800000cb.@ Malware nicht löschbar

doobiedan · 22.07.2012, 15:42

Hallo liebe User,

Seit einiger Zeit zeigt mein Antivirenprogramm (avast!) eine Bedrohung durch eine Win32:Malware-gen an, mit dem Namen 800000cg.@ an. Zwar sagt das Antivirenprogramm, dass die Malware in Quarantäne verschoben wird. Dennoch zeigt avast kurze Zeit drauf die gleiche Meldung erneut.
Ich weiß nun nicht was ich tun kann und bitte euch um Hilfe.

Ich danke im voraus
Mfg doobiedan

Chris4You · 22.07.2012, 19:37

Hi,

das ist ein nicht ganz einfaches Rootkit, was den Internetverkehr überwacht und umleitet...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)

Poste die Logfiles hier in den Thread

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten...

chris

doobiedan · 23.07.2012, 18:31

Hi,

danke für die schnelle Antwort.

OTL hat leider nur eine logdatei(OTL.txt im Anhang) geöffnet, nachdem der Scan durchgelaufen war.

Der TDSS Killer gibt folgenden Report raus:

Zitat:

19:24:18.0861 9876 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
19:24:19.0113 9876 ============================================================
19:24:19.0113 9876 Current date / time: 2012/07/23 19:24:19.0113
19:24:19.0113 9876 SystemInfo:
19:24:19.0113 9876
19:24:19.0113 9876 OS Version: 6.1.7601 ServicePack: 1.0
19:24:19.0113 9876 Product type: Workstation
19:24:19.0113 9876 ComputerName: DANIEL-PC
19:24:19.0113 9876 UserName: Daniel
19:24:19.0113 9876 Windows directory: C:\Windows
19:24:19.0113 9876 System windows directory: C:\Windows
19:24:19.0113 9876 Running under WOW64
19:24:19.0113 9876 Processor architecture: Intel x64
19:24:19.0113 9876 Number of processors: 8
19:24:19.0113 9876 Page size: 0x1000
19:24:19.0113 9876 Boot type: Normal boot
19:24:19.0113 9876 ============================================================
19:24:19.0601 9876 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:24:19.0606 9876 ============================================================
19:24:19.0606 9876 \Device\Harddisk0\DR0:
19:24:19.0606 9876 MBR partitions:
19:24:19.0606 9876 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
19:24:19.0606 9876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x54D13000
19:24:19.0606 9876 ============================================================
19:24:19.0629 9876 C: <-> \Device\Harddisk0\DR0\Partition1
19:24:19.0629 9876 ============================================================
19:24:19.0629 9876 Initialize success
19:24:19.0629 9876 ============================================================
19:24:47.0667 10420 ============================================================
19:24:47.0667 10420 Scan started
19:24:47.0667 10420 Mode: Manual; SigCheck; TDLFS;
19:24:47.0667 10420 ============================================================
19:24:50.0046 10420 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:24:50.0118 10420 !SASCORE - ok
19:24:50.0406 10420 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:24:50.0510 10420 1394ohci - ok
19:24:50.0593 10420 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:24:50.0635 10420 ACPI - ok
19:24:50.0663 10420 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:24:50.0728 10420 AcpiPmi - ok
19:24:50.0843 10420 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
19:24:50.0874 10420 AdobeActiveFileMonitor9.0 - ok
19:24:51.0071 10420 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:24:51.0102 10420 AdobeFlashPlayerUpdateSvc - ok
19:24:51.0229 10420 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:24:51.0294 10420 adp94xx - ok
19:24:51.0391 10420 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:24:51.0456 10420 adpahci - ok
19:24:51.0504 10420 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:24:51.0571 10420 adpu320 - ok
19:24:51.0623 10420 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:24:51.0719 10420 AeLookupSvc - ok
19:24:51.0825 10420 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:24:51.0895 10420 AFD - ok
19:24:51.0937 10420 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:24:51.0959 10420 agp440 - ok
19:24:51.0973 10420 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:24:52.0021 10420 ALG - ok
19:24:52.0057 10420 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:24:52.0067 10420 aliide - ok
19:24:52.0120 10420 AMD External Events Utility (514089cb4a7df38dc4dd936ade4114d3) C:\Windows\system32\atiesrxx.exe
19:24:52.0220 10420 AMD External Events Utility - ok
19:24:52.0226 10420 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:24:52.0236 10420 amdide - ok
19:24:52.0297 10420 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:24:52.0379 10420 AmdK8 - ok
19:24:52.0948 10420 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
19:24:53.0215 10420 amdkmdag - ok
19:24:53.0406 10420 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
19:24:53.0467 10420 amdkmdap - ok
19:24:53.0510 10420 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:24:53.0573 10420 AmdPPM - ok
19:24:53.0621 10420 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:24:53.0671 10420 amdsata - ok
19:24:53.0715 10420 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:24:53.0760 10420 amdsbs - ok
19:24:53.0772 10420 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:24:53.0783 10420 amdxata - ok
19:24:53.0814 10420 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:24:53.0895 10420 AppID - ok
19:24:53.0947 10420 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:24:54.0042 10420 AppIDSvc - ok
19:24:54.0069 10420 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:24:54.0117 10420 Appinfo - ok
19:24:54.0224 10420 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:24:54.0232 10420 Apple Mobile Device - ok
19:24:54.0284 10420 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:24:54.0295 10420 arc - ok
19:24:54.0318 10420 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:24:54.0329 10420 arcsas - ok
19:24:54.0437 10420 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:24:54.0466 10420 aspnet_state - ok
19:24:54.0506 10420 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
19:24:54.0526 10420 aswFsBlk - ok
19:24:54.0567 10420 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
19:24:54.0596 10420 aswMonFlt - ok
19:24:54.0616 10420 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
19:24:54.0630 10420 aswRdr - ok
19:24:54.0726 10420 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
19:24:54.0776 10420 aswSnx - ok
19:24:54.0828 10420 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
19:24:54.0876 10420 aswSP - ok
19:24:54.0915 10420 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
19:24:54.0931 10420 aswTdi - ok
19:24:54.0975 10420 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:24:55.0048 10420 AsyncMac - ok
19:24:55.0103 10420 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:24:55.0135 10420 atapi - ok
19:24:55.0179 10420 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
19:24:55.0200 10420 AthBTPort - ok
19:24:55.0287 10420 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:24:55.0312 10420 AtherosSvc - ok
19:24:55.0496 10420 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:24:55.0618 10420 athr - ok
19:24:55.0839 10420 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:24:55.0920 10420 AudioEndpointBuilder - ok
19:24:55.0925 10420 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:24:55.0957 10420 AudioSrv - ok
19:24:56.0028 10420 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:24:56.0045 10420 avast! Antivirus - ok
19:24:56.0090 10420 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:24:56.0210 10420 AxInstSV - ok
19:24:56.0359 10420 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:24:56.0471 10420 b06bdrv - ok
19:24:56.0553 10420 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:24:56.0635 10420 b57nd60a - ok
19:24:56.0697 10420 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:24:56.0764 10420 BDESVC - ok
19:24:56.0786 10420 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:24:56.0854 10420 Beep - ok
19:24:56.0881 10420 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:24:56.0913 10420 blbdrive - ok
19:24:57.0055 10420 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:24:57.0091 10420 Bonjour Service - ok
19:24:57.0135 10420 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:24:57.0169 10420 bowser - ok
19:24:57.0204 10420 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:24:57.0270 10420 BrFiltLo - ok
19:24:57.0289 10420 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:24:57.0320 10420 BrFiltUp - ok
19:24:57.0366 10420 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:24:57.0454 10420 Browser - ok
19:24:57.0499 10420 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:24:57.0577 10420 Brserid - ok
19:24:57.0608 10420 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:24:57.0660 10420 BrSerWdm - ok
19:24:57.0704 10420 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:24:57.0762 10420 BrUsbMdm - ok
19:24:57.0768 10420 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:24:57.0796 10420 BrUsbSer - ok
19:24:57.0873 10420 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
19:24:57.0900 10420 BTATH_A2DP - ok
19:24:57.0938 10420 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
19:24:57.0947 10420 BTATH_BUS - ok
19:24:57.0982 10420 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:24:57.0997 10420 BTATH_HCRP - ok
19:24:58.0020 10420 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:24:58.0032 10420 BTATH_LWFLT - ok
19:24:58.0055 10420 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
19:24:58.0070 10420 BTATH_RCP - ok
19:24:58.0141 10420 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
19:24:58.0168 10420 BtFilter - ok
19:24:58.0244 10420 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:24:58.0288 10420 BthEnum - ok
19:24:58.0336 10420 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:24:58.0363 10420 BTHMODEM - ok
19:24:58.0401 10420 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:24:58.0433 10420 BthPan - ok
19:24:58.0525 10420 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:24:58.0585 10420 BTHPORT - ok
19:24:58.0642 10420 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:24:58.0725 10420 bthserv - ok
19:24:58.0741 10420 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:24:58.0776 10420 BTHUSB - ok
19:24:58.0826 10420 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:24:58.0929 10420 cdfs - ok
19:24:58.0993 10420 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:24:59.0137 10420 cdrom - ok
19:24:59.0191 10420 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:24:59.0288 10420 CertPropSvc - ok
19:24:59.0339 10420 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:24:59.0396 10420 circlass - ok
19:24:59.0453 10420 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:24:59.0492 10420 CLFS - ok
19:24:59.0552 10420 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:24:59.0580 10420 clr_optimization_v2.0.50727_32 - ok
19:24:59.0615 10420 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:24:59.0632 10420 clr_optimization_v2.0.50727_64 - ok
19:24:59.0728 10420 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:24:59.0778 10420 clr_optimization_v4.0.30319_32 - ok
19:24:59.0858 10420 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:24:59.0897 10420 clr_optimization_v4.0.30319_64 - ok
19:24:59.0927 10420 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:24:59.0963 10420 CmBatt - ok
19:25:00.0001 10420 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:25:00.0029 10420 cmdide - ok
19:25:00.0119 10420 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:25:00.0163 10420 CNG - ok
19:25:00.0194 10420 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:25:00.0203 10420 Compbatt - ok
19:25:00.0218 10420 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:25:00.0267 10420 CompositeBus - ok
19:25:00.0288 10420 COMSysApp - ok
19:25:00.0301 10420 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:25:00.0315 10420 crcdisk - ok
19:25:00.0366 10420 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:25:00.0400 10420 CryptSvc - ok
19:25:00.0560 10420 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:25:00.0593 10420 cvhsvc - ok
19:25:00.0673 10420 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:25:00.0751 10420 DcomLaunch - ok
19:25:00.0829 10420 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:25:00.0902 10420 defragsvc - ok
19:25:00.0995 10420 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:25:01.0079 10420 DfsC - ok
19:25:01.0140 10420 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:25:01.0208 10420 Dhcp - ok
19:25:01.0244 10420 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:25:01.0310 10420 discache - ok
19:25:01.0376 10420 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:25:01.0407 10420 Disk - ok
19:25:01.0432 10420 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:25:01.0454 10420 Dnscache - ok
19:25:01.0487 10420 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:25:01.0599 10420 dot3svc - ok
19:25:01.0613 10420 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:25:01.0660 10420 DPS - ok
19:25:01.0707 10420 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:25:01.0768 10420 drmkaud - ok
19:25:01.0885 10420 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:25:01.0920 10420 DsiWMIService - ok
19:25:01.0987 10420 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:25:02.0004 10420 dtsoftbus01 - ok
19:25:02.0087 10420 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:25:02.0149 10420 DXGKrnl - ok
19:25:02.0204 10420 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:25:02.0294 10420 EapHost - ok
19:25:02.0504 10420 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:25:02.0586 10420 ebdrv - ok
19:25:02.0715 10420 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:25:02.0766 10420 EFS - ok
19:25:02.0878 10420 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:25:02.0937 10420 ehRecvr - ok
19:25:02.0967 10420 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:25:02.0998 10420 ehSched - ok
19:25:03.0130 10420 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:25:03.0180 10420 elxstor - ok
19:25:03.0335 10420 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
19:25:03.0375 10420 ePowerSvc - ok
19:25:03.0497 10420 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:25:03.0531 10420 ErrDev - ok
19:25:03.0615 10420 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:25:03.0694 10420 EventSystem - ok
19:25:03.0755 10420 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:25:03.0827 10420 exfat - ok
19:25:03.0856 10420 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:25:03.0908 10420 fastfat - ok
19:25:04.0001 10420 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:25:04.0071 10420 Fax - ok
19:25:04.0115 10420 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:25:04.0159 10420 fdc - ok
19:25:04.0194 10420 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:25:04.0287 10420 fdPHost - ok
19:25:04.0298 10420 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:25:04.0343 10420 FDResPub - ok
19:25:04.0389 10420 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:25:04.0423 10420 FileInfo - ok
19:25:04.0458 10420 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:25:04.0531 10420 Filetrace - ok
19:25:04.0561 10420 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:25:04.0572 10420 flpydisk - ok
19:25:04.0605 10420 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:25:04.0619 10420 FltMgr - ok
19:25:04.0700 10420 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:25:04.0742 10420 FontCache - ok
19:25:04.0797 10420 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:25:04.0807 10420 FontCache3.0.0.0 - ok
19:25:04.0855 10420 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:25:04.0886 10420 FsDepends - ok
19:25:04.0933 10420 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:25:04.0962 10420 Fs_Rec - ok
19:25:05.0018 10420 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:25:05.0048 10420 fvevol - ok
19:25:05.0067 10420 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:25:05.0083 10420 gagp30kx - ok
19:25:05.0177 10420 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:25:05.0211 10420 GamesAppService - ok
19:25:05.0254 10420 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:25:05.0278 10420 GEARAspiWDM - ok
19:25:05.0328 10420 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
19:25:05.0355 10420 ggflt - ok
19:25:05.0374 10420 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
19:25:05.0388 10420 ggsemc - ok
19:25:05.0488 10420 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:25:05.0540 10420 gpsvc - ok
19:25:05.0600 10420 GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
19:25:05.0629 10420 GREGService ( UnsignedFile.Multi.Generic ) - warning
19:25:05.0629 10420 GREGService - detected UnsignedFile.Multi.Generic (1)
19:25:05.0676 10420 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:25:05.0732 10420 hcw85cir - ok
19:25:05.0780 10420 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:25:05.0848 10420 HdAudAddService - ok
19:25:05.0896 10420 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:25:05.0956 10420 HDAudBus - ok
19:25:05.0959 10420 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:25:05.0983 10420 HidBatt - ok
19:25:06.0011 10420 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:25:06.0090 10420 HidBth - ok
19:25:06.0134 10420 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:25:06.0182 10420 HidIr - ok
19:25:06.0216 10420 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:25:06.0271 10420 hidserv - ok
19:25:06.0323 10420 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:25:06.0349 10420 HidUsb - ok
19:25:06.0409 10420 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:25:06.0536 10420 hkmsvc - ok
19:25:06.0583 10420 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:25:06.0645 10420 HomeGroupListener - ok
19:25:06.0697 10420 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:25:06.0755 10420 HomeGroupProvider - ok
19:25:06.0817 10420 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:25:06.0857 10420 HpSAMD - ok
19:25:06.0926 10420 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:25:06.0992 10420 HTTP - ok
19:25:07.0012 10420 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:25:07.0021 10420 hwpolicy - ok
19:25:07.0080 10420 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:25:07.0118 10420 i8042prt - ok
19:25:07.0176 10420 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
19:25:07.0206 10420 iaStor - ok
19:25:07.0324 10420 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:25:07.0348 10420 IAStorDataMgrSvc - ok
19:25:07.0425 10420 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:25:07.0469 10420 iaStorV - ok
19:25:07.0610 10420 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:25:07.0658 10420 idsvc - ok
19:25:07.0676 10420 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:25:07.0690 10420 iirsp - ok
19:25:07.0779 10420 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:25:07.0867 10420 IKEEXT - ok
19:25:08.0076 10420 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
19:25:08.0176 10420 IntcAzAudAddService - ok
19:25:08.0358 10420 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:25:08.0387 10420 IntcDAud - ok
19:25:08.0418 10420 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:25:08.0441 10420 intelide - ok
19:25:09.0083 10420 intelkmd (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdpmd64.sys
19:25:09.0360 10420 intelkmd - ok
19:25:09.0525 10420 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:25:09.0580 10420 intelppm - ok
19:25:09.0638 10420 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:25:09.0729 10420 IPBusEnum - ok
19:25:09.0758 10420 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:25:09.0786 10420 IpFilterDriver - ok
19:25:09.0803 10420 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:25:09.0816 10420 IPMIDRV - ok
19:25:09.0845 10420 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:25:09.0938 10420 IPNAT - ok
19:25:10.0092 10420 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
19:25:10.0132 10420 iPod Service - ok
19:25:10.0170 10420 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:25:10.0207 10420 IRENUM - ok
19:25:10.0224 10420 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:25:10.0240 10420 isapnp - ok
19:25:10.0275 10420 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:25:10.0321 10420 iScsiPrt - ok
19:25:10.0358 10420 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:25:10.0377 10420 kbdclass - ok
19:25:10.0395 10420 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:25:10.0436 10420 kbdhid - ok
19:25:10.0493 10420 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:10.0505 10420 KeyIso - ok
19:25:10.0539 10420 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:25:10.0550 10420 KSecDD - ok
19:25:10.0614 10420 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:25:10.0627 10420 KSecPkg - ok
19:25:10.0706 10420 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:25:10.0782 10420 ksthunk - ok
19:25:10.0852 10420 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:25:10.0945 10420 KtmRm - ok
19:25:10.0990 10420 L1C (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:25:10.0998 10420 L1C - ok
19:25:11.0050 10420 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:25:11.0105 10420 LanmanServer - ok
19:25:11.0146 10420 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:25:11.0198 10420 LanmanWorkstation - ok
19:25:11.0285 10420 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
19:25:11.0313 10420 Live Updater Service - ok
19:25:11.0347 10420 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:25:11.0405 10420 lltdio - ok
19:25:11.0465 10420 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:25:11.0521 10420 lltdsvc - ok
19:25:11.0554 10420 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:25:11.0584 10420 lmhosts - ok
19:25:11.0715 10420 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:25:11.0727 10420 LMS - ok
19:25:11.0788 10420 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:25:11.0836 10420 LSI_FC - ok
19:25:11.0868 10420 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:25:11.0884 10420 LSI_SAS - ok
19:25:11.0898 10420 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:25:11.0910 10420 LSI_SAS2 - ok
19:25:11.0931 10420 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:25:11.0943 10420 LSI_SCSI - ok
19:25:11.0981 10420 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:25:12.0064 10420 luafv - ok
19:25:12.0121 10420 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:25:12.0131 10420 MBAMProtector - ok
19:25:12.0218 10420 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:25:12.0268 10420 MBAMService - ok
19:25:12.0295 10420 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:25:12.0326 10420 Mcx2Svc - ok
19:25:12.0355 10420 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:25:12.0366 10420 megasas - ok
19:25:12.0428 10420 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:25:12.0475 10420 MegaSR - ok
19:25:12.0536 10420 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
19:25:12.0564 10420 MEIx64 - ok
19:25:12.0677 10420 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:25:12.0708 10420 Microsoft Office Groove Audit Service - ok
19:25:12.0744 10420 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:25:12.0835 10420 MMCSS - ok
19:25:12.0868 10420 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:25:12.0950 10420 Modem - ok
19:25:12.0983 10420 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:25:13.0043 10420 monitor - ok
19:25:13.0077 10420 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:25:13.0107 10420 mouclass - ok
19:25:13.0136 10420 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:25:13.0168 10420 mouhid - ok
19:25:13.0206 10420 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:25:13.0223 10420 mountmgr - ok
19:25:13.0295 10420 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:25:13.0305 10420 MozillaMaintenance - ok
19:25:13.0325 10420 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:25:13.0337 10420 mpio - ok
19:25:13.0350 10420 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:25:13.0380 10420 mpsdrv - ok
19:25:13.0453 10420 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:25:13.0508 10420 MRxDAV - ok
19:25:13.0559 10420 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:25:13.0613 10420 mrxsmb - ok
19:25:13.0664 10420 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:25:13.0688 10420 mrxsmb10 - ok
19:25:13.0721 10420 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:25:13.0740 10420 mrxsmb20 - ok
19:25:13.0781 10420 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:25:13.0796 10420 msahci - ok
19:25:13.0815 10420 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:25:13.0827 10420 msdsm - ok
19:25:13.0870 10420 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:25:13.0890 10420 MSDTC - ok
19:25:13.0913 10420 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:25:13.0941 10420 Msfs - ok
19:25:13.0977 10420 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:25:14.0048 10420 mshidkmdf - ok
19:25:14.0070 10420 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:25:14.0082 10420 msisadrv - ok
19:25:14.0120 10420 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:25:14.0216 10420 MSiSCSI - ok
19:25:14.0218 10420 msiserver - ok
19:25:14.0255 10420 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:25:14.0320 10420 MSKSSRV - ok
19:25:14.0352 10420 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:25:14.0399 10420 MSPCLOCK - ok
19:25:14.0401 10420 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:25:14.0458 10420 MSPQM - ok
19:25:14.0521 10420 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:25:14.0556 10420 MsRPC - ok
19:25:14.0573 10420 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:25:14.0583 10420 mssmbios - ok
19:25:14.0586 10420 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:25:14.0632 10420 MSTEE - ok
19:25:14.0656 10420 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:25:14.0701 10420 MTConfig - ok
19:25:14.0731 10420 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:25:14.0748 10420 Mup - ok
19:25:14.0816 10420 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:25:14.0891 10420 napagent - ok
19:25:14.0945 10420 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:25:14.0997 10420 NativeWifiP - ok
19:25:15.0137 10420 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
19:25:15.0165 10420 NAUpdate - ok
19:25:15.0243 10420 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:25:15.0268 10420 NDIS - ok
19:25:15.0289 10420 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:25:15.0335 10420 NdisCap - ok
19:25:15.0368 10420 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:25:15.0397 10420 NdisTapi - ok
19:25:15.0435 10420 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:25:15.0463 10420 Ndisuio - ok
19:25:15.0491 10420 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:25:15.0555 10420 NdisWan - ok
19:25:15.0584 10420 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:25:15.0612 10420 NDProxy - ok
19:25:15.0641 10420 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:25:15.0690 10420 NetBIOS - ok
19:25:15.0727 10420 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:25:15.0777 10420 NetBT - ok
19:25:15.0816 10420 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:15.0844 10420 Netlogon - ok
19:25:15.0925 10420 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:25:15.0990 10420 Netman - ok
19:25:16.0104 10420 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:16.0148 10420 NetMsmqActivator - ok
19:25:16.0154 10420 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:16.0169 10420 NetPipeActivator - ok
19:25:16.0236 10420 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:25:16.0353 10420 netprofm - ok
19:25:16.0369 10420 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:16.0378 10420 NetTcpActivator - ok
19:25:16.0381 10420 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:16.0390 10420 NetTcpPortSharing - ok
19:25:16.0466 10420 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:25:16.0497 10420 nfrd960 - ok
19:25:16.0531 10420 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:25:16.0608 10420 NlaSvc - ok
19:25:16.0631 10420 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:25:16.0660 10420 Npfs - ok
19:25:16.0676 10420 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:25:16.0724 10420 nsi - ok
19:25:16.0745 10420 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:25:16.0775 10420 nsiproxy - ok
19:25:16.0918 10420 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:25:16.0988 10420 Ntfs - ok
19:25:17.0090 10420 NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
19:25:17.0121 10420 NTI IScheduleSvc - ok
19:25:17.0241 10420 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
19:25:17.0268 10420 NTIDrvr - ok
19:25:17.0287 10420 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:25:17.0331 10420 Null - ok
19:25:17.0392 10420 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:25:17.0444 10420 nusb3hub - ok
19:25:17.0497 10420 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:25:17.0529 10420 nusb3xhc - ok
19:25:17.0570 10420 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:25:17.0607 10420 nvraid - ok
19:25:17.0632 10420 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:25:17.0649 10420 nvstor - ok
19:25:17.0678 10420 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:25:17.0731 10420 nv_agp - ok
19:25:17.0843 10420 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:25:17.0884 10420 odserv - ok
19:25:17.0903 10420 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:25:17.0939 10420 ohci1394 - ok
19:25:18.0011 10420 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:25:18.0037 10420 ose - ok
19:25:18.0460 10420 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:25:18.0608 10420 osppsvc - ok
19:25:18.0743 10420 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:25:18.0822 10420 p2pimsvc - ok
19:25:18.0882 10420 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:25:18.0946 10420 p2psvc - ok
19:25:18.0987 10420 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:25:19.0009 10420 Parport - ok
19:25:19.0040 10420 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:25:19.0073 10420 partmgr - ok
19:25:19.0101 10420 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:25:19.0154 10420 PcaSvc - ok
19:25:19.0200 10420 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:25:19.0231 10420 pci - ok
19:25:19.0250 10420 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:25:19.0266 10420 pciide - ok
19:25:19.0302 10420 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:25:19.0326 10420 pcmcia - ok
19:25:19.0342 10420 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:25:19.0353 10420 pcw - ok
19:25:19.0401 10420 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:25:19.0458 10420 PEAUTH - ok
19:25:19.0663 10420 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:25:19.0727 10420 PerfHost - ok
19:25:19.0885 10420 pgsql-8.3 (e05cc0b8cc6dd51cc3fd7980f41ffabd) C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
19:25:19.0914 10420 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
19:25:19.0914 10420 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
19:25:20.0135 10420 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:25:20.0258 10420 pla - ok
19:25:20.0343 10420 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:25:20.0402 10420 PlugPlay - ok
19:25:20.0432 10420 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:25:20.0462 10420 PNRPAutoReg - ok
19:25:20.0510 10420 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:25:20.0528 10420 PNRPsvc - ok
19:25:20.0593 10420 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:25:20.0678 10420 PolicyAgent - ok
19:25:20.0736 10420 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:25:20.0795 10420 Power - ok
19:25:20.0881 10420 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:25:20.0931 10420 PptpMiniport - ok
19:25:20.0958 10420 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:25:20.0987 10420 Processor - ok
19:25:21.0042 10420 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:25:21.0095 10420 ProfSvc - ok
19:25:21.0126 10420 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:21.0138 10420 ProtectedStorage - ok
19:25:21.0179 10420 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:25:21.0232 10420 Psched - ok
19:25:21.0269 10420 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:25:21.0296 10420 PxHlpa64 - ok
19:25:21.0458 10420 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:25:21.0546 10420 ql2300 - ok
19:25:21.0678 10420 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:25:21.0735 10420 ql40xx - ok
19:25:21.0781 10420 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:25:21.0839 10420 QWAVE - ok
19:25:21.0861 10420 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:25:21.0909 10420 QWAVEdrv - ok
19:25:22.0261 10420 Radio.fx (b40aa9be30d62b288dbf4aaa83fb2a49) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
19:25:22.0363 10420 Radio.fx - ok
19:25:22.0503 10420 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:25:22.0564 10420 RasAcd - ok
19:25:22.0610 10420 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:25:22.0662 10420 RasAgileVpn - ok
19:25:22.0697 10420 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:25:22.0780 10420 RasAuto - ok
19:25:22.0817 10420 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:25:22.0918 10420 Rasl2tp - ok
19:25:22.0985 10420 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:25:23.0046 10420 RasMan - ok
19:25:23.0056 10420 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:25:23.0107 10420 RasPppoe - ok
19:25:23.0149 10420 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:25:23.0201 10420 RasSstp - ok
19:25:23.0250 10420 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:25:23.0323 10420 rdbss - ok
19:25:23.0351 10420 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:25:23.0403 10420 rdpbus - ok
19:25:23.0441 10420 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:25:23.0491 10420 RDPCDD - ok
19:25:23.0508 10420 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:25:23.0537 10420 RDPENCDD - ok
19:25:23.0569 10420 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:25:23.0597 10420 RDPREFMP - ok
19:25:23.0645 10420 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:25:23.0665 10420 RDPWD - ok
19:25:23.0721 10420 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:25:23.0739 10420 rdyboost - ok
19:25:23.0770 10420 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:25:23.0824 10420 RemoteAccess - ok
19:25:23.0870 10420 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:25:23.0907 10420 RemoteRegistry - ok
19:25:23.0979 10420 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:25:24.0037 10420 RFCOMM - ok
19:25:24.0067 10420 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:25:24.0134 10420 RpcEptMapper - ok
19:25:24.0174 10420 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:25:24.0190 10420 RpcLocator - ok
19:25:24.0266 10420 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:25:24.0309 10420 RpcSs - ok
19:25:24.0347 10420 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:25:24.0393 10420 rspndr - ok
19:25:24.0473 10420 RSUSBSTOR (9beb5f18a418ff70659ce2e356829568) C:\Windows\System32\Drivers\RtsUStor.sys
19:25:24.0489 10420 RSUSBSTOR - ok
19:25:24.0515 10420 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:24.0529 10420 SamSs - ok
19:25:24.0596 10420 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:25:24.0623 10420 SASDIFSV - ok
19:25:24.0628 10420 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:25:24.0639 10420 SASKUTIL - ok
19:25:24.0672 10420 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:25:24.0689 10420 sbp2port - ok
19:25:24.0761 10420 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:25:24.0891 10420 SCardSvr - ok
19:25:24.0921 10420 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:25:24.0992 10420 scfilter - ok
19:25:25.0100 10420 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:25:25.0204 10420 Schedule - ok
19:25:25.0245 10420 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:25:25.0281 10420 SCPolicySvc - ok
19:25:25.0307 10420 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:25:25.0339 10420 SDRSVC - ok
19:25:25.0412 10420 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:25:25.0498 10420 secdrv - ok
19:25:25.0523 10420 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:25:25.0553 10420 seclogon - ok
19:25:25.0576 10420 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:25:25.0621 10420 SENS - ok
19:25:25.0645 10420 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:25:25.0678 10420 SensrSvc - ok
19:25:25.0712 10420 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:25:25.0747 10420 Serenum - ok
19:25:25.0810 10420 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:25:25.0856 10420 Serial - ok
19:25:25.0904 10420 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:25:25.0950 10420 sermouse - ok
19:25:26.0020 10420 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:25:26.0119 10420 SessionEnv - ok
19:25:26.0183 10420 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:25:26.0219 10420 sffdisk - ok
19:25:26.0254 10420 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:25:26.0289 10420 sffp_mmc - ok
19:25:26.0339 10420 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:25:26.0377 10420 sffp_sd - ok
19:25:26.0413 10420 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:25:26.0454 10420 sfloppy - ok
19:25:26.0575 10420 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:25:26.0645 10420 Sftfs - ok
19:25:26.0774 10420 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:25:26.0817 10420 sftlist - ok
19:25:26.0862 10420 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:25:26.0896 10420 Sftplay - ok
19:25:26.0920 10420 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:25:26.0930 10420 Sftredir - ok
19:25:26.0960 10420 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:25:26.0969 10420 Sftvol - ok
19:25:27.0016 10420 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:25:27.0059 10420 sftvsa - ok
19:25:27.0127 10420 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:25:27.0233 10420 ShellHWDetection - ok
19:25:27.0281 10420 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:25:27.0315 10420 SiSRaid2 - ok
19:25:27.0345 10420 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:25:27.0364 10420 SiSRaid4 - ok
19:25:27.0381 10420 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:25:27.0451 10420 Smb - ok
19:25:27.0512 10420 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:25:27.0568 10420 SNMPTRAP - ok
19:25:27.0663 10420 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
19:25:27.0688 10420 Sony Ericsson PCCompanion - ok
19:25:27.0704 10420 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:25:27.0716 10420 spldr - ok
19:25:27.0759 10420 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:25:27.0807 10420 Spooler - ok
19:25:28.0019 10420 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:25:28.0145 10420 sppsvc - ok
19:25:28.0339 10420 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:25:28.0410 10420 sppuinotify - ok
19:25:28.0516 10420 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:25:28.0593 10420 srv - ok
19:25:28.0652 10420 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:25:28.0711 10420 srv2 - ok
19:25:28.0754 10420 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:25:28.0777 10420 srvnet - ok
19:25:28.0833 10420 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:25:28.0923 10420 SSDPSRV - ok
19:25:28.0945 10420 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:25:28.0977 10420 SstpSvc - ok
19:25:29.0031 10420 Steam Client Service - ok
19:25:29.0072 10420 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:25:29.0099 10420 stexstor - ok
19:25:29.0162 10420 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:25:29.0218 10420 stisvc - ok
19:25:29.0244 10420 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:25:29.0255 10420 swenum - ok
19:25:29.0318 10420 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:25:29.0401 10420 swprv - ok
19:25:29.0556 10420 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
19:25:29.0609 10420 SynTP - ok
19:25:29.0845 10420 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:25:29.0914 10420 SysMain - ok
19:25:29.0991 10420 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:25:30.0009 10420 TabletInputService - ok
19:25:30.0064 10420 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
19:25:30.0072 10420 taphss - ok
19:25:30.0117 10420 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:25:30.0153 10420 TapiSrv - ok
19:25:30.0177 10420 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:25:30.0210 10420 TBS - ok
19:25:30.0469 10420 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:25:30.0554 10420 Tcpip - ok
19:25:30.0828 10420 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:25:30.0872 10420 TCPIP6 - ok
19:25:30.0966 10420 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:25:31.0039 10420 tcpipreg - ok
19:25:31.0063 10420 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:25:31.0105 10420 TDPIPE - ok
19:25:31.0148 10420 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:25:31.0179 10420 TDTCP - ok
19:25:31.0226 10420 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:25:31.0328 10420 tdx - ok
19:25:31.0356 10420 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:25:31.0373 10420 TermDD - ok
19:25:31.0458 10420 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:25:31.0560 10420 TermService - ok
19:25:31.0580 10420 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:25:31.0597 10420 Themes - ok
19:25:31.0621 10420 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:25:31.0651 10420 THREADORDER - ok
19:25:31.0676 10420 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:25:31.0720 10420 TrkWks - ok
19:25:31.0796 10420 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:25:31.0875 10420 TrustedInstaller - ok
19:25:31.0906 10420 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:25:31.0966 10420 tssecsrv - ok
19:25:32.0026 10420 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:25:32.0059 10420 TsUsbFlt - ok
19:25:32.0064 10420 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:25:32.0075 10420 TsUsbGD - ok
19:25:32.0133 10420 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:25:32.0229 10420 tunnel - ok
19:25:32.0289 10420 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
19:25:32.0315 10420 TurboB - ok
19:25:32.0383 10420 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:25:32.0410 10420 TurboBoost - ok
19:25:32.0431 10420 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:25:32.0457 10420 uagp35 - ok
19:25:32.0489 10420 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
19:25:32.0501 10420 UBHelper - ok
19:25:32.0546 10420 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:25:32.0614 10420 udfs - ok
19:25:32.0657 10420 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:25:32.0672 10420 UI0Detect - ok
19:25:32.0693 10420 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:25:32.0704 10420 uliagpkx - ok
19:25:32.0725 10420 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:25:32.0753 10420 umbus - ok
19:25:32.0793 10420 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:25:32.0843 10420 UmPass - ok
19:25:33.0125 10420 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:25:33.0221 10420 UNS - ok
19:25:33.0378 10420 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:25:33.0457 10420 upnphost - ok
19:25:33.0509 10420 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:25:33.0537 10420 USBAAPL64 - ok
19:25:33.0593 10420 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:25:33.0605 10420 usbccgp - ok
19:25:33.0637 10420 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:25:33.0652 10420 usbcir - ok
19:25:33.0674 10420 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:25:33.0704 10420 usbehci - ok
19:25:33.0756 10420 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
19:25:33.0816 10420 usbhub - ok
19:25:33.0822 10420 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:25:33.0847 10420 usbohci - ok
19:25:33.0868 10420 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:25:33.0909 10420 usbprint - ok
19:25:33.0937 10420 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:25:33.0973 10420 USBSTOR - ok
19:25:34.0008 10420 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:25:34.0048 10420 usbuhci - ok
19:25:34.0091 10420 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:25:34.0135 10420 usbvideo - ok
19:25:34.0194 10420 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
19:25:34.0217 10420 usb_rndisx - ok
19:25:34.0259 10420 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:25:34.0305 10420 UxSms - ok
19:25:34.0360 10420 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:34.0390 10420 VaultSvc - ok
19:25:34.0421 10420 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:25:34.0434 10420 vdrvroot - ok
19:25:34.0493 10420 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:25:34.0587 10420 vds - ok
19:25:34.0613 10420 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:25:34.0634 10420 vga - ok
19:25:34.0650 10420 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:25:34.0730 10420 VgaSave - ok
19:25:34.0746 10420 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:25:34.0759 10420 vhdmp - ok
19:25:34.0785 10420 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:25:34.0796 10420 viaide - ok
19:25:34.0815 10420 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:25:34.0826 10420 volmgr - ok
19:25:34.0875 10420 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:25:34.0908 10420 volmgrx - ok
19:25:34.0944 10420 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:25:34.0970 10420 volsnap - ok
19:25:35.0122 10420 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
19:25:35.0158 10420 vpnagent - ok
19:25:35.0190 10420 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys
19:25:35.0199 10420 vpnva - ok
19:25:35.0237 10420 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:25:35.0277 10420 vsmraid - ok
19:25:35.0437 10420 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:25:35.0555 10420 VSS - ok
19:25:35.0692 10420 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:25:35.0753 10420 vwifibus - ok
19:25:35.0779 10420 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:25:35.0826 10420 vwififlt - ok
19:25:35.0866 10420 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:25:35.0896 10420 vwifimp - ok
19:25:35.0972 10420 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:25:36.0047 10420 W32Time - ok
19:25:36.0072 10420 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:25:36.0117 10420 WacomPen - ok
19:25:36.0169 10420 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:36.0222 10420 WANARP - ok
19:25:36.0247 10420 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:36.0275 10420 Wanarpv6 - ok
19:25:36.0402 10420 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:25:36.0446 10420 WatAdminSvc - ok
19:25:36.0578 10420 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:25:36.0637 10420 wbengine - ok
19:25:36.0780 10420 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:25:36.0820 10420 WbioSrvc - ok
19:25:36.0860 10420 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:25:36.0919 10420 wcncsvc - ok
19:25:36.0943 10420 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:25:36.0985 10420 WcsPlugInService - ok
19:25:37.0020 10420 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:25:37.0049 10420 Wd - ok
19:25:37.0116 10420 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:25:37.0150 10420 Wdf01000 - ok
19:25:37.0172 10420 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:25:37.0192 10420 WdiServiceHost - ok
19:25:37.0194 10420 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:25:37.0214 10420 WdiSystemHost - ok
19:25:37.0244 10420 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:25:37.0291 10420 WebClient - ok
19:25:37.0331 10420 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:25:37.0388 10420 Wecsvc - ok
19:25:37.0419 10420 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:25:37.0451 10420 wercplsupport - ok
19:25:37.0485 10420 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:25:37.0516 10420 WerSvc - ok
19:25:37.0589 10420 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:25:37.0648 10420 WfpLwf - ok
19:25:37.0670 10420 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:25:37.0686 10420 WIMMount - ok
19:25:37.0699 10420 WinHttpAutoProxySvc - ok
19:25:37.0757 10420 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:25:37.0841 10420 Winmgmt - ok
19:25:38.0036 10420 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:25:38.0123 10420 WinRM - ok
19:25:38.0320 10420 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:25:38.0338 10420 WinUsb - ok
19:25:38.0414 10420 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:25:38.0468 10420 Wlansvc - ok
19:25:38.0543 10420 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:25:38.0573 10420 wlcrasvc - ok
19:25:38.0762 10420 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:25:38.0845 10420 wlidsvc - ok
19:25:38.0964 10420 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:25:38.0990 10420 WmiAcpi - ok
19:25:39.0059 10420 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:25:39.0111 10420 wmiApSrv - ok
19:25:39.0168 10420 WMPNetworkSvc - ok
19:25:39.0215 10420 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:25:39.0248 10420 WPCSvc - ok
19:25:39.0275 10420 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:25:39.0305 10420 WPDBusEnum - ok
19:25:39.0335 10420 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:25:39.0370 10420 ws2ifsl - ok
19:25:39.0372 10420 WSearch - ok
19:25:39.0396 10420 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:25:39.0445 10420 WudfPf - ok
19:25:39.0486 10420 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:25:39.0570 10420 WUDFRd - ok
19:25:39.0598 10420 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:25:39.0629 10420 wudfsvc - ok
19:25:39.0668 10420 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:25:39.0697 10420 WwanSvc - ok
19:25:39.0741 10420 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:25:40.0205 10420 \Device\Harddisk0\DR0 - ok
19:25:40.0211 10420 Boot (0x1200) (9678c028b56934cd6bae14ac8e9b15f8) \Device\Harddisk0\DR0\Partition0
19:25:40.0214 10420 \Device\Harddisk0\DR0\Partition0 - ok
19:25:40.0237 10420 Boot (0x1200) (94de27ae6d2c745a81cd1fe8b53f8707) \Device\Harddisk0\DR0\Partition1
19:25:40.0240 10420 \Device\Harddisk0\DR0\Partition1 - ok
19:25:40.0241 10420 ============================================================
19:25:40.0241 10420 Scan finished
19:25:40.0241 10420 ============================================================
19:25:40.0255 5776 Detected object count: 2
19:25:40.0255 5776 Actual detected object count: 2
19:25:52.0071 5776 GREGService ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:52.0071 5776 GREGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:52.0075 5776 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:52.0075 5776 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:59.0915 3148 ============================================================
19:25:59.0915 3148 Scan started
19:25:59.0915 3148 Mode: Manual; SigCheck; TDLFS;
19:25:59.0915 3148 ============================================================
19:26:00.0642 3148 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:26:00.0680 3148 !SASCORE - ok
19:26:00.0738 3148 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:26:00.0752 3148 1394ohci - ok
19:26:00.0801 3148 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:26:00.0814 3148 ACPI - ok
19:26:00.0838 3148 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:26:00.0851 3148 AcpiPmi - ok
19:26:00.0952 3148 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
19:26:00.0970 3148 AdobeActiveFileMonitor9.0 - ok
19:26:01.0134 3148 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:26:01.0164 3148 AdobeFlashPlayerUpdateSvc - ok
19:26:01.0252 3148 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:01.0288 3148 adp94xx - ok
19:26:01.0349 3148 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:01.0383 3148 adpahci - ok
19:26:01.0433 3148 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:01.0466 3148 adpu320 - ok
19:26:01.0518 3148 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:26:01.0571 3148 AeLookupSvc - ok
19:26:01.0668 3148 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:26:01.0706 3148 AFD - ok
19:26:01.0744 3148 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:01.0771 3148 agp440 - ok
19:26:01.0793 3148 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:26:01.0811 3148 ALG - ok
19:26:01.0820 3148 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:01.0832 3148 aliide - ok
19:26:01.0878 3148 AMD External Events Utility (514089cb4a7df38dc4dd936ade4114d3) C:\Windows\system32\atiesrxx.exe
19:26:01.0893 3148 AMD External Events Utility - ok
19:26:01.0896 3148 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:01.0905 3148 amdide - ok
19:26:01.0927 3148 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:01.0939 3148 AmdK8 - ok
19:26:02.0613 3148 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
19:26:02.0702 3148 amdkmdag - ok
19:26:02.0817 3148 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
19:26:02.0843 3148 amdkmdap - ok
19:26:02.0864 3148 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:02.0875 3148 AmdPPM - ok
19:26:02.0892 3148 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:26:02.0902 3148 amdsata - ok
19:26:02.0932 3148 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:02.0944 3148 amdsbs - ok
19:26:02.0958 3148 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:26:02.0968 3148 amdxata - ok
19:26:02.0974 3148 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:26:03.0001 3148 AppID - ok
19:26:03.0032 3148 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:26:03.0061 3148 AppIDSvc - ok
19:26:03.0075 3148 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:26:03.0103 3148 Appinfo - ok
19:26:03.0187 3148 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:26:03.0196 3148 Apple Mobile Device - ok
19:26:03.0234 3148 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:03.0244 3148 arc - ok
19:26:03.0269 3148 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:03.0279 3148 arcsas - ok
19:26:03.0378 3148 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:26:03.0387 3148 aspnet_state - ok
19:26:03.0413 3148 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
19:26:03.0422 3148 aswFsBlk - ok
19:26:03.0461 3148 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
19:26:03.0470 3148 aswMonFlt - ok
19:26:03.0490 3148 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
19:26:03.0498 3148 aswRdr - ok
19:26:03.0598 3148 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
19:26:03.0632 3148 aswSnx - ok
19:26:03.0675 3148 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
19:26:03.0687 3148 aswSP - ok
19:26:03.0722 3148 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
19:26:03.0730 3148 aswTdi - ok
19:26:03.0760 3148 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:03.0789 3148 AsyncMac - ok
19:26:03.0800 3148 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:03.0810 3148 atapi - ok
19:26:03.0843 3148 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
19:26:03.0850 3148 AthBTPort - ok
19:26:03.0927 3148 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:26:03.0951 3148 AtherosSvc - ok
19:26:04.0132 3148 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:26:04.0171 3148 athr - ok
19:26:04.0353 3148 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:04.0415 3148 AudioEndpointBuilder - ok
19:26:04.0419 3148 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:04.0452 3148 AudioSrv - ok
19:26:04.0525 3148 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:26:04.0552 3148 avast! Antivirus - ok
19:26:04.0573 3148 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:26:04.0605 3148 AxInstSV - ok
19:26:04.0675 3148 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:04.0713 3148 b06bdrv - ok
19:26:04.0749 3148 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:04.0771 3148 b57nd60a - ok
19:26:04.0784 3148 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:26:04.0799 3148 BDESVC - ok
19:26:04.0816 3148 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:04.0844 3148 Beep - ok
19:26:04.0856 3148 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:04.0867 3148 blbdrive - ok
19:26:04.0995 3148 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:26:05.0020 3148 Bonjour Service - ok
19:26:05.0043 3148 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:26:05.0058 3148 bowser - ok
19:26:05.0067 3148 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:05.0084 3148 BrFiltLo - ok
19:26:05.0097 3148 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:05.0115 3148 BrFiltUp - ok
19:26:05.0150 3148 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:26:05.0188 3148 Browser - ok
19:26:05.0229 3148 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:05.0254 3148 Brserid - ok
19:26:05.0271 3148 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:05.0288 3148 BrSerWdm - ok
19:26:05.0291 3148 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:05.0306 3148 BrUsbMdm - ok
19:26:05.0310 3148 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:05.0323 3148 BrUsbSer - ok
19:26:05.0371 3148 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
19:26:05.0396 3148 BTATH_A2DP - ok
19:26:05.0423 3148 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
19:26:05.0440 3148 BTATH_BUS - ok
19:26:05.0478 3148 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:26:05.0496 3148 BTATH_HCRP - ok
19:26:05.0517 3148 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:26:05.0533 3148 BTATH_LWFLT - ok
19:26:05.0564 3148 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
19:26:05.0576 3148 BTATH_RCP - ok
19:26:05.0639 3148 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
19:26:05.0669 3148 BtFilter - ok
19:26:05.0696 3148 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:26:05.0716 3148 BthEnum - ok
19:26:05.0747 3148 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:26:05.0761 3148 BTHMODEM - ok
19:26:05.0802 3148 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:26:05.0816 3148 BthPan - ok
19:26:05.0880 3148 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:26:05.0915 3148 BTHPORT - ok
19:26:05.0948 3148 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:26:05.0977 3148 bthserv - ok
19:26:05.0994 3148 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:26:06.0005 3148 BTHUSB - ok
19:26:06.0023 3148 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:06.0051 3148 cdfs - ok
19:26:06.0079 3148 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:06.0091 3148 cdrom - ok
19:26:06.0098 3148 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:06.0127 3148 CertPropSvc - ok
19:26:06.0146 3148 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:06.0160 3148 circlass - ok
19:26:06.0231 3148 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:06.0266 3148 CLFS - ok
19:26:06.0350 3148 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:26:06.0370 3148 clr_optimization_v2.0.50727_32 - ok
19:26:06.0413 3148 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:26:06.0443 3148 clr_optimization_v2.0.50727_64 - ok
19:26:06.0514 3148 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:26:06.0540 3148 clr_optimization_v4.0.30319_32 - ok
19:26:06.0611 3148 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:26:06.0641 3148 clr_optimization_v4.0.30319_64 - ok
19:26:06.0658 3148 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:06.0678 3148 CmBatt - ok
19:26:06.0710 3148 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:06.0719 3148 cmdide - ok
19:26:06.0797 3148 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:26:06.0835 3148 CNG - ok
19:26:06.0847 3148 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:06.0856 3148 Compbatt - ok
19:26:06.0870 3148 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:26:06.0883 3148 CompositeBus - ok
19:26:06.0885 3148 COMSysApp - ok
19:26:06.0889 3148 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:06.0898 3148 crcdisk - ok
19:26:06.0953 3148 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:26:06.0973 3148 CryptSvc - ok
19:26:07.0121 3148 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:26:07.0175 3148 cvhsvc - ok
19:26:07.0248 3148 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:07.0319 3148 DcomLaunch - ok
19:26:07.0374 3148 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:26:07.0435 3148 defragsvc - ok
19:26:07.0502 3148 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:26:07.0545 3148 DfsC - ok
19:26:07.0582 3148 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:26:07.0612 3148 Dhcp - ok
19:26:07.0630 3148 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:07.0659 3148 discache - ok
19:26:07.0671 3148 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:26:07.0680 3148 Disk - ok
19:26:07.0703 3148 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:26:07.0716 3148 Dnscache - ok
19:26:07.0761 3148 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:26:07.0792 3148 dot3svc - ok
19:26:07.0805 3148 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:26:07.0835 3148 DPS - ok
19:26:07.0849 3148 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:07.0862 3148 drmkaud - ok
19:26:07.0974 3148 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:26:07.0987 3148 DsiWMIService - ok
19:26:08.0056 3148 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:26:08.0068 3148 dtsoftbus01 - ok
19:26:08.0185 3148 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:26:08.0239 3148 DXGKrnl - ok
19:26:08.0279 3148 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:26:08.0336 3148 EapHost - ok
19:26:08.0559 3148 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:08.0605 3148 ebdrv - ok
19:26:08.0735 3148 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:26:08.0756 3148 EFS - ok
19:26:08.0859 3148 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:26:08.0882 3148 ehRecvr - ok
19:26:08.0897 3148 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:26:08.0909 3148 ehSched - ok
19:26:08.0982 3148 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:09.0006 3148 elxstor - ok
19:26:09.0143 3148 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
19:26:09.0187 3148 ePowerSvc - ok
19:26:09.0283 3148 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:09.0319 3148 ErrDev - ok
19:26:09.0390 3148 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:26:09.0445 3148 EventSystem - ok
19:26:09.0474 3148 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:09.0503 3148 exfat - ok
19:26:09.0533 3148 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:09.0593 3148 fastfat - ok
19:26:09.0669 3148 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:26:09.0699 3148 Fax - ok
19:26:09.0712 3148 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:09.0725 3148 fdc - ok
19:26:09.0736 3148 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:26:09.0766 3148 fdPHost - ok
19:26:09.0783 3148 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:26:09.0812 3148 FDResPub - ok
19:26:09.0828 3148 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:09.0838 3148 FileInfo - ok
19:26:09.0854 3148 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:09.0883 3148 Filetrace - ok
19:26:09.0887 3148 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:09.0898 3148 flpydisk - ok
19:26:09.0929 3148 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:26:09.0942 3148 FltMgr - ok
19:26:10.0043 3148 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:26:10.0097 3148 FontCache - ok
19:26:10.0160 3148 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:10.0172 3148 FontCache3.0.0.0 - ok
19:26:10.0219 3148 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:10.0232 3148 FsDepends - ok
19:26:10.0264 3148 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:10.0276 3148 Fs_Rec - ok
19:26:10.0314 3148 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:10.0352 3148 fvevol - ok
19:26:10.0359 3148 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:10.0372 3148 gagp30kx - ok
19:26:10.0474 3148 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:26:10.0502 3148 GamesAppService - ok
19:26:10.0527 3148 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:26:10.0535 3148 GEARAspiWDM - ok
19:26:10.0558 3148 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
19:26:10.0566 3148 ggflt - ok
19:26:10.0581 3148 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
19:26:10.0589 3148 ggsemc - ok
19:26:10.0845 3148 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:26:10.0893 3148 gpsvc - ok
19:26:11.0017 3148 GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
19:26:11.0024 3148 GREGService ( UnsignedFile.Multi.Generic ) - warning
19:26:11.0024 3148 GREGService - detected UnsignedFile.Multi.Generic (1)
19:26:11.0050 3148 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:11.0068 3148 hcw85cir - ok
19:26:11.0115 3148 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:26:11.0130 3148 HdAudAddService - ok
19:26:11.0157 3148 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:26:11.0171 3148 HDAudBus - ok
19:26:11.0175 3148 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:11.0186 3148 HidBatt - ok
19:26:11.0240 3148 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:11.0271 3148 HidBth - ok
19:26:11.0329 3148 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:11.0362 3148 HidIr - ok
19:26:11.0389 3148 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:26:11.0418 3148 hidserv - ok
19:26:11.0430 3148 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:11.0442 3148 HidUsb - ok
19:26:11.0460 3148 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:26:11.0490 3148 hkmsvc - ok
19:26:11.0526 3148 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:26:11.0539 3148 HomeGroupListener - ok
19:26:11.0583 3148 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:26:11.0612 3148 HomeGroupProvider - ok
19:26:11.0628 3148 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:26:11.0641 3148 HpSAMD - ok
19:26:11.0713 3148 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:26:11.0757 3148 HTTP - ok
19:26:11.0776 3148 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:26:11.0785 3148 hwpolicy - ok
19:26:11.0809 3148 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:26:11.0820 3148 i8042prt - ok
19:26:11.0887 3148 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
19:26:11.0900 3148 iaStor - ok
19:26:11.0988 3148 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:26:12.0007 3148 IAStorDataMgrSvc - ok
19:26:12.0077 3148 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:26:12.0102 3148 iaStorV - ok
19:26:12.0238 3148 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:12.0277 3148 idsvc - ok
19:26:12.0294 3148 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:12.0307 3148 iirsp - ok
19:26:12.0392 3148 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:26:12.0434 3148 IKEEXT - ok
19:26:12.0649 3148 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:12.0693 3148 IntcAzAudAddService - ok
19:26:12.0846 3148 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:26:12.0861 3148 IntcDAud - ok
19:26:12.0880 3148 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:12.0890 3148 intelide - ok
19:26:13.0544 3148 intelkmd (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdpmd64.sys
19:26:13.0657 3148 intelkmd - ok
19:26:13.0733 3148 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:26:13.0762 3148 intelppm - ok
19:26:13.0802 3148 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:26:13.0858 3148 IPBusEnum - ok
19:26:13.0876 3148 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:13.0905 3148 IpFilterDriver - ok
19:26:13.0920 3148 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:13.0932 3148 IPMIDRV - ok
19:26:13.0950 3148 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:13.0979 3148 IPNAT - ok
19:26:14.0100 3148 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
19:26:14.0119 3148 iPod Service - ok
19:26:14.0132 3148 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:14.0147 3148 IRENUM - ok
19:26:14.0164 3148 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:14.0174 3148 isapnp - ok
19:26:14.0202 3148 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:26:14.0215 3148 iScsiPrt - ok
19:26:14.0232 3148 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:26:14.0242 3148 kbdclass - ok
19:26:14.0258 3148 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:26:14.0270 3148 kbdhid - ok
19:26:14.0302 3148 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:14.0336 3148 KeyIso - ok
19:26:14.0381 3148 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:26:14.0396 3148 KSecDD - ok
19:26:14.0441 3148 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:26:14.0465 3148 KSecPkg - ok
19:26:14.0480 3148 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:14.0511 3148 ksthunk - ok
19:26:14.0561 3148 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:26:14.0594 3148 KtmRm - ok
19:26:14.0621 3148 L1C (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:26:14.0630 3148 L1C - ok
19:26:14.0681 3148 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:26:14.0714 3148 LanmanServer - ok
19:26:14.0732 3148 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:26:14.0763 3148 LanmanWorkstation - ok
19:26:14.0846 3148 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
19:26:14.0856 3148 Live Updater Service - ok
19:26:14.0879 3148 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:14.0908 3148 lltdio - ok
19:26:14.0967 3148 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:26:14.0999 3148 lltdsvc - ok
19:26:15.0018 3148 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:26:15.0047 3148 lmhosts - ok
19:26:15.0123 3148 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:26:15.0135 3148 LMS - ok
19:26:15.0169 3148 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:15.0180 3148 LSI_FC - ok
19:26:15.0198 3148 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:15.0209 3148 LSI_SAS - ok
19:26:15.0230 3148 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:15.0240 3148 LSI_SAS2 - ok
19:26:15.0263 3148 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:15.0273 3148 LSI_SCSI - ok
19:26:15.0299 3148 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:15.0328 3148 luafv - ok
19:26:15.0361 3148 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:26:15.0371 3148 MBAMProtector - ok
19:26:15.0458 3148 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:26:15.0473 3148 MBAMService - ok
19:26:15.0504 3148 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:26:15.0537 3148 Mcx2Svc - ok
19:26:15.0550 3148 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:15.0560 3148 megasas - ok
19:26:15.0599 3148 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:15.0612 3148 MegaSR - ok
19:26:15.0643 3148 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
19:26:15.0652 3148 MEIx64 - ok
19:26:15.0751 3148 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:26:15.0760 3148 Microsoft Office Groove Audit Service - ok
19:26:15.0785 3148 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:15.0816 3148 MMCSS - ok
19:26:15.0842 3148 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:15.0870 3148 Modem - ok
19:26:15.0879 3148 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:15.0892 3148 monitor - ok
19:26:15.0906 3148 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:15.0916 3148 mouclass - ok
19:26:15.0931 3148 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:26:15.0942 3148 mouhid - ok
19:26:15.0960 3148 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:26:15.0970 3148 mountmgr - ok
19:26:16.0029 3148 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:26:16.0038 3148 MozillaMaintenance - ok
19:26:16.0069 3148 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:26:16.0080 3148 mpio - ok
19:26:16.0102 3148 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:16.0130 3148 mpsdrv - ok
19:26:16.0155 3148 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:26:16.0170 3148 MRxDAV - ok
19:26:16.0207 3148 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:16.0219 3148 mrxsmb - ok
19:26:16.0290 3148 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:16.0322 3148 mrxsmb10 - ok
19:26:16.0374 3148 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:16.0390 3148 mrxsmb20 - ok
19:26:16.0423 3148 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:26:16.0437 3148 msahci - ok
19:26:16.0504 3148 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:26:16.0519 3148 msdsm - ok
19:26:16.0587 3148 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:26:16.0609 3148 MSDTC - ok
19:26:16.0631 3148 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:16.0676 3148 Msfs - ok
19:26:16.0684 3148 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:16.0712 3148 mshidkmdf - ok
19:26:16.0721 3148 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:16.0731 3148 msisadrv - ok
19:26:16.0773 3148 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:26:16.0804 3148 MSiSCSI - ok
19:26:16.0806 3148 msiserver - ok
19:26:16.0818 3148 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:16.0846 3148 MSKSSRV - ok
19:26:16.0849 3148 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:16.0877 3148 MSPCLOCK - ok
19:26:16.0879 3148 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:16.0907 3148 MSPQM - ok
19:26:16.0955 3148 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:26:16.0982 3148 MsRPC - ok
19:26:17.0003 3148 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:17.0013 3148 mssmbios - ok
19:26:17.0015 3148 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:17.0044 3148 MSTEE - ok
19:26:17.0053 3148 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:17.0063 3148 MTConfig - ok
19:26:17.0084 3148 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:17.0095 3148 Mup - ok
19:26:17.0161 3148 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:26:17.0194 3148 napagent - ok
19:26:17.0234 3148 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:17.0252 3148 NativeWifiP - ok
19:26:17.0388 3148 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
19:26:17.0402 3148 NAUpdate - ok
19:26:17.0493 3148 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:26:17.0514 3148 NDIS - ok
19:26:17.0533 3148 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:17.0562 3148 NdisCap - ok
19:26:17.0587 3148 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:17.0615 3148 NdisTapi - ok
19:26:17.0632 3148 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:17.0659 3148 Ndisuio - ok
19:26:17.0687 3148 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:17.0715 3148 NdisWan - ok
19:26:17.0736 3148 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:26:17.0763 3148 NDProxy - ok
19:26:17.0782 3148 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:17.0810 3148 NetBIOS - ok
19:26:17.0838 3148 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:26:17.0867 3148 NetBT - ok
19:26:17.0890 3148 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:17.0901 3148 Netlogon - ok
19:26:17.0970 3148 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:26:18.0020 3148 Netman - ok
19:26:18.0112 3148 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:18.0130 3148 NetMsmqActivator - ok
19:26:18.0134 3148 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:18.0148 3148 NetPipeActivator - ok
19:26:18.0181 3148 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:26:18.0215 3148 netprofm - ok
19:26:18.0217 3148 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:18.0227 3148 NetTcpActivator - ok
19:26:18.0229 3148 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:18.0238 3148 NetTcpPortSharing - ok
19:26:18.0307 3148 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:18.0317 3148 nfrd960 - ok
19:26:18.0341 3148 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:26:18.0373 3148 NlaSvc - ok
19:26:18.0384 3148 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:18.0413 3148 Npfs - ok
19:26:18.0429 3148 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:26:18.0458 3148 nsi - ok
19:26:18.0475 3148 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:18.0503 3148 nsiproxy - ok
19:26:18.0608 3148 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:26:18.0636 3148 Ntfs - ok
19:26:18.0731 3148 NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
19:26:18.0755 3148 NTI IScheduleSvc - ok
19:26:18.0860 3148 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
19:26:18.0875 3148 NTIDrvr - ok
19:26:18.0885 3148 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:18.0918 3148 Null - ok
19:26:18.0957 3148 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:26:18.0967 3148 nusb3hub - ok
19:26:18.0992 3148 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:26:19.0003 3148 nusb3xhc - ok
19:26:19.0035 3148 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:26:19.0046 3148 nvraid - ok
19:26:19.0061 3148 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:26:19.0071 3148 nvstor - ok
19:26:19.0098 3148 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:19.0109 3148 nv_agp - ok
19:26:19.0227 3148 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:26:19.0246 3148 odserv - ok
19:26:19.0268 3148 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:19.0284 3148 ohci1394 - ok
19:26:19.0330 3148 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:19.0357 3148 ose - ok
19:26:19.0665 3148 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:19.0735 3148 osppsvc - ok
19:26:19.0911 3148 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:19.0938 3148 p2pimsvc - ok
19:26:20.0004 3148 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:26:20.0024 3148 p2psvc - ok
19:26:20.0062 3148 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:20.0073 3148 Parport - ok
19:26:20.0107 3148 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:26:20.0117 3148 partmgr - ok
19:26:20.0142 3148 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:26:20.0160 3148 PcaSvc - ok
19:26:20.0193 3148 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:26:20.0204 3148 pci - ok
19:26:20.0214 3148 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:26:20.0224 3148 pciide - ok
19:26:20.0256 3148 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:20.0268 3148 pcmcia - ok
19:26:20.0286 3148 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:20.0296 3148 pcw - ok
19:26:20.0368 3148 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:20.0402 3148 PEAUTH - ok
19:26:20.0493 3148 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:26:20.0521 3148 PerfHost - ok
19:26:20.0625 3148 pgsql-8.3 (e05cc0b8cc6dd51cc3fd7980f41ffabd) C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
19:26:20.0629 3148 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
19:26:20.0629 3148 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
19:26:20.0818 3148 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:26:20.0865 3148 pla - ok
19:26:20.0920 3148 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:26:20.0936 3148 PlugPlay - ok
19:26:20.0952 3148 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:26:20.0964 3148 PNRPAutoReg - ok
19:26:21.0000 3148 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:21.0015 3148 PNRPsvc - ok
19:26:21.0076 3148 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:26:21.0108 3148 PolicyAgent - ok
19:26:21.0158 3148 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:26:21.0189 3148 Power - ok
19:26:21.0323 3148 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:21.0353 3148 PptpMiniport - ok
19:26:21.0365 3148 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:21.0377 3148 Processor - ok
19:26:21.0431 3148 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:26:21.0445 3148 ProfSvc - ok
19:26:21.0479 3148 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:21.0490 3148 ProtectedStorage - ok
19:26:21.0523 3148 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:26:21.0551 3148 Psched - ok
19:26:21.0578 3148 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:26:21.0587 3148 PxHlpa64 - ok
19:26:21.0707 3148 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:21.0734 3148 ql2300 - ok
19:26:21.0864 3148 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:21.0886 3148 ql40xx - ok
19:26:21.0931 3148 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:26:21.0949 3148 QWAVE - ok
19:26:21.0970 3148 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:21.0985 3148 QWAVEdrv - ok
19:26:22.0324 3148 Radio.fx (b40aa9be30d62b288dbf4aaa83fb2a49) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
19:26:22.0374 3148 Radio.fx - ok
19:26:22.0500 3148 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:22.0528 3148 RasAcd - ok
19:26:22.0574 3148 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:22.0603 3148 RasAgileVpn - ok
19:26:22.0637 3148 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:26:22.0667 3148 RasAuto - ok
19:26:22.0689 3148 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:22.0718 3148 Rasl2tp - ok
19:26:22.0805 3148 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:26:22.0837 3148 RasMan - ok
19:26:22.0847 3148 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:22.0876 3148 RasPppoe - ok
19:26:22.0901 3148 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:22.0930 3148 RasSstp - ok
19:26:22.0965 3148 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:22.0995 3148 rdbss - ok
19:26:23.0004 3148 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:23.0017 3148 rdpbus - ok
19:26:23.0027 3148 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:23.0055 3148 RDPCDD - ok
19:26:23.0061 3148 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:23.0090 3148 RDPENCDD - ok
19:26:23.0100 3148 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:23.0128 3148 RDPREFMP - ok
19:26:23.0177 3148 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:26:23.0190 3148 RDPWD - ok
19:26:23.0229 3148 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:26:23.0240 3148 rdyboost - ok
19:26:23.0269 3148 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:26:23.0299 3148 RemoteAccess - ok
19:26:23.0333 3148 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:26:23.0365 3148 RemoteRegistry - ok
19:26:23.0409 3148 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:23.0424 3148 RFCOMM - ok
19:26:23.0443 3148 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:26:23.0474 3148 RpcEptMapper - ok
19:26:23.0505 3148 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:26:23.0518 3148 RpcLocator - ok
19:26:23.0572 3148 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:23.0606 3148 RpcSs - ok
19:26:23.0630 3148 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:23.0659 3148 rspndr - ok
19:26:23.0701 3148 RSUSBSTOR (9beb5f18a418ff70659ce2e356829568) C:\Windows\System32\Drivers\RtsUStor.sys
19:26:23.0712 3148 RSUSBSTOR - ok
19:26:23.0745 3148 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:23.0758 3148 SamSs - ok
19:26:23.0838 3148 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:26:23.0847 3148 SASDIFSV - ok
19:26:23.0851 3148 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:26:23.0858 3148 SASKUTIL - ok
19:26:23.0882 3148 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:26:23.0893 3148 sbp2port - ok
19:26:23.0948 3148 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:26:23.0980 3148 SCardSvr - ok
19:26:24.0008 3148 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:24.0036 3148 scfilter - ok
19:26:24.0131 3148 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:26:24.0170 3148 Schedule - ok
19:26:24.0208 3148 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:24.0236 3148 SCPolicySvc - ok
19:26:24.0258 3148 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:26:24.0272 3148 SDRSVC - ok
19:26:24.0341 3148 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:24.0370 3148 secdrv - ok
19:26:24.0386 3148 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:26:24.0416 3148 seclogon - ok
19:26:24.0428 3148 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:26:24.0459 3148 SENS - ok
19:26:24.0474 3148 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:26:24.0486 3148 SensrSvc - ok
19:26:24.0498 3148 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:24.0510 3148 Serenum - ok
19:26:24.0527 3148 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:24.0539 3148 Serial - ok
19:26:24.0543 3148 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:24.0554 3148 sermouse - ok
19:26:24.0582 3148 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:26:24.0613 3148 SessionEnv - ok
19:26:24.0624 3148 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:24.0637 3148 sffdisk - ok
19:26:24.0650 3148 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:24.0663 3148 sffp_mmc - ok
19:26:24.0680 3148 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:26:24.0693 3148 sffp_sd - ok
19:26:24.0696 3148 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:24.0707 3148 sfloppy - ok
19:26:24.0786 3148 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:26:24.0803 3148 Sftfs - ok
19:26:24.0907 3148 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:26:24.0931 3148 sftlist - ok
19:26:24.0967 3148 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:26:24.0978 3148 Sftplay - ok
19:26:24.0995 3148 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:26:25.0003 3148 Sftredir - ok
19:26:25.0011 3148 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:26:25.0020 3148 Sftvol - ok
19:26:25.0056 3148 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:26:25.0066 3148 sftvsa - ok
19:26:25.0121 3148 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:26:25.0178 3148 ShellHWDetection - ok
19:26:25.0211 3148 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:25.0221 3148 SiSRaid2 - ok
19:26:25.0241 3148 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:25.0251 3148 SiSRaid4 - ok
19:26:25.0266 3148 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:26:25.0295 3148 Smb - ok
19:26:25.0308 3148 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:26:25.0321 3148 SNMPTRAP - ok
19:26:25.0381 3148 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
19:26:25.0390 3148 Sony Ericsson PCCompanion - ok
19:26:25.0401 3148 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:26:25.0410 3148 spldr - ok
19:26:25.0466 3148 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:26:25.0500 3148 Spooler - ok
19:26:25.0713 3148 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:26:25.0776 3148 sppsvc - ok
19:26:25.0901 3148 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:26:25.0948 3148 sppuinotify - ok
19:26:26.0018 3148 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:26:26.0038 3148 srv - ok
19:26:26.0084 3148 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:26:26.0098 3148 srv2 - ok
19:26:26.0127 3148 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:26:26.0139 3148 srvnet - ok
19:26:26.0172 3148 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:26:26.0204 3148 SSDPSRV - ok
19:26:26.0233 3148 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:26:26.0264 3148 SstpSvc - ok
19:26:26.0317 3148 Steam Client Service - ok
19:26:26.0358 3148 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:26:26.0373 3148 stexstor - ok
19:26:26.0426 3148 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:26:26.0459 3148 stisvc - ok
19:26:26.0474 3148 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:26:26.0483 3148 swenum - ok
19:26:26.0523 3148 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:26:26.0558 3148 swprv - ok
19:26:26.0696 3148 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
19:26:26.0733 3148 SynTP - ok
19:26:26.0980 3148 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:26:27.0010 3148 SysMain - ok
19:26:27.0090 3148 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:26:27.0107 3148 TabletInputService - ok
19:26:27.0149 3148 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
19:26:27.0158 3148 taphss - ok
19:26:27.0200 3148 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:26:27.0233 3148 TapiSrv - ok
19:26:27.0253 3148 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:26:27.0285 3148 TBS - ok
19:26:27.0475 3148 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:26:27.0506 3148 Tcpip - ok
19:26:27.0743 3148 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:26:27.0789 3148 TCPIP6 - ok
19:26:27.0885 3148 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:26:27.0913 3148 tcpipreg - ok
19:26:27.0926 3148 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:26:27.0937 3148 TDPIPE - ok
19:26:27.0966 3148 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:26:27.0977 3148 TDTCP - ok
19:26:28.0002 3148 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:26:28.0031 3148 tdx - ok
19:26:28.0052 3148 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:26:28.0062 3148 TermDD - ok
19:26:28.0160 3148 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:26:28.0215 3148 TermService - ok
19:26:28.0254 3148 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:26:28.0271 3148 Themes - ok
19:26:28.0317 3148 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:28.0347 3148 THREADORDER - ok
19:26:28.0373 3148 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:26:28.0404 3148 TrkWks - ok
19:26:28.0482 3148 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:26:28.0511 3148 TrustedInstaller - ok
19:26:28.0524 3148 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:28.0552 3148 tssecsrv - ok
19:26:28.0590 3148 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:26:28.0600 3148 TsUsbFlt - ok
19:26:28.0605 3148 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:26:28.0615 3148 TsUsbGD - ok
19:26:28.0639 3148 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:26:28.0667 3148 tunnel - ok
19:26:28.0685 3148 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
19:26:28.0695 3148 TurboB - ok
19:26:28.0766 3148 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:26:28.0775 3148 TurboBoost - ok
19:26:28.0795 3148 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:26:28.0805 3148 uagp35 - ok
19:26:28.0819 3148 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
19:26:28.0827 3148 UBHelper - ok
19:26:28.0868 3148 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:26:28.0898 3148 udfs - ok
19:26:28.0931 3148 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:26:28.0945 3148 UI0Detect - ok
19:26:28.0968 3148 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:26:28.0978 3148 uliagpkx - ok
19:26:29.0001 3148 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:26:29.0013 3148 umbus - ok
19:26:29.0034 3148 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:26:29.0045 3148 UmPass - ok
19:26:29.0291 3148 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:26:29.0335 3148 UNS - ok
19:26:29.0489 3148 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:26:29.0523 3148 upnphost - ok
19:26:29.0560 3148 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:26:29.0571 3148 USBAAPL64 - ok
19:26:29.0605 3148 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:29.0638 3148 usbccgp - ok
19:26:29.0668 3148 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:26:29.0682 3148 usbcir - ok
19:26:29.0706 3148 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:26:29.0716 3148 usbehci - ok
19:26:29.0755 3148 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
19:26:29.0769 3148 usbhub - ok
19:26:29.0773 3148 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:26:29.0783 3148 usbohci - ok
19:26:29.0799 3148 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:26:29.0813 3148 usbprint - ok
19:26:29.0835 3148 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:29.0847 3148 USBSTOR - ok
19:26:29.0860 3148 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:26:29.0871 3148 usbuhci - ok
19:26:29.0897 3148 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:26:29.0912 3148 usbvideo - ok
19:26:29.0947 3148 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
19:26:29.0960 3148 usb_rndisx - ok
19:26:29.0989 3148 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:26:30.0019 3148 UxSms - ok
19:26:30.0045 3148 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:30.0057 3148 VaultSvc - ok
19:26:30.0073 3148 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:26:30.0083 3148 vdrvroot - ok
19:26:30.0168 3148 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:26:30.0218 3148 vds - ok
19:26:30.0265 3148 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:30.0279 3148 vga - ok
19:26:30.0302 3148 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:26:30.0330 3148 VgaSave - ok
19:26:30.0351 3148 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:26:30.0363 3148 vhdmp - ok
19:26:30.0367 3148 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:26:30.0376 3148 viaide - ok
19:26:30.0400 3148 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:26:30.0410 3148 volmgr - ok
19:26:30.0455 3148 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:26:30.0469 3148 volmgrx - ok
19:26:30.0497 3148 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:26:30.0510 3148 volsnap - ok
19:26:30.0648 3148 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
19:26:30.0668 3148 vpnagent - ok
19:26:30.0698 3148 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys
19:26:30.0709 3148 vpnva - ok
19:26:30.0735 3148 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:26:30.0750 3148 vsmraid - ok
19:26:30.0898 3148 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:26:30.0952 3148 VSS - ok
19:26:31.0088 3148 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:31.0110 3148 vwifibus - ok
19:26:31.0121 3148 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:31.0136 3148 vwififlt - ok
19:26:31.0152 3148 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:31.0167 3148 vwifimp - ok
19:26:31.0228 3148 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:26:31.0267 3148 W32Time - ok
19:26:31.0280 3148 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:26:31.0291 3148 WacomPen - ok
19:26:31.0313 3148 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:31.0341 3148 WANARP - ok
19:26:31.0343 3148 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:31.0371 3148 Wanarpv6 - ok
19:26:31.0499 3148 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:26:31.0523 3148 WatAdminSvc - ok
19:26:31.0642 3148 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:26:31.0674 3148 wbengine - ok
19:26:31.0807 3148 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:26:31.0826 3148 WbioSrvc - ok
19:26:31.0863 3148 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:26:31.0884 3148 wcncsvc - ok
19:26:31.0895 3148 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:26:31.0908 3148 WcsPlugInService - ok
19:26:31.0950 3148 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:26:31.0959 3148 Wd - ok
19:26:32.0026 3148 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:26:32.0043 3148 Wdf01000 - ok
19:26:32.0059 3148 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:32.0076 3148 WdiServiceHost - ok
19:26:32.0079 3148 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:32.0096 3148 WdiSystemHost - ok
19:26:32.0133 3148 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:26:32.0152 3148 WebClient - ok
19:26:32.0181 3148 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:26:32.0214 3148 Wecsvc - ok
19:26:32.0237 3148 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:26:32.0268 3148 wercplsupport - ok
19:26:32.0293 3148 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:26:32.0324 3148 WerSvc - ok
19:26:32.0386 3148 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:32.0415 3148 WfpLwf - ok
19:26:32.0434 3148 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:26:32.0444 3148 WIMMount - ok
19:26:32.0449 3148 WinHttpAutoProxySvc - ok
19:26:32.0511 3148 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:26:32.0542 3148 Winmgmt - ok
19:26:32.0687 3148 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:26:32.0735 3148 WinRM - ok
19:26:32.0873 3148 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:26:32.0909 3148 WinUsb - ok
19:26:32.0979 3148 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:26:33.0002 3148 Wlansvc - ok
19:26:33.0061 3148 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:26:33.0069 3148 wlcrasvc - ok
19:26:33.0235 3148 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:26:33.0269 3148 wlidsvc - ok
19:26:33.0406 3148 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:26:33.0418 3148 WmiAcpi - ok
19:26:33.0477 3148 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:26:33.0490 3148 wmiApSrv - ok
19:26:33.0541 3148 WMPNetworkSvc - ok
19:26:33.0568 3148 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:26:33.0581 3148 WPCSvc - ok
19:26:33.0604 3148 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:26:33.0620 3148 WPDBusEnum - ok
19:26:33.0655 3148 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:26:33.0683 3148 ws2ifsl - ok
19:26:33.0686 3148 WSearch - ok
19:26:33.0715 3148 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:26:33.0743 3148 WudfPf - ok
19:26:33.0770 3148 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:33.0799 3148 WUDFRd - ok
19:26:33.0817 3148 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:26:33.0848 3148 wudfsvc - ok
19:26:33.0900 3148 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:26:33.0942 3148 WwanSvc - ok
19:26:33.0972 3148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:26:34.0423 3148 \Device\Harddisk0\DR0 - ok
19:26:34.0426 3148 Boot (0x1200) (9678c028b56934cd6bae14ac8e9b15f8) \Device\Harddisk0\DR0\Partition0
19:26:34.0428 3148 \Device\Harddisk0\DR0\Partition0 - ok
19:26:34.0457 3148 Boot (0x1200) (94de27ae6d2c745a81cd1fe8b53f8707) \Device\Harddisk0\DR0\Partition1
19:26:34.0459 3148 \Device\Harddisk0\DR0\Partition1 - ok
19:26:34.0459 3148 ============================================================
19:26:34.0459 3148 Scan finished
19:26:34.0459 3148 ============================================================
19:26:34.0470 10360 Detected object count: 2
19:26:34.0470 10360 Actual detected object count: 2
19:26:37.0245 10360 GREGService ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:37.0245 10360 GREGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:26:37.0247 10360 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:37.0247 10360 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Chris4You · 24.07.2012, 06:41

Hi,

Rootkit (ZAccess)...

Fix für OTL:

Doppelklick auf die OTL.exe, um das Programm auszuführen.

Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.

Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:

ATTFilter

:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [POEngine]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.07.06 13:06:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012.06.22 11:55:51 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\U\00000001.@
[2012.01.11 12:04:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\@
[2012.01.11 12:04:40 | 000,002,048 | -HS- | C] () -- C:\Users\Daniel\AppData\Local\{411f1797-9d1f-d395-4eae-3ff07da78792}\@

:Commands
[emptytemp]
[Reboot]

Den roten Run Fixes! Button anklicken.

Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.

Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:

%systemroot%\_OTL

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.
Antivierenlösung komplett auschalten und zwar so, dass sie sich auch nach einem Reboot NICHT einschaltet!

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris

doobiedan · 24.07.2012, 21:17

So hier sind jetzt alle logs, angefangen mit der OTL-fix log:

Zitat:

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\POEngine deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft\Windows folder moved successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft folder moved successfully.
C:\Windows\SysNative\%APPDATA% folder moved successfully.
C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\U\00000001.@ moved successfully.
C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\@ moved successfully.
C:\Users\Daniel\AppData\Local\{411f1797-9d1f-d395-4eae-3ff07da78792}\@ moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Daniel
->Temp folder emptied: 17327313 bytes
->Temporary Internet Files folder emptied: 122742389 bytes
->Java cache emptied: 1302556 bytes
->FireFox cache emptied: 335865929 bytes
->Flash cache emptied: 66057 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: dekkon
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1436972 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 59632837 bytes
RecycleBin emptied: 506941 bytes

Total Files Cleaned = 514,00 mb

OTL by OldTimer - Version 3.2.53.1 log created on 07242012_203158

Files\Folders moved on Reboot...
File\Folder C:\Users\Daniel\AppData\Local\Temp\Vimas\record_465589073thiememeulenhoffnlCodePlus_Deel_1_map4Code_dl1_h1_orgitem_A6192052415316A2B0A62304000B6DF2_or gitem_A6192052415316A2B0A02303000B6D14_orgitem_A6192052415316A2B0A02302000B6CEA_A6192052415316A2B09F230B000B6CAFResponseZ02a.mp3 not found!
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Daniel\AppData\Local\Temp\MMDUtl.log moved successfully.
File\Folder C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{5E9B187F-92D3-420D-B39D-08A1FC2BC402}.tmp not found!
File\Folder C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{850E3009-700A-4EA6-B070-8768A029603B}.tmp not found!
File\Folder C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8535FADE-04B4-4A0C-9BF6-E1737208D71E}.tmp not found!
File\Folder C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E829D6B8-BD74-4FFE-883F-52CC344B87EE}.tmp not found!
File\Folder C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F68CE723-023D-4056-BF6D-4BCD8C748317}.tmp not found!
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\startupCache\startupCache.4.little moved successfully.
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\50608m01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\86C26d01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\98ED6d01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\AF146d01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\B85C8d01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\C102Ed01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\C102Em01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\DAEE4d01 not found!
File\Folder C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\DD30Fm01 not found!
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\Daniel\AppData\Local\Temp\Vimas\record_465589073thiememeulenhoffnlCodePlus_Deel_1_map4Code_dl1_h1_orgitem_A6192052415316A2B0A62304000B6DF2_or gitem_A6192052415316A2B0A02303000B6D14_orgitem_A6192052415316A2B0A02302000B6CEA_A6192052415316A2B09F230B000B6CAFResponseZ02a.mp3 not found!
File C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Daniel\AppData\Local\Temp\MMDUtl.log not found!
File C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{5E9B187F-92D3-420D-B39D-08A1FC2BC402}.tmp not found!
File C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{850E3009-700A-4EA6-B070-8768A029603B}.tmp not found!
File C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8535FADE-04B4-4A0C-9BF6-E1737208D71E}.tmp not found!
File C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E829D6B8-BD74-4FFE-883F-52CC344B87EE}.tmp not found!
File C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F68CE723-023D-4056-BF6D-4BCD8C748317}.tmp not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\startupCache\startupCache.4.little not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\50608m01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\86C26d01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\98ED6d01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\AF146d01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\B85C8d01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\C102Ed01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\C102Em01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\DAEE4d01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache.Trash5888\A\F7\DD30Fm01 not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_001_ not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_002_ not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_003_ not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\Cache\_CACHE_MAP_ not found!
File C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\iwo5mkej.default\urlclassifier3.sqlite not found!
[2012.07.24 20:36:53 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
[2012.07.24 20:37:48 | 000,410,145 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5
[2012.07.24 20:36:44 | 001,030,074 | ---- | M] () C:\Windows\temp\LMutilps.log : Unable to obtain MD5

Registry entries deleted on Reboot...

Das ist die Combofix log:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-07-25.04 - Daniel 24.07.2012  21:03:02.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8044.5972 [GMT 2:00]
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-24 bis 2012-07-24  ))))))))))))))))))))))))))))))
.
.
2012-07-24 19:10 . 2012-07-24 19:10	--------	d-----w-	c:\users\dekkon\AppData\Local\temp
2012-07-24 19:10 . 2012-07-24 19:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-24 18:31 . 2012-07-24 18:31	--------	d-----w-	C:\_OTL
2012-07-23 17:15 . 2012-07-23 17:16	--------	d-----w-	C:\tdss-killer
2012-07-22 14:49 . 2012-07-22 14:49	--------	d-sh--w-	c:\programdata\SecuROM
2012-07-22 14:47 . 2012-07-22 14:47	--------	d-----w-	c:\users\Daniel\AppData\Local\Rockstar Games
2012-07-22 14:46 . 2012-07-22 14:46	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2012-07-22 14:46 . 2012-07-22 14:46	--------	d--h--r-	c:\users\Daniel\AppData\Roaming\SecuROM
2012-07-22 14:46 . 2012-07-22 16:01	--------	d-----w-	c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-07-22 14:46 . 2012-07-22 14:46	--------	d-----w-	c:\windows\SysWow64\xlive
2012-07-21 12:14 . 2012-07-21 12:14	--------	d-----w-	c:\program files (x86)\EA GAMES
2012-07-21 12:12 . 2004-09-30 14:39	733184	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2012-07-21 12:12 . 2004-09-30 14:24	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2012-07-21 12:12 . 2004-09-30 14:20	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2012-07-21 12:12 . 2004-09-30 14:20	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2012-07-21 12:12 . 2004-09-30 14:19	172032	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2012-07-21 12:12 . 2012-07-21 12:12	303236	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2012-07-21 12:12 . 2012-07-21 12:12	180356	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2012-07-06 19:11 . 2012-07-06 19:11	--------	d-----w-	c:\users\Daniel\AppData\Roaming\SUPERAntiSpyware.com
2012-07-06 19:11 . 2012-07-06 19:11	--------	d-----w-	c:\program files\SUPERAntiSpyware
2012-07-06 19:11 . 2012-07-06 19:11	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2012-07-06 19:10 . 2012-07-06 19:10	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-07-06 19:09 . 2012-07-06 19:09	--------	d-----w-	c:\program files (x86)\Oracle
2012-07-06 19:08 . 2012-05-04 17:29	772504	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-07-06 18:46 . 2012-07-06 18:46	--------	d-----w-	c:\program files\CCleaner
2012-07-06 18:25 . 2012-07-06 18:25	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-06 18:25 . 2012-07-06 18:25	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-07-06 16:52 . 2012-07-06 16:52	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Malwarebytes
2012-07-06 16:52 . 2012-07-06 16:52	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-06 16:52 . 2012-07-06 16:52	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-06 16:52 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-06 13:43 . 2012-07-03 16:21	285328	----a-w-	c:\windows\system32\aswBoot.exe
2012-07-06 13:43 . 2012-07-24 18:56	--------	d-----w-	c:\programdata\AVAST Software
2012-07-06 13:43 . 2012-07-06 13:43	--------	d-----w-	c:\program files\AVAST Software
2012-07-06 11:07 . 2012-07-06 11:07	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2012-07-06 11:04 . 2012-07-06 11:04	--------	d-----w-	c:\users\Daniel\AppData\Local\Macromedia
2012-07-06 10:59 . 2012-07-12 10:18	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-29 11:03 . 2012-07-06 20:55	--------	d-----w-	c:\program files (x86)\mp3DirectCut
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 10:18 . 2011-09-05 20:05	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-15 04:53 . 2011-11-11 13:52	58957832	----a-w-	c:\windows\system32\MRT.exe
2012-05-31 04:04 . 2012-06-19 08:07	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{904B8516-50FD-440E-8FEF-090F683500F2}\mpengine.dll
2012-05-18 02:47 . 2012-06-15 04:28	17807360	----a-w-	c:\windows\system32\mshtml.dll
2012-05-18 02:16 . 2012-06-15 04:28	10924032	----a-w-	c:\windows\system32\ieframe.dll
2012-05-18 02:06 . 2012-06-15 04:28	2311680	----a-w-	c:\windows\system32\jscript9.dll
2012-05-18 01:59 . 2012-06-15 04:28	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-05-18 01:59 . 2012-06-15 04:28	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-05-18 01:58 . 2012-06-15 04:28	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-05-18 01:58 . 2012-06-15 04:28	237056	----a-w-	c:\windows\system32\url.dll
2012-05-18 01:56 . 2012-06-15 04:28	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-05-18 01:55 . 2012-06-15 04:28	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-05-18 01:55 . 2012-06-15 04:28	818688	----a-w-	c:\windows\system32\jscript.dll
2012-05-18 01:54 . 2012-06-15 04:28	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-05-18 01:51 . 2012-06-15 04:28	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-05-18 01:51 . 2012-06-15 04:28	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-05-18 01:47 . 2012-06-15 04:28	248320	----a-w-	c:\windows\system32\ieui.dll
2012-05-17 22:45 . 2012-06-15 04:28	1800192	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-05-17 22:35 . 2012-06-15 04:28	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-05-17 22:35 . 2012-06-15 04:28	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29 . 2012-06-15 04:28	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24 . 2012-06-15 04:28	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-05-15 01:32 . 2012-06-14 15:24	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-05-04 17:29 . 2011-09-17 10:20	687504	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-14 15:24	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 15:24	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 15:24	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 15:24	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-14 15:24	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-14 15:25	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-14 15:25	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-14 15:25	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" [2011-03-09 295744]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-01-03 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-21 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-05 1255736]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-15 279616]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-24 204288]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-05-10 872552]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-04-22 244624]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [2011-03-09 257344]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2008-02-01 65536]
S2 Radio.fx;Radio.fx Server;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe [2012-01-26 3665752]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-08-03 645048]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-24 9359872]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-24 309760]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 10:18]
.
2012-07-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3520827184-2771211456-251009465-1000Core.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-11 09:21]
.
2012-07-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3520827184-2771211456-251009465-1000UA.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-11 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-05-10 1831528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.222
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\iwo5mkej.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.http - 174.137.150.197
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3520827184-2771211456-251009465-1000\Software\SecuROM\License information*]
"datasecu"=hex:bf,1f,4d,44,d3,20,08,5c,ce,19,fc,a1,f3,89,34,2b,20,97,7d,3c,9f,
   ba,45,cf,48,5c,97,54,5c,b8,58,7a,b7,90,80,c9,4b,e0,6a,03,0e,78,01,bc,3f,04,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-24  21:17:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-24 19:17
.
Vor Suchlauf: 15 Verzeichnis(se), 503.897.571.328 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 503.414.898.688 Bytes frei
.
- - End Of File - - 2EC7B408D436EA50C2957D5D10C8FE3B

--- --- ---

Malwarebytes hat nichts gefunden:

Zitat:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.24.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Daniel :: DANIEL-PC [Administrator]

24.07.2012 21:21:21
mbam-log-2012-07-24 (21-21-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 416936
Laufzeit: 51 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Chris4You · 25.07.2012, 06:55

Hi,

erstelle und poste bitte ein neuesOTL-Log...

aswMBR
Folge den Anweisungen hier.
Kurzanleitung:
Von http://filepony.de/download-aswmbr/ die aswMBR.exe runterladen und auf dem Desktop speichern.

Doppelklick auf die aswMBR.exe.

Scan-Button anklicken

Bootsectoren (MBR) etc. werden nun untersucht.....

Log speichern und im Thread posten

chris

800000cb.@ Malware nicht löschbar

Plagegeister aller Art und deren Bekämpfung: 800000cb.@ Malware nicht löschbar