HDAudBus - ok
20:42:49.0612 2256 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:42:49.0628 2256 HidBatt - ok
20:42:49.0644 2256 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:42:49.0659 2256 HidBth - ok
20:42:49.0675 2256 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:42:49.0706 2256 HidIr - ok
20:42:49.0722 2256 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:42:49.0784 2256 hidserv - ok
20:42:49.0800 2256 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:42:49.0815 2256 HidUsb - ok
20:42:49.0862 2256 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:42:49.0909 2256 hkmsvc - ok
20:42:49.0940 2256 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:42:49.0971 2256 HomeGroupListener - ok
20:42:50.0002 2256 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:42:50.0034 2256 HomeGroupProvider - ok
20:42:50.0065 2256 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:42:50.0080 2256 HpSAMD - ok
20:42:50.0174 2256 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:42:50.0236 2256 HTTP - ok
20:42:50.0252 2256 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:42:50.0268 2256 hwpolicy - ok
20:42:50.0283 2256 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:42:50.0299 2256 i8042prt - ok
20:42:50.0361 2256 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:42:50.0392 2256 iaStorV - ok
20:42:50.0502 2256 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:42:50.0564 2256 idsvc - ok
20:42:50.0595 2256 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:42:50.0611 2256 iirsp - ok
20:42:50.0689 2256 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:42:50.0751 2256 IKEEXT - ok
20:42:50.0798 2256 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:42:50.0814 2256 intelide - ok
20:42:50.0845 2256 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:42:50.0876 2256 intelppm - ok
20:42:50.0907 2256 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:42:50.0954 2256 IPBusEnum - ok
20:42:50.0985 2256 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:42:51.0032 2256 IpFilterDriver - ok
20:42:51.0094 2256 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:42:51.0157 2256 iphlpsvc - ok
20:42:51.0172 2256 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:42:51.0188 2256 IPMIDRV - ok
20:42:51.0204 2256 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:42:51.0250 2256 IPNAT - ok
20:42:51.0391 2256 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
20:42:51.0422 2256 iPod Service - ok
20:42:51.0438 2256 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:42:51.0469 2256 IRENUM - ok
20:42:51.0500 2256 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:42:51.0516 2256 isapnp - ok
20:42:51.0547 2256 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:42:51.0578 2256 iScsiPrt - ok
20:42:51.0609 2256 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:42:51.0625 2256 kbdclass - ok
20:42:51.0672 2256 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:42:51.0687 2256 kbdhid - ok
20:42:51.0703 2256 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:42:51.0718 2256 KeyIso - ok
20:42:51.0750 2256 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:42:51.0765 2256 KSecDD - ok
20:42:51.0781 2256 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:42:51.0796 2256 KSecPkg - ok
20:42:51.0812 2256 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:42:51.0874 2256 ksthunk - ok
20:42:51.0921 2256 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:42:51.0984 2256 KtmRm - ok
20:42:52.0015 2256 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:42:52.0077 2256 LanmanServer - ok
20:42:52.0108 2256 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:42:52.0171 2256 LanmanWorkstation - ok
20:42:52.0202 2256 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:42:52.0264 2256 lltdio - ok
20:42:52.0296 2256 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:42:52.0358 2256 lltdsvc - ok
20:42:52.0374 2256 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:42:52.0420 2256 lmhosts - ok
20:42:52.0467 2256 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:42:52.0483 2256 LSI_FC - ok
20:42:52.0514 2256 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:42:52.0530 2256 LSI_SAS - ok
20:42:52.0545 2256 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:42:52.0561 2256 LSI_SAS2 - ok
20:42:52.0608 2256 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:42:52.0623 2256 LSI_SCSI - ok
20:42:52.0654 2256 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:42:52.0701 2256 luafv - ok
20:42:52.0764 2256 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
20:42:52.0795 2256 MBAMProtector - ok
20:42:52.0888 2256 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:42:52.0904 2256 MBAMService - ok
20:42:52.0951 2256 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:42:52.0966 2256 Mcx2Svc - ok
20:42:53.0029 2256 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:42:53.0044 2256 MDM ( UnsignedFile.Multi.Generic ) - warning
20:42:53.0044 2256 MDM - detected UnsignedFile.Multi.Generic (1)
20:42:53.0060 2256 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:42:53.0076 2256 megasas - ok
20:42:53.0122 2256 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:42:53.0138 2256 MegaSR - ok
20:42:53.0185 2256 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:42:53.0232 2256 MMCSS - ok
20:42:53.0263 2256 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:42:53.0310 2256 Modem - ok
20:42:53.0325 2256 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:42:53.0341 2256 monitor - ok
20:42:53.0372 2256 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:42:53.0388 2256 mouclass - ok
20:42:53.0419 2256 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:42:53.0434 2256 mouhid - ok
20:42:53.0466 2256 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:42:53.0481 2256 mountmgr - ok
20:42:53.0512 2256 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:42:53.0544 2256 mpio - ok
20:42:53.0559 2256 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:42:53.0606 2256 mpsdrv - ok
20:42:53.0668 2256 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:42:53.0746 2256 MpsSvc - ok
20:42:53.0778 2256 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:42:53.0809 2256 MRxDAV - ok
20:42:53.0840 2256 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:42:53.0871 2256 mrxsmb - ok
20:42:53.0918 2256 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:42:53.0934 2256 mrxsmb10 - ok
20:42:53.0965 2256 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:42:53.0980 2256 mrxsmb20 - ok
20:42:54.0012 2256 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:42:54.0027 2256 msahci - ok
20:42:54.0074 2256 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:42:54.0090 2256 msdsm - ok
20:42:54.0121 2256 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:42:54.0152 2256 MSDTC - ok
20:42:54.0183 2256 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:42:54.0230 2256 Msfs - ok
20:42:54.0261 2256 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:42:54.0308 2256 mshidkmdf - ok
20:42:54.0324 2256 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:42:54.0339 2256 msisadrv - ok
20:42:54.0370 2256 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:42:54.0433 2256 MSiSCSI - ok
20:42:54.0448 2256 msiserver - ok
20:42:54.0464 2256 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:42:54.0511 2256 MSKSSRV - ok
20:42:54.0526 2256 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:42:54.0573 2256 MSPCLOCK - ok
20:42:54.0573 2256 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:42:54.0620 2256 MSPQM - ok
20:42:54.0667 2256 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:42:54.0698 2256 MsRPC - ok
20:42:54.0714 2256 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:42:54.0729 2256 mssmbios - ok
20:42:54.0745 2256 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:42:54.0792 2256 MSTEE - ok
20:42:54.0807 2256 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:42:54.0823 2256 MTConfig - ok
20:42:54.0870 2256 MTsensor64 (0df53a9649073cebbc0988d6353fed6e) C:\Windows\system32\DRIVERS\PuAcpi64.sys
20:42:54.0901 2256 MTsensor64 - ok
20:42:54.0932 2256 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:42:54.0948 2256 Mup - ok
20:42:55.0010 2256 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:42:55.0088 2256 napagent - ok
20:42:55.0135 2256 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:42:55.0166 2256 NativeWifiP - ok
20:42:55.0244 2256 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:42:55.0291 2256 NDIS - ok
20:42:55.0322 2256 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:42:55.0369 2256 NdisCap - ok
20:42:55.0400 2256 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:42:55.0447 2256 NdisTapi - ok
20:42:55.0462 2256 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:42:55.0509 2256 Ndisuio - ok
20:42:55.0525 2256 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:42:55.0587 2256 NdisWan - ok
20:42:55.0618 2256 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:42:55.0665 2256 NDProxy - ok
20:42:55.0681 2256 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:42:55.0743 2256 NetBIOS - ok
20:42:55.0774 2256 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:42:55.0837 2256 NetBT - ok
20:42:55.0868 2256 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:42:55.0884 2256 Netlogon - ok
20:42:55.0946 2256 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:42:56.0008 2256 Netman - ok
20:42:56.0040 2256 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:42:56.0102 2256 netprofm - ok
20:42:56.0181 2256 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:42:56.0197 2256 NetTcpPortSharing - ok
20:42:56.0243 2256 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:42:56.0259 2256 nfrd960 - ok
20:42:56.0321 2256 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:42:56.0368 2256 NlaSvc - ok
20:42:56.0399 2256 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:42:56.0446 2256 Npfs - ok
20:42:56.0462 2256 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:42:56.0509 2256 nsi - ok
20:42:56.0540 2256 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:42:56.0587 2256 nsiproxy - ok
20:42:56.0711 2256 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:42:56.0789 2256 Ntfs - ok
20:42:56.0867 2256 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:42:56.0914 2256 Null - ok
20:42:56.0945 2256 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:42:56.0977 2256 nvraid - ok
20:42:56.0992 2256 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:42:57.0008 2256 nvstor - ok
20:42:57.0055 2256 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:42:57.0070 2256 nv_agp - ok
20:42:57.0179 2256 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:42:57.0211 2256 odserv - ok
20:42:57.0226 2256 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:42:57.0242 2256 ohci1394 - ok
20:42:57.0289 2256 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:42:57.0304 2256 ose - ok
20:42:57.0367 2256 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:42:57.0398 2256 p2pimsvc - ok
20:42:57.0429 2256 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:42:57.0460 2256 p2psvc - ok
20:42:57.0507 2256 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:42:57.0523 2256 Parport - ok
20:42:57.0554 2256 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:42:57.0569 2256 partmgr - ok
20:42:57.0585 2256 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:42:57.0616 2256 PcaSvc - ok
20:42:57.0647 2256 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:42:57.0679 2256 pci - ok
20:42:57.0694 2256 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:42:57.0710 2256 pciide - ok
20:42:57.0741 2256 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:42:57.0772 2256 pcmcia - ok
20:42:57.0788 2256 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:42:57.0803 2256 pcw - ok
20:42:57.0850 2256 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:42:57.0944 2256 PEAUTH - ok
20:42:58.0037 2256 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:42:58.0115 2256 PeerDistSvc - ok
20:42:58.0193 2256 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:42:58.0209 2256 PerfHost - ok
20:42:58.0381 2256 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:42:58.0474 2256 pla - ok
20:42:58.0521 2256 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:42:58.0552 2256 PlugPlay - ok
20:42:58.0583 2256 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:42:58.0599 2256 PNRPAutoReg - ok
20:42:58.0630 2256 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:42:58.0661 2256 PNRPsvc - ok
20:42:58.0708 2256 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:42:58.0771 2256 PolicyAgent - ok
20:42:58.0817 2256 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:42:58.0864 2256 Power - ok
20:42:58.0911 2256 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:42:58.0958 2256 PptpMiniport - ok
20:42:58.0989 2256 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:42:59.0005 2256 Processor - ok
20:42:59.0051 2256 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:42:59.0114 2256 ProfSvc - ok
20:42:59.0129 2256 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:42:59.0161 2256 ProtectedStorage - ok
20:42:59.0176 2256 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:42:59.0223 2256 Psched - ok
20:42:59.0317 2256 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:42:59.0395 2256 ql2300 - ok
20:42:59.0519 2256 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:42:59.0535 2256 ql40xx - ok
20:42:59.0582 2256 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:42:59.0613 2256 QWAVE - ok
20:42:59.0629 2256 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:42:59.0644 2256 QWAVEdrv - ok
20:42:59.0660 2256 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:42:59.0707 2256 RasAcd - ok
20:42:59.0753 2256 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:42:59.0816 2256 RasAgileVpn - ok
20:42:59.0831 2256 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:42:59.0878 2256 RasAuto - ok
20:42:59.0909 2256 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:42:59.0972 2256 Rasl2tp - ok
20:43:00.0003 2256 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:43:00.0065 2256 RasMan - ok
20:43:00.0081 2256 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:43:00.0128 2256 RasPppoe - ok
20:43:00.0159 2256 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:43:00.0206 2256 RasSstp - ok
20:43:00.0237 2256 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:43:00.0284 2256 rdbss - ok
20:43:00.0299 2256 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:43:00.0315 2256 rdpbus - ok
20:43:00.0331 2256 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:43:00.0377 2256 RDPCDD - ok
20:43:00.0409 2256 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:43:00.0440 2256 RDPDR - ok
20:43:00.0471 2256 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:43:00.0518 2256 RDPENCDD - ok
20:43:00.0533 2256 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:43:00.0580 2256 RDPREFMP - ok
20:43:00.0596 2256 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
20:43:00.0627 2256 RdpVideoMiniport - ok
20:43:00.0674 2256 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:43:00.0721 2256 RDPWD - ok
20:43:00.0752 2256 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:43:00.0783 2256 rdyboost - ok
20:43:00.0814 2256 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:43:00.0861 2256 RemoteAccess - ok
20:43:00.0892 2256 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:43:00.0955 2256 RemoteRegistry - ok
20:43:01.0001 2256 rimmptsk (f45d6e12eb99a668f52201637c67c8f5) C:\Windows\system32\DRIVERS\rimmpx64.sys
20:43:01.0033 2256 rimmptsk - ok
20:43:01.0064 2256 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
20:43:01.0095 2256 rimsptsk - ok
20:43:01.0111 2256 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:43:01.0173 2256 RpcEptMapper - ok
20:43:01.0189 2256 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:43:01.0204 2256 RpcLocator - ok
20:43:01.0267 2256 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:43:01.0313 2256 RpcSs - ok
20:43:01.0360 2256 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:43:01.0407 2256 rspndr - ok
20:43:01.0454 2256 RTL8023x64 (c02ff907a2de4f6c6f7e34fbad08660e) C:\Windows\system32\DRIVERS\Rtnic64.sys
20:43:01.0485 2256 RTL8023x64 - ok
20:43:01.0501 2256 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:43:01.0532 2256 s3cap - ok
20:43:01.0563 2256 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:43:01.0579 2256 SamSs - ok
20:43:01.0594 2256 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:43:01.0625 2256 sbp2port - ok
20:43:01.0750 2256 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
20:43:01.0797 2256 SBSDWSCService - ok
20:43:01.0844 2256 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:43:01.0906 2256 SCardSvr - ok
20:43:01.0953 2256 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:43:02.0000 2256 scfilter - ok
20:43:02.0078 2256 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:43:02.0171 2256 Schedule - ok
20:43:02.0187 2256 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:43:02.0235 2256 SCPolicySvc - ok
20:43:02.0282 2256 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:43:02.0313 2256 sdbus - ok
20:43:02.0344 2256 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:43:02.0375 2256 SDRSVC - ok
20:43:02.0406 2256 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:43:02.0453 2256 secdrv - ok
20:43:02.0469 2256 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:43:02.0516 2256 seclogon - ok
20:43:02.0531 2256 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:43:02.0594 2256 SENS - ok
20:43:02.0609 2256 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:43:02.0625 2256 SensrSvc - ok
20:43:02.0640 2256 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:43:02.0656 2256 Serenum - ok
20:43:02.0687 2256 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:43:02.0703 2256 Serial - ok
20:43:02.0734 2256 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:43:02.0750 2256 sermouse - ok
20:43:02.0796 2256 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:43:02.0843 2256 SessionEnv - ok
20:43:02.0874 2256 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
20:43:02.0906 2256 sffdisk - ok
20:43:02.0921 2256 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:43:02.0937 2256 sffp_mmc - ok
20:43:02.0952 2256 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:43:02.0984 2256 sffp_sd - ok
20:43:02.0984 2256 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:43:02.0999 2256 sfloppy - ok
20:43:03.0046 2256 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:43:03.0124 2256 SharedAccess - ok
20:43:03.0171 2256 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:43:03.0233 2256 ShellHWDetection - ok
20:43:03.0280 2256 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:43:03.0296 2256 SiSRaid2 - ok
20:43:03.0311 2256 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:43:03.0327 2256 SiSRaid4 - ok
20:43:03.0358 2256 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:43:03.0405 2256 Smb - ok
20:43:03.0452 2256 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:43:03.0467 2256 SNMPTRAP - ok
20:43:03.0545 2256 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
20:43:03.0576 2256 Sony Ericsson PCCompanion - ok
20:43:03.0608 2256 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:43:03.0623 2256 spldr - ok
20:43:03.0670 2256 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:43:03.0732 2256 Spooler - ok
20:43:03.0966 2256 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:43:04.0091 2256 sppsvc - ok
20:43:04.0278 2256 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:43:04.0325 2256 sppuinotify - ok
20:43:04.0341 2256 sptd - ok
20:43:04.0419 2256 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:43:04.0450 2256 srv - ok
20:43:04.0497 2256 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:43:04.0512 2256 srv2 - ok
20:43:04.0559 2256 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:43:04.0575 2256 srvnet - ok
20:43:04.0622 2256 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:43:04.0668 2256 SSDPSRV - ok
20:43:04.0684 2256 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:43:04.0731 2256 SstpSvc - ok
20:43:04.0762 2256 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:43:04.0793 2256 stexstor - ok
20:43:04.0856 2256 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:43:04.0902 2256 stisvc - ok
20:43:04.0934 2256 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:43:04.0949 2256 storflt - ok
20:43:04.0965 2256 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:43:04.0980 2256 storvsc - ok
20:43:04.0996 2256 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:43:05.0012 2256 swenum - ok
20:43:05.0043 2256 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:43:05.0121 2256 swprv - ok
20:43:05.0121 2256 Synth3dVsc - ok
20:43:05.0246 2256 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:43:05.0324 2256 SysMain - ok
20:43:05.0417 2256 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:43:05.0433 2256 TabletInputService - ok
20:43:05.0480 2256 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:43:05.0526 2256 TapiSrv - ok
20:43:05.0573 2256 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:43:05.0620 2256 TBS - ok
20:43:05.0760 2256 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:43:05.0838 2256 Tcpip - ok
20:43:06.0010 2256 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:43:06.0057 2256 TCPIP6 - ok
20:43:06.0135 2256 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:43:06.0182 2256 tcpipreg - ok
20:43:06.0213 2256 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:43:06.0228 2256 TDPIPE - ok
20:43:06.0260 2256 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:43:06.0275 2256 TDTCP - ok
20:43:06.0322 2256 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:43:06.0369 2256 tdx - ok
20:43:06.0416 2256 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:43:06.0431 2256 TermDD - ok
20:43:06.0494 2256 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:43:06.0556 2256 TermService - ok
20:43:06.0587 2256 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:43:06.0603 2256 Themes - ok
20:43:06.0634 2256 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:43:06.0681 2256 THREADORDER - ok
20:43:06.0712 2256 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:43:06.0759 2256 TrkWks - ok
20:43:06.0806 2256 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:43:06.0868 2256 TrustedInstaller - ok
20:43:06.0915 2256 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:43:06.0962 2256 tssecsrv - ok
20:43:06.0993 2256 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:43:07.0024 2256 TsUsbFlt - ok
20:43:07.0024 2256 tsusbhub - ok
20:43:07.0071 2256 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:43:07.0118 2256 tunnel - ok
20:43:07.0149 2256 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:43:07.0164 2256 uagp35 - ok
20:43:07.0196 2256 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:43:07.0258 2256 udfs - ok
20:43:07.0289 2256 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:43:07.0305 2256 UI0Detect - ok
20:43:07.0352 2256 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:43:07.0367 2256 uliagpkx - ok
20:43:07.0398 2256 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:43:07.0414 2256 umbus - ok
20:43:07.0445 2256 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:43:07.0461 2256 UmPass - ok
20:43:07.0492 2256 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:43:07.0523 2256 UmRdpService - ok
20:43:07.0601 2256 UnlockerDriver5 (9dc07e73a4abb9acf692113b36a5009f) C:\Program Files\Unlocker\UnlockerDriver5.sys
20:43:07.0617 2256 UnlockerDriver5 - ok
20:43:07.0664 2256 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:43:07.0726 2256 upnphost - ok
20:43:07.0757 2256 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
20:43:07.0788 2256 USBAAPL64 - ok
20:43:07.0851 2256 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:43:07.0866 2256 usbaudio - ok
20:43:07.0898 2256 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:43:07.0929 2256 usbccgp - ok
20:43:07.0960 2256 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:43:07.0991 2256 usbcir - ok
20:43:08.0022 2256 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:43:08.0038 2256 usbehci - ok
20:43:08.0069 2256 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:43:08.0100 2256 usbhub - ok
20:43:08.0132 2256 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
20:43:08.0147 2256 usbohci - ok
20:43:08.0178 2256 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:43:08.0194 2256 usbprint - ok
20:43:08.0225 2256 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:43:08.0241 2256 USBSTOR - ok
20:43:08.0241 2256 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
20:43:08.0256 2256 usbuhci - ok
20:43:08.0288 2256 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:43:08.0335 2256 UxSms - ok
20:43:08.0367 2256 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:43:08.0382 2256 VaultSvc - ok
20:43:08.0413 2256 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:43:08.0429 2256 vdrvroot - ok
20:43:08.0476 2256 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:43:08.0538 2256 vds - ok
20:43:08.0554 2256 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:43:08.0585 2256 vga - ok
20:43:08.0601 2256 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:43:08.0647 2256 VgaSave - ok
20:43:08.0663 2256 VGPU - ok
20:43:08.0694 2256 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:43:08.0725 2256 vhdmp - ok
20:43:08.0741 2256 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:43:08.0757 2256 viaide - ok
20:43:08.0803 2256 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:43:08.0835 2256 vmbus - ok
20:43:08.0850 2256 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:43:08.0866 2256 VMBusHID - ok
20:43:08.0897 2256 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:43:08.0913 2256 volmgr - ok
20:43:08.0959 2256 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:43:08.0991 2256 volmgrx - ok
20:43:09.0006 2256 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:43:09.0037 2256 volsnap - ok
20:43:09.0100 2256 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:43:09.0131 2256 vsmraid - ok
20:43:09.0240 2256 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:43:09.0334 2256 VSS - ok
20:43:09.0427 2256 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:43:09.0459 2256 vwifibus - ok
20:43:09.0474 2256 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:43:09.0505 2256 vwififlt - ok
20:43:09.0537 2256 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:43:09.0599 2256 W32Time - ok
20:43:09.0630 2256 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:43:09.0646 2256 WacomPen - ok
20:43:09.0693 2256 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:43:09.0739 2256 WANARP - ok
20:43:09.0755 2256 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:43:09.0802 2256 Wanarpv6 - ok
20:43:09.0911 2256 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:43:09.0973 2256 wbengine - ok
20:43:10.0067 2256 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:43:10.0098 2256 WbioSrvc - ok
20:43:10.0145 2256 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:43:10.0192 2256 wcncsvc - ok
20:43:10.0207 2256 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:43:10.0239 2256 WcsPlugInService - ok
20:43:10.0270 2256 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:43:10.0285 2256 Wd - ok
20:43:10.0332 2256 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:43:10.0379 2256 Wdf01000 - ok
20:43:10.0395 2256 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:43:10.0426 2256 WdiServiceHost - ok
20:43:10.0426 2256 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:43:10.0457 2256 WdiSystemHost - ok
20:43:10.0504 2256 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:43:10.0535 2256 WebClient - ok
20:43:10.0566 2256 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:43:10.0629 2256 Wecsvc - ok
20:43:10.0644 2256 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:43:10.0691 2256 wercplsupport - ok
20:43:10.0722 2256 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:43:10.0769 2256 WerSvc - ok
20:43:10.0831 2256 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:43:10.0878 2256 WfpLwf - ok
20:43:10.0894 2256 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:43:10.0909 2256 WIMMount - ok
20:43:10.0941 2256 WinDefend - ok
20:43:10.0956 2256 WinHttpAutoProxySvc - ok
20:43:11.0034 2256 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:43:11.0097 2256 Winmgmt - ok
20:43:11.0221 2256 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:43:11.0331 2256 WinRM - ok
20:43:11.0455 2256 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:43:11.0487 2256 WinUsb - ok
20:43:11.0565 2256 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:43:11.0611 2256 Wlansvc - ok
20:43:11.0643 2256 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:43:11.0658 2256 WmiAcpi - ok
20:43:11.0736 2256 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:43:11.0783 2256 wmiApSrv - ok
20:43:11.0799 2256 WMPNetworkSvc - ok
20:43:11.0830 2256 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:43:11.0845 2256 WPCSvc - ok
20:43:11.0877 2256 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:43:11.0908 2256 WPDBusEnum - ok
20:43:11.0939 2256 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:43:11.0986 2256 ws2ifsl - ok
20:43:12.0001 2256 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:43:12.0033 2256 wscsvc - ok
20:43:12.0048 2256 WSearch - ok
20:43:12.0204 2256 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:43:12.0282 2256 wuauserv - ok
20:43:12.0376 2256 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:43:12.0423 2256 WudfPf - ok
20:43:12.0469 2256 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:43:12.0516 2256 WUDFRd - ok
20:43:12.0547 2256 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:43:12.0594 2256 wudfsvc - ok
20:43:12.0641 2256 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:43:12.0672 2256 WwanSvc - ok
20:43:12.0719 2256 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:43:12.0937 2256 \Device\Harddisk0\DR0 - ok
20:43:12.0937 2256 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR2
20:43:16.0494 2256 \Device\Harddisk1\DR2 - ok
20:43:16.0541 2256 Boot (0x1200) (a65861140742e2283c0b1c7a387bb4c0) \Device\Harddisk0\DR0\Partition0
20:43:16.0541 2256 \Device\Harddisk0\DR0\Partition0 - ok
20:43:16.0557 2256 Boot (0x1200) (121fc360747a23a73f6c69d22cf82f14) \Device\Harddisk0\DR0\Partition1
20:43:16.0557 2256 \Device\Harddisk0\DR0\Partition1 - ok
20:43:16.0572 2256 Boot (0x1200) (7825221b43ef73816bbdedecbdc4befa) \Device\Harddisk0\DR0\Partition2
20:43:16.0572 2256 \Device\Harddisk0\DR0\Partition2 - ok
20:43:16.0603 2256 Boot (0x1200) (4e96d27601d945ee7f15b4947e01c70c) \Device\Harddisk0\DR0\Partition3
20:43:16.0603 2256 \Device\Harddisk0\DR0\Partition3 - ok
20:43:16.0603 2256 Boot (0x1200) (4e238a9d72dfc26e65ca8542f666bd97) \Device\Harddisk1\DR2\Partition0
20:43:16.0619 2256 \Device\Harddisk1\DR2\Partition0 - ok
20:43:16.0619 2256 ============================================================
20:43:16.0619 2256 Scan finished
20:43:16.0619 2256 ============================================================
20:43:16.0635 3472 Detected object count: 1
20:43:16.0635 3472 Actual detected object count: 1
21:51:24.0033 3472 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
21:51:24.0033 3472 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
Soll ich jetzt trotzdem den nächsten schritt machen? Gruß Casandra Geändert von casandra00 (29.07.2012 um 21:21 Uhr) |
|
30.07.2012, 08:32
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Zitat:
Mach mit CF weiter
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.09.2012, 06:35
| #29 |
| | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. Hallo Arne Sorry das wir uns nicht mehr gemeldet Haben aber meine Frau ist leider Verstorben. und ich habe zur Zeit nicht die Zeit mich um ihren Laptop zu Kümmern. Ich werde den Laptop meinem Bekannten mit geben es kann sein das er sich dann nochmal hier melden wird. Alles gute und vielen dank für deine Mühe. der Ehemann von casandra |
|
04.09.2012, 08:26
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will.Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Verschlüsselungs Trojana der ein neues Software Update für 200 Euro haben will. |
| anhang, befallen, bildschirm, code, daten, deaktiviert, download, e-mail, euro, fenster, freund, helft, leute, neues, neustart, programm, rechnung, software, suche, trojana, update, windows, windows 7, windows update |
Linear-Darstellung
