| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7 nur noch im abgesicherten Modus startbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
12.11.2012, 16:48
| #1 |
| /// TB-Ausbilder   |  Win7 nur noch im abgesicherten Modus startbar Servus, Hört sich nicht gut an. Mal schaun, was wir finden. Hat Avast gesagt, welches Rootkit es gefunden hat? Schritt 1 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Schritt 2 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt 3 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 4 Downloade dir bitte Farbar Recovery Scan Tool 64-Bit und speichere diese auf einen USB Stick. Schließe den USB Stick an das infizierte System an Du musst das System nun in die System Reparatur Option booten. Über den Boot Manager
Mit Windows CD/DVD
Wähle in den Reparaturoptionen Eingabeaufforderung
Bitte poste mit deiner nächsten Antwort
|
|
12.11.2012, 17:57
| #2 | |
 | Win7 nur noch im abgesicherten Modus startbar Hi Matthias, danke dass du wieder da bist!!!
__________________Es gab direkt weitere Probleme, aber der Reihe nach. Ja, avast hatte mir gesagt, welche rootkits gefunden wurden. Die wurden in einer kleinen Liste (es waren 4 oder 5) angezeigt. Ich konnte aber nur auf "Löschen" oder "Ignorieren" drücken und die Liste auch nicht zum kopieren markieren. Also hab ich auf "Ignorieren" gedrückt in der Hoffnung, dass er die ja sicherlich in Quarantäne schiebt, ein log erstellt oder was auch immer. Naja, ich habe kein log finden können. Bisher trat die Meldung übrigens nicht nochmal auf. So, hier nun das defogger-log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:18 on 12/11/2012 (xxx)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Dann hab ich aswMBR.exe geladen und nach Anleitung ausgeführt. Allerdings hat er mich beim Start nicht gefragt, ob ich mit der aktuellen Virendefinition von AVAST! scannen will. Ich hab trotzdem auf scan gedrückt. Als ich schließlich auf "save log" geklickt habe, ging das "Speichern unter" Fenster auf und der rechner bzw. das Fenster fror sofort ein. Plötzlich kommt die Fehlermeldung: Zitat:
Was nun? Was hab ich falsch gemacht? |
|
12.11.2012, 18:27
| #3 |
| /// TB-Ausbilder | Win7 nur noch im abgesicherten Modus startbar Servus,
__________________starte aswMBR erneut. Klicke in der linken unteren Ecke auf none und starte den Scan nochmal. Sollte es wieder zu der Fehlermeldung kommen, so mach einen Screenshot am Ende des Suchlaufs und lade diesen hier hoch.  |
|
12.11.2012, 19:04
| #4 |
| | Win7 nur noch im abgesicherten Modus startbar So, diesmal hats ohne Fehlermeldung geklappt: Hier der log: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-12 18:49:18
-----------------------------
18:49:18.776 OS Version: Windows x64 6.1.7601 Service Pack 1
18:49:18.776 Number of processors: 2 586 0x170A
18:49:18.776 ComputerName: FLIWATÜT UserName:
18:49:21.007 Initialize success
18:49:21.085 AVAST engine defs: 12111200
18:50:10.720 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:50:10.720 Disk 0 Vendor: TOSHIBA_ FG00 Size: 238475MB BusType: 3
18:50:10.798 Disk 0 MBR read successfully
18:50:10.798 Disk 0 MBR scan
18:50:10.798 Disk 0 Windows VISTA default MBR code
18:50:10.814 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
18:50:10.814 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
18:50:10.845 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 223434 MB offset 30801920
18:50:10.923 Disk 0 scanning C:\Windows\system32\drivers
18:50:33.949 Service scanning
18:51:26.334 Modules scanning
18:51:26.349 Disk 0 trace - called modules:
18:51:26.396 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:51:26.412 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800450d060]
18:51:26.427 3 CLASSPNP.SYS[fffff880015cb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800410a050]
18:51:26.443 Scan finished successfully
18:54:38.136 Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\MBR.dat"
18:54:38.136 The log file has been saved successfully to "C:\Users\xxx\Desktop\aswMBR.txt"
Soll ich nun auch mit Schritt 3 und 4 fortfahren? Hmm, bei Schritt 4 brauche ich die Windows-CD. Puuhh, der Rechner ist jetzt bestimmt drei Jahre alt, Win 7 war vorinstalliert, aber wo diese verdammte CD sein mag??? ich weiß, da kannst du mir wohl nicht helfen ;-) (bzw. handelte es ich um ein DELL-Kauf. War da überhaupt ne CD dabei?) Da muss ich mich wohl jetzt erstmal auf die Suche begeben - irgendwo wird sie schon sein ... |
|
12.11.2012, 19:39
| #5 |
| /// TB-Ausbilder | Win7 nur noch im abgesicherten Modus startbar Servus, bitte mit Schritt 3 und 4 fortfahren. Für Schritt 4 benötigst du meines Wissens nicht zwingend die DVD, wenn du über das Tool über den Boot Manager startest.  |
|
12.11.2012, 20:36
| #6 |
| | Win7 nur noch im abgesicherten Modus startbar So, hier sind die Röntgenbilder meines Patienten und der seelenstrip von mir ;-) TDSSKiller: Code:
ATTFilter 20:09:29.0427 0400 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:09:29.0739 0400 ============================================================
20:09:29.0739 0400 Current date / time: 2012/11/12 20:09:29.0739
20:09:29.0739 0400 SystemInfo:
20:09:29.0739 0400
20:09:29.0739 0400 OS Version: 6.1.7601 ServicePack: 1.0
20:09:29.0739 0400 Product type: Workstation
20:09:29.0739 0400 ComputerName: FLIWATÜT
20:09:29.0739 0400 UserName: xxx
20:09:29.0739 0400 Windows directory: C:\Windows
20:09:29.0739 0400 System windows directory: C:\Windows
20:09:29.0739 0400 Running under WOW64
20:09:29.0739 0400 Processor architecture: Intel x64
20:09:29.0739 0400 Number of processors: 2
20:09:29.0739 0400 Page size: 0x1000
20:09:29.0739 0400 Boot type: Normal boot
20:09:29.0739 0400 ============================================================
20:09:30.0192 0400 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:09:30.0207 0400 ============================================================
20:09:30.0207 0400 \Device\Harddisk0\DR0:
20:09:30.0207 0400 MBR partitions:
20:09:30.0207 0400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:09:30.0207 0400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
20:09:30.0207 0400 ============================================================
20:09:30.0254 0400 C: <-> \Device\Harddisk0\DR0\Partition2
20:09:30.0254 0400 ============================================================
20:09:30.0254 0400 Initialize success
20:09:30.0254 0400 ============================================================
20:09:31.0923 2284 ============================================================
20:09:31.0923 2284 Scan started
20:09:31.0923 2284 Mode: Manual;
20:09:31.0923 2284 ============================================================
20:09:33.0203 2284 ================ Scan system memory ========================
20:09:33.0203 2284 System memory - ok
20:09:33.0203 2284 ================ Scan services =============================
20:09:33.0873 2284 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:09:33.0873 2284 1394ohci - ok
20:09:33.0920 2284 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:09:33.0936 2284 ACPI - ok
20:09:33.0983 2284 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:09:33.0983 2284 AcpiPmi - ok
20:09:34.0154 2284 [ 6D9FC1E7EA3C548F4D3455F0C3FEEF8C ] AdobeActiveFileMonitor7.0 c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
20:09:34.0170 2284 AdobeActiveFileMonitor7.0 - ok
20:09:34.0357 2284 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:09:34.0357 2284 AdobeARMservice - ok
20:09:34.0638 2284 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:09:34.0638 2284 AdobeFlashPlayerUpdateSvc - ok
20:09:34.0716 2284 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:09:34.0731 2284 adp94xx - ok
20:09:34.0778 2284 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:09:34.0794 2284 adpahci - ok
20:09:34.0825 2284 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:09:34.0825 2284 adpu320 - ok
20:09:34.0887 2284 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:09:34.0887 2284 AeLookupSvc - ok
20:09:34.0950 2284 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:09:34.0965 2284 AFD - ok
20:09:35.0012 2284 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:09:35.0028 2284 agp440 - ok
20:09:35.0075 2284 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:09:35.0075 2284 ALG - ok
20:09:35.0137 2284 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:09:35.0137 2284 aliide - ok
20:09:35.0199 2284 [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:09:35.0215 2284 AMD External Events Utility - ok
20:09:35.0246 2284 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:09:35.0246 2284 amdide - ok
20:09:35.0309 2284 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:09:35.0309 2284 AmdK8 - ok
20:09:35.0340 2284 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:09:35.0340 2284 AmdPPM - ok
20:09:35.0402 2284 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:09:35.0402 2284 amdsata - ok
20:09:35.0465 2284 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:09:35.0465 2284 amdsbs - ok
20:09:35.0527 2284 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:09:35.0527 2284 amdxata - ok
20:09:35.0574 2284 [ 1412E9A88FE1F7E35CE6058A2EF03664 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
20:09:35.0589 2284 ApfiltrService - ok
20:09:35.0652 2284 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:09:35.0652 2284 AppID - ok
20:09:35.0699 2284 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:09:35.0699 2284 AppIDSvc - ok
20:09:35.0761 2284 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:09:35.0761 2284 Appinfo - ok
20:09:35.0823 2284 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:09:35.0839 2284 arc - ok
20:09:35.0855 2284 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:09:35.0855 2284 arcsas - ok
20:09:35.0917 2284 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:09:35.0917 2284 aswFsBlk - ok
20:09:35.0995 2284 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:09:35.0995 2284 aswMonFlt - ok
20:09:36.0042 2284 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:09:36.0042 2284 aswRdr - ok
20:09:36.0135 2284 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:09:36.0151 2284 aswSnx - ok
20:09:36.0198 2284 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:09:36.0213 2284 aswSP - ok
20:09:36.0276 2284 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:09:36.0291 2284 aswTdi - ok
20:09:36.0338 2284 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:09:36.0338 2284 AsyncMac - ok
20:09:36.0401 2284 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:09:36.0401 2284 atapi - ok
20:09:36.0588 2284 [ A08339AE90972E268B9622C668F450E8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:09:36.0728 2284 atikmdag - ok
20:09:36.0791 2284 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:09:36.0806 2284 AudioEndpointBuilder - ok
20:09:36.0806 2284 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:09:36.0822 2284 AudioSrv - ok
20:09:36.0947 2284 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:09:36.0947 2284 avast! Antivirus - ok
20:09:37.0009 2284 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:09:37.0009 2284 AxInstSV - ok
20:09:37.0071 2284 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:09:37.0087 2284 b06bdrv - ok
20:09:37.0118 2284 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:09:37.0118 2284 b57nd60a - ok
20:09:37.0196 2284 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
20:09:37.0196 2284 BCM42RLY - ok
20:09:37.0337 2284 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:09:37.0399 2284 BCM43XX - ok
20:09:37.0477 2284 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:09:37.0493 2284 BDESVC - ok
20:09:37.0539 2284 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:09:37.0539 2284 Beep - ok
20:09:37.0633 2284 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:09:37.0633 2284 BFE - ok
20:09:37.0664 2284 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:09:37.0680 2284 BITS - ok
20:09:37.0742 2284 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:09:37.0758 2284 blbdrive - ok
20:09:37.0805 2284 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:09:37.0805 2284 bowser - ok
20:09:37.0820 2284 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:09:37.0836 2284 BrFiltLo - ok
20:09:37.0867 2284 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:09:37.0883 2284 BrFiltUp - ok
20:09:37.0914 2284 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:09:37.0914 2284 BridgeMP - ok
20:09:37.0976 2284 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:09:37.0976 2284 Browser - ok
20:09:38.0039 2284 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:09:38.0039 2284 Brserid - ok
20:09:38.0070 2284 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:09:38.0070 2284 BrSerWdm - ok
20:09:38.0117 2284 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:09:38.0117 2284 BrUsbMdm - ok
20:09:38.0148 2284 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:09:38.0148 2284 BrUsbSer - ok
20:09:38.0179 2284 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:09:38.0179 2284 BTHMODEM - ok
20:09:38.0226 2284 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:09:38.0241 2284 bthserv - ok
20:09:38.0288 2284 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:09:38.0288 2284 cdfs - ok
20:09:38.0351 2284 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:09:38.0366 2284 cdrom - ok
20:09:38.0429 2284 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:09:38.0429 2284 CertPropSvc - ok
20:09:38.0491 2284 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:09:38.0491 2284 circlass - ok
20:09:38.0538 2284 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:09:38.0553 2284 CLFS - ok
20:09:38.0694 2284 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:09:38.0709 2284 clr_optimization_v2.0.50727_32 - ok
20:09:38.0803 2284 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:09:38.0803 2284 clr_optimization_v2.0.50727_64 - ok
20:09:38.0928 2284 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:09:38.0928 2284 clr_optimization_v4.0.30319_32 - ok
20:09:38.0959 2284 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:09:38.0975 2284 clr_optimization_v4.0.30319_64 - ok
20:09:39.0021 2284 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:09:39.0021 2284 CmBatt - ok
20:09:39.0068 2284 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:09:39.0068 2284 cmdide - ok
20:09:39.0115 2284 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:09:39.0131 2284 CNG - ok
20:09:39.0193 2284 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:09:39.0193 2284 Compbatt - ok
20:09:39.0240 2284 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:09:39.0240 2284 CompositeBus - ok
20:09:39.0255 2284 COMSysApp - ok
20:09:39.0271 2284 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:09:39.0271 2284 crcdisk - ok
20:09:39.0349 2284 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:09:39.0349 2284 CryptSvc - ok
20:09:39.0396 2284 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:09:39.0411 2284 CtClsFlt - ok
20:09:39.0489 2284 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:09:39.0505 2284 DcomLaunch - ok
20:09:39.0583 2284 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:09:39.0583 2284 defragsvc - ok
20:09:39.0630 2284 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:09:39.0630 2284 DfsC - ok
20:09:39.0708 2284 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:09:39.0723 2284 Dhcp - ok
20:09:39.0770 2284 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:09:39.0770 2284 discache - ok
20:09:39.0833 2284 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:09:39.0833 2284 Disk - ok
20:09:39.0864 2284 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:09:39.0879 2284 Dnscache - ok
20:09:39.0926 2284 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:09:39.0942 2284 dot3svc - ok
20:09:39.0957 2284 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:09:39.0957 2284 DPS - ok
20:09:40.0004 2284 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:09:40.0004 2284 drmkaud - ok
20:09:40.0082 2284 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:09:40.0098 2284 DXGKrnl - ok
20:09:40.0160 2284 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:09:40.0176 2284 EapHost - ok
20:09:40.0316 2284 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:09:40.0410 2284 ebdrv - ok
20:09:40.0441 2284 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:09:40.0441 2284 EFS - ok
20:09:40.0550 2284 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:09:40.0566 2284 ehRecvr - ok
20:09:40.0613 2284 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:09:40.0613 2284 ehSched - ok
20:09:40.0675 2284 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:09:40.0691 2284 elxstor - ok
20:09:40.0737 2284 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:09:40.0737 2284 ErrDev - ok
20:09:40.0800 2284 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:09:40.0815 2284 EventSystem - ok
20:09:40.0831 2284 ewusbnet - ok
20:09:40.0862 2284 ew_hwusbdev - ok
20:09:40.0893 2284 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:09:40.0893 2284 exfat - ok
20:09:40.0940 2284 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:09:40.0940 2284 fastfat - ok
20:09:41.0018 2284 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:09:41.0034 2284 Fax - ok
20:09:41.0065 2284 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:09:41.0065 2284 fdc - ok
20:09:41.0112 2284 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:09:41.0112 2284 fdPHost - ok
20:09:41.0127 2284 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:09:41.0143 2284 FDResPub - ok
20:09:41.0190 2284 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:09:41.0190 2284 FileInfo - ok
20:09:41.0221 2284 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:09:41.0221 2284 Filetrace - ok
20:09:41.0283 2284 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:09:41.0299 2284 FLEXnet Licensing Service - ok
20:09:41.0330 2284 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:09:41.0330 2284 flpydisk - ok
20:09:41.0393 2284 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:09:41.0408 2284 FltMgr - ok
20:09:41.0486 2284 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:09:41.0502 2284 FontCache - ok
20:09:41.0564 2284 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:09:41.0580 2284 FontCache3.0.0.0 - ok
20:09:41.0627 2284 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:09:41.0627 2284 FsDepends - ok
20:09:41.0689 2284 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:09:41.0689 2284 Fs_Rec - ok
20:09:41.0751 2284 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:09:41.0751 2284 fvevol - ok
20:09:41.0798 2284 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:09:41.0798 2284 gagp30kx - ok
20:09:41.0861 2284 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:09:41.0876 2284 gpsvc - ok
20:09:41.0985 2284 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:41.0985 2284 gupdate - ok
20:09:42.0048 2284 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:09:42.0048 2284 gupdatem - ok
20:09:42.0095 2284 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:09:42.0095 2284 hcw85cir - ok
20:09:42.0141 2284 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:09:42.0157 2284 HDAudBus - ok
20:09:42.0173 2284 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:09:42.0173 2284 HidBatt - ok
20:09:42.0204 2284 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:09:42.0204 2284 HidBth - ok
20:09:42.0235 2284 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:09:42.0235 2284 HidIr - ok
20:09:42.0297 2284 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:09:42.0297 2284 hidserv - ok
20:09:42.0360 2284 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:09:42.0360 2284 HidUsb - ok
20:09:42.0407 2284 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:09:42.0407 2284 hkmsvc - ok
20:09:42.0469 2284 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:09:42.0469 2284 HomeGroupListener - ok
20:09:42.0516 2284 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:09:42.0531 2284 HomeGroupProvider - ok
20:09:42.0594 2284 [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
20:09:42.0594 2284 hotcore3 - ok
20:09:42.0641 2284 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:09:42.0641 2284 HpSAMD - ok
20:09:42.0719 2284 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:09:42.0734 2284 HTTP - ok
20:09:42.0750 2284 huawei_enumerator - ok
20:09:42.0765 2284 hwdatacard - ok
20:09:42.0797 2284 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:09:42.0797 2284 hwpolicy - ok
20:09:42.0859 2284 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:09:42.0859 2284 i8042prt - ok
20:09:42.0937 2284 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:09:42.0937 2284 IAANTMON - ok
20:09:42.0999 2284 [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:09:42.0999 2284 iaStor - ok
20:09:43.0031 2284 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:09:43.0046 2284 iaStorV - ok
20:09:43.0124 2284 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:09:43.0140 2284 idsvc - ok
20:09:43.0171 2284 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:09:43.0171 2284 iirsp - ok
20:09:43.0249 2284 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:09:43.0265 2284 IKEEXT - ok
20:09:43.0296 2284 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:09:43.0296 2284 intelide - ok
20:09:43.0343 2284 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:09:43.0343 2284 intelppm - ok
20:09:43.0389 2284 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:09:43.0405 2284 IPBusEnum - ok
20:09:43.0452 2284 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:09:43.0452 2284 IpFilterDriver - ok
20:09:43.0499 2284 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:09:43.0514 2284 iphlpsvc - ok
20:09:43.0561 2284 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:09:43.0561 2284 IPMIDRV - ok
20:09:43.0608 2284 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:09:43.0608 2284 IPNAT - ok
20:09:43.0639 2284 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:09:43.0639 2284 IRENUM - ok
20:09:43.0670 2284 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:09:43.0686 2284 isapnp - ok
20:09:43.0748 2284 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:09:43.0748 2284 iScsiPrt - ok
20:09:43.0779 2284 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:09:43.0779 2284 kbdclass - ok
20:09:43.0811 2284 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:09:43.0811 2284 kbdhid - ok
20:09:43.0826 2284 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:09:43.0842 2284 KeyIso - ok
20:09:43.0889 2284 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:09:43.0889 2284 KSecDD - ok
20:09:43.0935 2284 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:09:43.0935 2284 KSecPkg - ok
20:09:43.0998 2284 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:09:43.0998 2284 ksthunk - ok
20:09:44.0045 2284 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:09:44.0060 2284 KtmRm - ok
20:09:44.0138 2284 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:09:44.0154 2284 LanmanServer - ok
20:09:44.0201 2284 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:09:44.0216 2284 LanmanWorkstation - ok
20:09:44.0247 2284 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:09:44.0247 2284 lltdio - ok
20:09:44.0294 2284 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:09:44.0294 2284 lltdsvc - ok
20:09:44.0325 2284 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:09:44.0325 2284 lmhosts - ok
20:09:44.0388 2284 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:09:44.0388 2284 LSI_FC - ok
20:09:44.0419 2284 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:09:44.0419 2284 LSI_SAS - ok
20:09:44.0435 2284 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:09:44.0435 2284 LSI_SAS2 - ok
20:09:44.0481 2284 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:09:44.0481 2284 LSI_SCSI - ok
20:09:44.0528 2284 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:09:44.0528 2284 luafv - ok
20:09:44.0591 2284 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:09:44.0591 2284 MBAMProtector - ok
20:09:44.0684 2284 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:09:44.0684 2284 MBAMScheduler - ok
20:09:44.0731 2284 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:09:44.0747 2284 MBAMService - ok
20:09:44.0793 2284 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:09:44.0809 2284 Mcx2Svc - ok
20:09:44.0825 2284 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:09:44.0825 2284 megasas - ok
20:09:44.0887 2284 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:09:44.0887 2284 MegaSR - ok
20:09:44.0934 2284 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:09:44.0949 2284 MMCSS - ok
20:09:44.0965 2284 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:09:44.0965 2284 Modem - ok
20:09:45.0012 2284 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:09:45.0012 2284 monitor - ok
20:09:45.0059 2284 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:09:45.0059 2284 mouclass - ok
20:09:45.0074 2284 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:09:45.0074 2284 mouhid - ok
20:09:45.0121 2284 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:09:45.0121 2284 mountmgr - ok
20:09:45.0215 2284 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:09:45.0215 2284 MozillaMaintenance - ok
20:09:45.0261 2284 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:09:45.0261 2284 mpio - ok
20:09:45.0324 2284 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:09:45.0324 2284 mpsdrv - ok
20:09:45.0386 2284 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:09:45.0402 2284 MpsSvc - ok
20:09:45.0449 2284 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:09:45.0449 2284 MRxDAV - ok
20:09:45.0511 2284 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:09:45.0511 2284 mrxsmb - ok
20:09:45.0558 2284 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:09:45.0573 2284 mrxsmb10 - ok
20:09:45.0620 2284 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:09:45.0620 2284 mrxsmb20 - ok
20:09:45.0683 2284 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:09:45.0683 2284 msahci - ok
20:09:45.0714 2284 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:09:45.0714 2284 msdsm - ok
20:09:45.0745 2284 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:09:45.0745 2284 MSDTC - ok
20:09:45.0792 2284 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:09:45.0807 2284 Msfs - ok
20:09:45.0807 2284 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:09:45.0823 2284 mshidkmdf - ok
20:09:45.0870 2284 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:09:45.0870 2284 msisadrv - ok
20:09:45.0917 2284 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:09:45.0932 2284 MSiSCSI - ok
20:09:45.0932 2284 msiserver - ok
20:09:45.0995 2284 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:09:45.0995 2284 MSKSSRV - ok
20:09:46.0010 2284 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:09:46.0010 2284 MSPCLOCK - ok
20:09:46.0041 2284 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:09:46.0041 2284 MSPQM - ok
20:09:46.0088 2284 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:09:46.0104 2284 MsRPC - ok
20:09:46.0151 2284 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:09:46.0151 2284 mssmbios - ok
20:09:46.0197 2284 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:09:46.0197 2284 MSTEE - ok
20:09:46.0229 2284 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:09:46.0229 2284 MTConfig - ok
20:09:46.0244 2284 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:09:46.0260 2284 Mup - ok
20:09:46.0307 2284 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:09:46.0322 2284 napagent - ok
20:09:46.0385 2284 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:09:46.0385 2284 NativeWifiP - ok
20:09:46.0478 2284 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:09:46.0494 2284 NDIS - ok
20:09:46.0509 2284 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:09:46.0509 2284 NdisCap - ok
20:09:46.0572 2284 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:09:46.0572 2284 NdisTapi - ok
20:09:46.0619 2284 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:09:46.0619 2284 Ndisuio - ok
20:09:46.0681 2284 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:09:46.0681 2284 NdisWan - ok
20:09:46.0728 2284 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:09:46.0728 2284 NDProxy - ok
20:09:46.0790 2284 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:09:46.0790 2284 NetBIOS - ok
20:09:46.0837 2284 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:09:46.0837 2284 NetBT - ok
20:09:46.0853 2284 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:09:46.0853 2284 Netlogon - ok
20:09:46.0931 2284 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:09:46.0946 2284 Netman - ok
20:09:46.0977 2284 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:09:46.0993 2284 netprofm - ok
20:09:47.0024 2284 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:09:47.0024 2284 NetTcpPortSharing - ok
20:09:47.0087 2284 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:09:47.0087 2284 nfrd960 - ok
20:09:47.0149 2284 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:09:47.0165 2284 NlaSvc - ok
20:09:47.0196 2284 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:09:47.0211 2284 Npfs - ok
20:09:47.0258 2284 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:09:47.0258 2284 nsi - ok
20:09:47.0274 2284 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:09:47.0289 2284 nsiproxy - ok
20:09:47.0383 2284 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:09:47.0399 2284 Ntfs - ok
20:09:47.0430 2284 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:09:47.0430 2284 Null - ok
20:09:47.0492 2284 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:09:47.0508 2284 nvraid - ok
20:09:47.0523 2284 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:09:47.0539 2284 nvstor - ok
20:09:47.0555 2284 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:09:47.0555 2284 nv_agp - ok
20:09:47.0601 2284 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:09:47.0601 2284 ohci1394 - ok
20:09:47.0648 2284 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:09:47.0664 2284 p2pimsvc - ok
20:09:47.0726 2284 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:09:47.0742 2284 p2psvc - ok
20:09:47.0773 2284 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:09:47.0773 2284 Parport - ok
20:09:47.0820 2284 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:09:47.0820 2284 partmgr - ok
20:09:47.0867 2284 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:09:47.0882 2284 PcaSvc - ok
20:09:47.0929 2284 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:09:47.0929 2284 pccsmcfd - ok
20:09:47.0991 2284 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:09:47.0991 2284 pci - ok
20:09:48.0023 2284 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:09:48.0023 2284 pciide - ok
20:09:48.0054 2284 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:09:48.0069 2284 pcmcia - ok
20:09:48.0085 2284 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:09:48.0101 2284 pcw - ok
20:09:48.0132 2284 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:09:48.0147 2284 PEAUTH - ok
20:09:48.0241 2284 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:09:48.0241 2284 PerfHost - ok
20:09:48.0335 2284 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:09:48.0366 2284 pla - ok
20:09:48.0428 2284 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:09:48.0459 2284 PlugPlay - ok
20:09:48.0475 2284 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:09:48.0475 2284 PNRPAutoReg - ok
20:09:48.0491 2284 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:09:48.0506 2284 PNRPsvc - ok
20:09:48.0553 2284 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:09:48.0569 2284 PolicyAgent - ok
20:09:48.0631 2284 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:09:48.0647 2284 Power - ok
20:09:48.0662 2284 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:09:48.0662 2284 PptpMiniport - ok
20:09:48.0678 2284 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:09:48.0678 2284 Processor - ok
20:09:48.0740 2284 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:09:48.0756 2284 ProfSvc - ok
20:09:48.0771 2284 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:09:48.0771 2284 ProtectedStorage - ok
20:09:48.0818 2284 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:09:48.0818 2284 Psched - ok
20:09:48.0865 2284 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:09:48.0881 2284 PxHlpa64 - ok
20:09:48.0959 2284 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:09:48.0990 2284 ql2300 - ok
20:09:49.0005 2284 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:09:49.0005 2284 ql40xx - ok
20:09:49.0037 2284 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:09:49.0052 2284 QWAVE - ok
20:09:49.0068 2284 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:09:49.0068 2284 QWAVEdrv - ok
20:09:49.0115 2284 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:09:49.0115 2284 RasAcd - ok
20:09:49.0161 2284 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:09:49.0161 2284 RasAgileVpn - ok
20:09:49.0208 2284 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:09:49.0208 2284 RasAuto - ok
20:09:49.0271 2284 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:09:49.0271 2284 Rasl2tp - ok
20:09:49.0349 2284 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:09:49.0364 2284 RasMan - ok
20:09:49.0427 2284 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:09:49.0427 2284 RasPppoe - ok
20:09:49.0442 2284 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:09:49.0442 2284 RasSstp - ok
20:09:49.0505 2284 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:09:49.0505 2284 rdbss - ok
20:09:49.0551 2284 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:09:49.0551 2284 rdpbus - ok
20:09:49.0567 2284 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:09:49.0567 2284 RDPCDD - ok
20:09:49.0614 2284 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:09:49.0614 2284 RDPENCDD - ok
20:09:49.0629 2284 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:09:49.0629 2284 RDPREFMP - ok
20:09:49.0676 2284 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:09:49.0692 2284 RDPWD - ok
20:09:49.0739 2284 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:09:49.0754 2284 rdyboost - ok
20:09:49.0801 2284 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:09:49.0801 2284 RemoteAccess - ok
20:09:49.0848 2284 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:09:49.0848 2284 RemoteRegistry - ok
20:09:49.0879 2284 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:09:49.0879 2284 RpcEptMapper - ok
20:09:49.0926 2284 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:09:49.0926 2284 RpcLocator - ok
20:09:49.0973 2284 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:09:49.0988 2284 RpcSs - ok
20:09:50.0051 2284 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:09:50.0051 2284 rspndr - ok
20:09:50.0113 2284 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:09:50.0113 2284 RSUSBSTOR - ok
20:09:50.0129 2284 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:09:50.0144 2284 SamSs - ok
20:09:50.0191 2284 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:09:50.0191 2284 sbp2port - ok
20:09:50.0222 2284 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:09:50.0238 2284 SCardSvr - ok
20:09:50.0285 2284 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:09:50.0285 2284 scfilter - ok
20:09:50.0363 2284 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:09:50.0394 2284 Schedule - ok
20:09:50.0441 2284 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:09:50.0441 2284 SCPolicySvc - ok
20:09:50.0472 2284 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:09:50.0487 2284 SDRSVC - ok
20:09:50.0534 2284 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:09:50.0534 2284 secdrv - ok
20:09:50.0581 2284 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:09:50.0597 2284 seclogon - ok
20:09:50.0643 2284 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:09:50.0753 2284 SENS - ok
20:09:50.0799 2284 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:09:50.0799 2284 SensrSvc - ok
20:09:50.0846 2284 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:09:50.0846 2284 Serenum - ok
20:09:50.0862 2284 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:09:50.0877 2284 Serial - ok
20:09:50.0909 2284 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:09:50.0909 2284 sermouse - ok
20:09:51.0033 2284 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:09:51.0049 2284 ServiceLayer - ok
20:09:51.0096 2284 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:09:51.0096 2284 SessionEnv - ok
20:09:51.0143 2284 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:09:51.0143 2284 sffdisk - ok
20:09:51.0158 2284 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:09:51.0158 2284 sffp_mmc - ok
20:09:51.0189 2284 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:09:51.0189 2284 sffp_sd - ok
20:09:51.0221 2284 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:09:51.0221 2284 sfloppy - ok
20:09:51.0283 2284 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:09:51.0299 2284 SharedAccess - ok
20:09:51.0361 2284 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:09:51.0377 2284 ShellHWDetection - ok
20:09:51.0408 2284 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:09:51.0408 2284 SiSRaid2 - ok
20:09:51.0455 2284 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:09:51.0455 2284 SiSRaid4 - ok
20:09:51.0533 2284 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:09:51.0533 2284 SkypeUpdate - ok
20:09:51.0564 2284 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:09:51.0564 2284 Smb - ok
20:09:51.0626 2284 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:09:51.0642 2284 SNMPTRAP - ok
20:09:51.0673 2284 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:09:51.0673 2284 spldr - ok
20:09:51.0735 2284 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:09:51.0751 2284 Spooler - ok
20:09:51.0876 2284 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:09:51.0985 2284 sppsvc - ok
20:09:52.0016 2284 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:09:52.0016 2284 sppuinotify - ok
20:09:52.0079 2284 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:09:52.0094 2284 srv - ok
20:09:52.0110 2284 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:09:52.0110 2284 srv2 - ok
20:09:52.0125 2284 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:09:52.0141 2284 srvnet - ok
20:09:52.0188 2284 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:09:52.0203 2284 SSDPSRV - ok
20:09:52.0219 2284 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:09:52.0219 2284 SstpSvc - ok
20:09:52.0375 2284 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
20:09:52.0391 2284 STacSV - ok
20:09:52.0422 2284 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:09:52.0437 2284 stexstor - ok
20:09:52.0484 2284 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:09:52.0500 2284 STHDA - ok
20:09:52.0562 2284 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:09:52.0578 2284 stisvc - ok
20:09:52.0625 2284 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:09:52.0625 2284 swenum - ok
20:09:52.0687 2284 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:09:52.0703 2284 swprv - ok
20:09:52.0796 2284 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:09:52.0827 2284 SysMain - ok
20:09:52.0874 2284 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:09:52.0890 2284 TabletInputService - ok
20:09:52.0905 2284 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:09:52.0921 2284 TapiSrv - ok
20:09:52.0968 2284 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:09:52.0968 2284 TBS - ok
20:09:53.0077 2284 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:09:53.0108 2284 Tcpip - ok
20:09:53.0202 2284 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:09:53.0217 2284 TCPIP6 - ok
20:09:53.0264 2284 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:09:53.0264 2284 tcpipreg - ok
20:09:53.0311 2284 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:09:53.0311 2284 TDPIPE - ok
20:09:53.0358 2284 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:09:53.0373 2284 TDTCP - ok
20:09:53.0405 2284 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:09:53.0405 2284 tdx - ok
20:09:53.0451 2284 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:09:53.0451 2284 TermDD - ok
20:09:53.0514 2284 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:09:53.0529 2284 TermService - ok
20:09:53.0576 2284 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:09:53.0576 2284 Themes - ok
20:09:53.0623 2284 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:09:53.0623 2284 THREADORDER - ok
20:09:53.0654 2284 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:09:53.0654 2284 TrkWks - ok
20:09:53.0748 2284 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:09:53.0748 2284 TrustedInstaller - ok
20:09:53.0810 2284 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:09:53.0810 2284 tssecsrv - ok
20:09:53.0873 2284 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:09:53.0873 2284 TsUsbFlt - ok
20:09:53.0951 2284 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:09:53.0951 2284 tunnel - ok
20:09:53.0997 2284 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:09:53.0997 2284 uagp35 - ok
20:09:54.0060 2284 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:09:54.0060 2284 udfs - ok
20:09:54.0122 2284 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:09:54.0138 2284 UI0Detect - ok
20:09:54.0185 2284 [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
20:09:54.0185 2284 UimBus - ok
20:09:54.0231 2284 [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
20:09:54.0247 2284 Uim_IM - ok
20:09:54.0278 2284 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:09:54.0278 2284 uliagpkx - ok
20:09:54.0325 2284 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:09:54.0325 2284 umbus - ok
20:09:54.0372 2284 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:09:54.0372 2284 UmPass - ok
20:09:54.0434 2284 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:09:54.0450 2284 upnphost - ok
20:09:54.0512 2284 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:09:54.0512 2284 usbaudio - ok
20:09:54.0543 2284 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:09:54.0543 2284 usbccgp - ok
20:09:54.0606 2284 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:09:54.0606 2284 usbcir - ok
20:09:54.0637 2284 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:09:54.0637 2284 usbehci - ok
20:09:54.0699 2284 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:09:54.0715 2284 usbhub - ok
20:09:54.0731 2284 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:09:54.0731 2284 usbohci - ok
20:09:54.0777 2284 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:09:54.0793 2284 usbprint - ok
20:09:54.0840 2284 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:09:54.0840 2284 usbscan - ok
20:09:54.0887 2284 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
20:09:54.0887 2284 usbser - ok
20:09:54.0933 2284 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:09:54.0933 2284 USBSTOR - ok
20:09:54.0949 2284 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:09:54.0949 2284 usbuhci - ok
20:09:55.0011 2284 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:09:55.0027 2284 usbvideo - ok
20:09:55.0074 2284 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:09:55.0074 2284 UxSms - ok
20:09:55.0105 2284 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:09:55.0105 2284 VaultSvc - ok
20:09:55.0152 2284 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:09:55.0152 2284 vdrvroot - ok
20:09:55.0230 2284 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:09:55.0245 2284 vds - ok
20:09:55.0308 2284 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:09:55.0308 2284 vga - ok
20:09:55.0339 2284 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:09:55.0339 2284 VgaSave - ok
20:09:55.0401 2284 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:09:55.0401 2284 vhdmp - ok
20:09:55.0433 2284 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:09:55.0433 2284 viaide - ok
20:09:55.0464 2284 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:09:55.0464 2284 volmgr - ok
20:09:55.0511 2284 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:09:55.0526 2284 volmgrx - ok
20:09:55.0589 2284 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:09:55.0589 2284 volsnap - ok
20:09:55.0635 2284 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:09:55.0635 2284 vsmraid - ok
20:09:55.0729 2284 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:09:55.0745 2284 VSS - ok
20:09:55.0760 2284 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:09:55.0760 2284 vwifibus - ok
20:09:55.0823 2284 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:09:55.0823 2284 vwififlt - ok
20:09:55.0869 2284 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:09:55.0885 2284 W32Time - ok
20:09:55.0916 2284 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:09:55.0916 2284 WacomPen - ok
20:09:55.0963 2284 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:09:55.0963 2284 WANARP - ok
20:09:55.0979 2284 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:09:55.0979 2284 Wanarpv6 - ok
20:09:56.0057 2284 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:09:56.0088 2284 wbengine - ok
20:09:56.0135 2284 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:09:56.0135 2284 WbioSrvc - ok
20:09:56.0197 2284 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:09:56.0213 2284 wcncsvc - ok
20:09:56.0259 2284 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:09:56.0275 2284 WcsPlugInService - ok
20:09:56.0306 2284 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:09:56.0322 2284 Wd - ok
20:09:56.0353 2284 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:09:56.0369 2284 Wdf01000 - ok
20:09:56.0415 2284 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:09:56.0431 2284 WdiServiceHost - ok
20:09:56.0431 2284 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:09:56.0447 2284 WdiSystemHost - ok
20:09:56.0493 2284 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:09:56.0509 2284 WebClient - ok
20:09:56.0525 2284 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:09:56.0525 2284 Wecsvc - ok
20:09:56.0571 2284 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:09:56.0587 2284 wercplsupport - ok
20:09:56.0618 2284 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:09:56.0618 2284 WerSvc - ok
20:09:56.0681 2284 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:09:56.0696 2284 WfpLwf - ok
20:09:56.0759 2284 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:09:56.0759 2284 WimFltr - ok
20:09:56.0774 2284 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:09:56.0774 2284 WIMMount - ok
20:09:56.0805 2284 WinDefend - ok
20:09:56.0805 2284 WinHttpAutoProxySvc - ok
20:09:56.0883 2284 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:09:56.0899 2284 Winmgmt - ok
20:09:56.0993 2284 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:09:57.0039 2284 WinRM - ok
20:09:57.0117 2284 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:09:57.0133 2284 WinUsb - ok
20:09:57.0195 2284 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:09:57.0227 2284 Wlansvc - ok
20:09:57.0289 2284 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
20:09:57.0289 2284 wltrysvc - ok
20:09:57.0383 2284 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:09:57.0383 2284 WmiAcpi - ok
20:09:57.0429 2284 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:09:57.0429 2284 wmiApSrv - ok
20:09:57.0476 2284 WMPNetworkSvc - ok
20:09:57.0523 2284 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:09:57.0523 2284 WPCSvc - ok
20:09:57.0570 2284 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:09:57.0585 2284 WPDBusEnum - ok
20:09:57.0632 2284 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:09:57.0632 2284 ws2ifsl - ok
20:09:57.0679 2284 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:09:57.0695 2284 wscsvc - ok
20:09:57.0695 2284 WSearch - ok
20:09:57.0788 2284 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:09:57.0819 2284 wuauserv - ok
20:09:57.0835 2284 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:09:57.0835 2284 WudfPf - ok
20:09:57.0913 2284 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:57.0913 2284 WUDFRd - ok
20:09:57.0960 2284 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:09:57.0975 2284 wudfsvc - ok
20:09:58.0022 2284 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:09:58.0038 2284 WwanSvc - ok
20:09:58.0116 2284 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:09:58.0116 2284 yukonw7 - ok
20:09:58.0131 2284 ================ Scan global ===============================
20:09:58.0178 2284 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:09:58.0225 2284 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:09:58.0256 2284 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:09:58.0303 2284 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:09:58.0350 2284 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:09:58.0365 2284 [Global] - ok
20:09:58.0365 2284 ================ Scan MBR ==================================
20:09:58.0397 2284 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
20:09:58.0631 2284 \Device\Harddisk0\DR0 - ok
20:09:58.0631 2284 ================ Scan VBR ==================================
20:09:58.0662 2284 [ AE22F4C4833673412566B08C397D046F ] \Device\Harddisk0\DR0\Partition1
20:09:58.0662 2284 \Device\Harddisk0\DR0\Partition1 - ok
20:09:58.0677 2284 [ 72ED39824D8F29B67B87D50E1B434220 ] \Device\Harddisk0\DR0\Partition2
20:09:58.0677 2284 \Device\Harddisk0\DR0\Partition2 - ok
20:09:58.0677 2284 ============================================================
20:09:58.0677 2284 Scan finished
20:09:58.0677 2284 ============================================================
20:09:58.0677 4388 Detected object count: 0
20:09:58.0677 4388 Actual detected object count: 0
20:10:16.0742 1964 Deinitialize success
und FRST64: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2012
Ran by SYSTEM at 12-11-2012 20:24:57
Running from F:\
Windows 7 Home Premium (X64) OS Language: German Standard
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [305664 2009-01-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [494064 2009-06-18] ()
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Runonce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9590618F-9F6F-4882-A9BC-057B3C7CBBA4}: [NameServer]8.8.8.8,8.8.4.4
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
==================== Services (Whitelisted) ===================
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-07] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-07] (Malwarebytes Corporation)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.)
==================== Drivers (Whitelisted) =====================
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
0 hotcore3; C:\Windows\System32\Drivers\hotcore3.sys [37456 2011-03-28] (Paragon Software Group)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-28] (Windows (R) 2000 DDK provider)
1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-28] (Paragon)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [x]
3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [x]
3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [x]
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-11-12 20:24 - 2012-11-12 20:24 - 00000000 ____D C:\FRST
2012-11-12 13:15 - 2012-11-12 13:15 - 00000000 ____D C:\Users\xxx\Desktop\stick sarah
2012-11-12 13:08 - 2012-11-12 13:08 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\xxx\Desktop\tdsskiller.exe
2012-11-12 11:54 - 2012-11-12 11:55 - 00001630 ____A C:\Users\xxx\Desktop\aswMBR.txt
2012-11-12 10:19 - 2012-11-12 10:20 - 04732416 ____A (AVAST Software) C:\Users\xxx\Desktop\aswMBR.exe
2012-11-12 10:18 - 2012-11-12 10:19 - 00000470 ____A C:\Users\xxx\Desktop\defogger_disable.log
2012-11-12 10:18 - 2012-11-12 10:18 - 00000000 ____A C:\Users\xxx\defogger_reenable
2012-11-12 10:17 - 2012-11-12 10:17 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2012-11-11 14:50 - 2012-10-15 10:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-11-11 14:35 - 2012-11-12 09:39 - 00000224 ____A C:\Windows\setupact.log
2012-11-11 14:35 - 2012-11-11 14:35 - 00000000 ____A C:\Windows\setuperr.log
2012-11-11 13:28 - 2012-11-11 13:28 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-11-11 13:28 - 2012-11-11 13:28 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-11-11 13:28 - 2012-11-11 13:28 - 00000000 ____D C:\Program Files\Java
2012-11-11 07:34 - 2012-05-31 05:25 - 00279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-11-11 06:53 - 2012-11-11 06:53 - 00000000 ____D C:\Windows\ERUNT
2012-11-11 06:53 - 2012-11-11 06:53 - 00000000 ____D C:\JRT
2012-11-10 13:38 - 2012-11-12 11:54 - 00000512 ____A C:\Users\xxx\Desktop\MBR.dat
2012-11-08 10:36 - 2012-11-12 09:49 - 00000000 ____D C:\Users\xxx\Documents\erotische Texte
2012-10-30 07:05 - 2012-10-30 08:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-10-26 06:44 - 2012-10-26 06:44 - 00003072 ____A C:\Users\xxx\Documents\boom.gp5
2012-10-25 14:14 - 2012-10-25 14:14 - 00000000 ____D C:\Users\All Users\Duden
2012-10-25 14:14 - 2012-10-25 14:14 - 00000000 ____D C:\Users\All Users\Application Data\Duden
2012-10-25 14:13 - 2012-10-25 14:13 - 00000000 ____D C:\Program Files (x86)\Duden
2012-10-23 14:15 - 2012-10-24 05:12 - 00003716 ____A C:\Users\xxx\Documents\huhz.gp5
2012-10-19 06:15 - 2012-10-19 06:16 - 00003167 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
2012-10-18 15:13 - 2012-10-18 15:30 - 00003984 ____A C:\Users\xxx\Documents\blues.gp5
2012-10-17 02:16 - 2012-10-17 02:38 - 00000000 ____D C:\Users\xxx\Documents\vorschlägekalender2014
2012-10-16 14:41 - 2012-10-19 02:11 - 00030220 ____A C:\Users\xxx\Documents\crawford.gp5
2012-10-16 11:39 - 2012-10-31 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-16 11:39 - 2012-10-16 11:39 - 00000000 ____D C:\Users\All Users\Mozilla
2012-10-16 11:39 - 2012-10-16 11:39 - 00000000 ____D C:\Users\All Users\Application Data\Mozilla
2012-10-15 14:45 - 2012-10-16 09:47 - 00006886 ____A C:\Users\xxx\Documents\intro.gp5
==================== One Month Modified Files and Folders =======
2012-11-12 13:22 - 2011-06-21 14:41 - 01276306 ____A C:\Windows\WindowsUpdate.log
2012-11-12 13:16 - 2009-07-14 11:58 - 00654400 ____A C:\Windows\System32\perfh007.dat
2012-11-12 13:16 - 2009-07-14 11:58 - 00130240 ____A C:\Windows\System32\perfc007.dat
2012-11-12 13:16 - 2009-07-13 23:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-12 13:15 - 2012-11-12 13:15 - 00000000 ____D C:\Users\xxx\Desktop\stick sarah
2012-11-12 13:08 - 2012-11-12 13:08 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\xxx\Desktop\tdsskiller.exe
2012-11-12 13:01 - 2012-02-13 05:27 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-12 12:55 - 2012-04-04 02:36 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-12 11:55 - 2012-11-12 11:54 - 00001630 ____A C:\Users\xxx\Desktop\aswMBR.txt
2012-11-12 11:54 - 2012-11-10 13:38 - 00000512 ____A C:\Users\xxx\Desktop\MBR.dat
2012-11-12 10:20 - 2012-11-12 10:19 - 04732416 ____A (AVAST Software) C:\Users\xxx\Desktop\aswMBR.exe
2012-11-12 10:19 - 2012-11-12 10:18 - 00000470 ____A C:\Users\xxx\Desktop\defogger_disable.log
2012-11-12 10:18 - 2012-11-12 10:18 - 00000000 ____A C:\Users\xxx\defogger_reenable
2012-11-12 10:18 - 2009-12-10 13:37 - 00000000 ____D C:\users\xxx
2012-11-12 10:17 - 2012-11-12 10:17 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2012-11-12 09:49 - 2012-11-08 10:36 - 00000000 ____D C:\Users\xxx\Documents\erotische Texte
2012-11-12 09:46 - 2009-07-13 22:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-12 09:46 - 2009-07-13 22:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-12 09:39 - 2012-11-11 14:35 - 00000224 ____A C:\Windows\setupact.log
2012-11-12 09:39 - 2012-02-13 05:27 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-12 09:39 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-11 14:59 - 2011-06-27 04:38 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-11 14:35 - 2012-11-11 14:35 - 00000000 ____A C:\Windows\setuperr.log
2012-11-11 14:06 - 2012-02-13 07:28 - 00005652 ____A C:\Windows\PFRO.log
2012-11-11 14:02 - 2011-07-08 09:19 - 00000000 ____D C:\Program Files (x86)\Nokia
2012-11-11 14:00 - 2011-07-08 09:24 - 00000000 ____D C:\Users\xxx\AppData\Local\NokiaAccount
2012-11-11 13:49 - 2011-06-19 12:46 - 00000000 ____D C:\Windows\ERDNT
2012-11-11 13:47 - 2009-12-06 04:08 - 00000000 ____D C:\Users\All Users\Application Data\Adobe
2012-11-11 13:47 - 2009-12-06 04:08 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-11 13:47 - 2009-12-06 04:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-11-11 13:28 - 2012-11-11 13:28 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-11-11 13:28 - 2012-11-11 13:28 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-11-11 13:28 - 2012-11-11 13:28 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-11-11 13:28 - 2012-11-11 13:28 - 00000000 ____D C:\Program Files\Java
2012-11-11 13:28 - 2011-06-21 14:35 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-11-11 09:04 - 2011-06-20 01:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-11 07:14 - 2009-07-13 20:34 - 00000215 ____A C:\Windows\system.ini
2012-11-11 07:12 - 2012-07-16 04:27 - 00000000 ____D C:\Users\xxx\AppData\Roaming\convert
2012-11-11 06:53 - 2012-11-11 06:53 - 00000000 ____D C:\Windows\ERUNT
2012-11-11 06:53 - 2012-11-11 06:53 - 00000000 ____D C:\JRT
2012-11-11 05:56 - 2009-07-13 22:45 - 04978128 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-10 18:10 - 2009-12-10 13:37 - 00086504 ____A C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-10 12:52 - 2011-08-09 03:02 - 00000000 ____D C:\Program Files (x86)\Macromedia
2012-11-10 12:52 - 2011-08-09 03:00 - 00000000 ____D C:\Windows\Downloaded Installations
2012-11-10 02:18 - 2009-07-13 23:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-09 16:12 - 2009-12-13 08:48 - 00000000 ____D C:\Users\All Users\FLEXnet
2012-11-09 16:12 - 2009-12-13 08:48 - 00000000 ____D C:\Users\All Users\Application Data\FLEXnet
2012-11-09 03:55 - 2012-09-25 07:53 - 00000000 ____D C:\Users\xxx\Documents\janvonwerth
2012-11-09 03:55 - 2012-09-17 04:18 - 00000000 ____D C:\Users\xxx\Documents\Seminar Stilistik
2012-11-09 03:55 - 2012-08-19 07:07 - 00000000 ____D C:\Users\xxx\Documents\My Weblog Posts
2012-11-09 03:55 - 2012-08-12 03:22 - 00000000 ____D C:\Users\xxx\Documents\Liedtexte
2012-11-09 03:55 - 2011-06-28 10:49 - 00000000 ____D C:\Users\xxx\Documents\Rechnungen
2012-11-09 03:25 - 2012-08-21 02:58 - 00000000 ____D C:\Users\xxx\Documents\hochzeit
2012-11-08 10:11 - 2012-09-04 03:38 - 00000000 ____D C:\Users\xxx\Documents\heftroman
2012-11-08 08:03 - 2012-08-22 04:32 - 00000000 ____D C:\Users\xxx\Documents\My Kindle Content
2012-11-08 07:47 - 2012-08-12 05:54 - 00000000 ____D C:\Users\xxx\Documents\unter Tage
2012-11-06 08:55 - 2012-10-06 11:34 - 00000000 ____D C:\Users\xxx\Documents\hochzeitsfotos
2012-10-31 14:44 - 2012-10-16 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-30 16:51 - 2011-06-27 04:38 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-10-30 16:51 - 2011-06-27 04:38 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-10-30 16:51 - 2011-06-27 04:38 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-10-30 16:51 - 2011-06-27 04:38 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-10-30 16:51 - 2011-06-27 04:38 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-10-30 16:51 - 2011-06-27 04:38 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-10-30 16:50 - 2011-06-27 04:38 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-10-30 16:50 - 2011-06-27 04:38 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-10-30 08:03 - 2012-10-30 07:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-10-26 06:44 - 2012-10-26 06:44 - 00003072 ____A C:\Users\xxx\Documents\boom.gp5
2012-10-25 14:14 - 2012-10-25 14:14 - 00000000 ____D C:\Users\All Users\Duden
2012-10-25 14:14 - 2012-10-25 14:14 - 00000000 ____D C:\Users\All Users\Application Data\Duden
2012-10-25 14:13 - 2012-10-25 14:13 - 00000000 ____D C:\Program Files (x86)\Duden
2012-10-24 05:12 - 2012-10-23 14:15 - 00003716 ____A C:\Users\xxx\Documents\huhz.gp5
2012-10-19 06:16 - 2012-10-19 06:15 - 00003167 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
2012-10-19 02:11 - 2012-10-16 14:41 - 00030220 ____A C:\Users\xxx\Documents\crawford.gp5
2012-10-18 15:30 - 2012-10-18 15:13 - 00003984 ____A C:\Users\xxx\Documents\blues.gp5
2012-10-17 15:32 - 2010-04-15 03:26 - 00082672 ____A C:\Users\xxx\AppData\Roaming\GDIPFONTCACHEV1.DAT
2012-10-17 02:38 - 2012-10-17 02:16 - 00000000 ____D C:\Users\xxx\Documents\vorschlägekalender2014
2012-10-16 11:39 - 2012-10-16 11:39 - 00000000 ____D C:\Users\All Users\Mozilla
2012-10-16 11:39 - 2012-10-16 11:39 - 00000000 ____D C:\Users\All Users\Application Data\Mozilla
2012-10-16 09:47 - 2012-10-15 14:45 - 00006886 ____A C:\Users\xxx\Documents\intro.gp5
2012-10-16 06:47 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2012-10-15 10:59 - 2012-11-11 14:50 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-11 13:51:09
Restore point made on: 2012-11-11 14:02:22
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 4092.36 MB
Available physical RAM: 3506.71 MB
Total Pagefile: 4090.5 MB
Available Pagefile: 3497.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:115.4 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: (Cruzer) (Removable) (Total:7.47 GB) (Free:7.47 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 232 GB 0 B
Datentr„ger 1 Kein Medium 0 B 0 B
Datentr„ger 2 Online 7663 MB 0 B
Partitions of Disk 0:
===============
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Prim„r 14 GB 40 MB
Partition 3 Prim„r 218 GB 14 GB
==================================================================================
Disk: 0
Partition 1
Typ : DE
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 FAT Partition 39 MB Fehlerfre Versteck
=========================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVERY NTFS Partition 14 GB Fehlerfre
=========================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 218 GB Fehlerfre
=========================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 218 GB Fehlerfre
=========================================================
Partitions of Disk 2:
===============
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 7655 MB 22 KB
==================================================================================
Disk: 2
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F Cruzer FAT32 Wechselmed 7655 MB Fehlerfre
=========================================================
Disk: 2
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F Cruzer FAT32 Wechselmed 7655 MB Fehlerfre
=========================================================
Last Boot: 2012-11-07 03:23
==================== End Of Log =============================
|
|
13.11.2012, 17:29
| #7 |
| /// TB-Ausbilder | Win7 nur noch im abgesicherten Modus startbar Servus, also ich seh da kein Rootkit.  Wir verwenden ein neues Tool von Malwarebytes: Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers! |
|
| Themen zu Win7 nur noch im abgesicherten Modus startbar |
| administrator, anti-malware, appdata, autostart, datei, desktop, desktop.ini, download, explorer, fehler, firefox, html, install.exe, intranet, loadtbs-3.0, log, malwarebytes, microsoft, mozilla, nach download, neu, nodrives, plug-in, programm, rechner, rechtsklick, richtlinie, scan, schließen, software, taskmanager, version., win7, windowssuche |
Hybrid-Darstellung
