| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: cash-trojaner in form von antivirus programmWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.12.2012, 10:02
| #1 |
 |  cash-trojaner in form von antivirus programm Liebes Forum! habe mir wohl vorhin einen netten virus/trojaner eingefangen. Er ist als Antivirus-programm getarnt; sobald man den computer hochfährt (funktioniert ganz normal) startet dieses "antivirus-programm" zusammen mit den anderen autostart programmen, es erscheint ein pop-up in dem ein "systemscan" (schaut ähnlich aus wie bei z.b. Avira oder anderen antivirus-programmen) durchläuft. Außerdem werde ich aufgefordert, eine vollversion des programms online zu kaufen (angeblich wird dann mein system bereinigt). Außer dem internet explorer kann ich kein anderes programm öffnen, diese werden automatisch vom virus blockiert. Außerdem fährt sich das system nach kurzer zeit mit der meldung "your computer has been shutdown to prevent damage...". Gibt es außer einer rescue disc auch noch andere Möglichkeiten den virus zu blockieren, so dass ich dann einen scan mit einem antivirus-programm(bzw malwarebytes) durchführen kann?(z.b.über eine manuel eingegebene url im internet explorer,etc?) Ich hoffe ihr könnt mir helfen, schonmal vielen dank für eure mühe! Lg max |
|
21.12.2012, 12:59
| #2 |
| /// Malware-holic   | cash-trojaner in form von antivirus programm Hi
__________________versuche folgenes: Neustart, drücke f8 wähle abgesicherter Modus mit Netzwerk. Wähle das betroffene Konto, arbeiten sollte möglich sein. Wenn dem so ist: Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
21.12.2012, 14:07
| #3 |
| | cash-trojaner in form von antivirus programm Hallo Markus, hier die beiden Inhalte:
__________________OTL.TXT:OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.12.2012 13:43:55 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,06% Memory free 6,18 Gb Paging File | 4,92 Gb Available in Paging File | 79,58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 278,32 Gb Total Space | 98,46 Gb Free Space | 35,37% Space Free | Partition Type: NTFS Drive D: | 19,76 Gb Total Space | 7,11 Gb Free Space | 35,99% Space Free | Partition Type: FAT32 Drive E: | 612,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MAX-LAPTOP | User Name: Max | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.21 13:38:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Downloads\OTL.exe PRC - [2012.10.29 22:25:48 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012.10.08 19:21:32 | 006,286,784 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe PRC - [2012.10.08 19:21:22 | 000,766,400 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.09.19 11:01:32 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files\Protected Search\ProtectedSearch.exe PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe PRC - [2012.08.01 08:14:13 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.24 01:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.08.29 19:11:38 | 002,436,392 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\VITAKEY\CompPtcVUI.exe PRC - [2008.08.29 19:11:38 | 002,180,392 | ---- | M] () -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe PRC - [2008.08.28 14:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe PRC - [2008.08.04 15:45:56 | 000,304,688 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe PRC - [2008.08.04 15:45:54 | 000,334,384 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlNotifyIcon.exe PRC - [2008.08.04 15:45:52 | 000,326,192 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2008.07.24 17:16:02 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.02.28 17:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) -- C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe PRC - [2008.01.21 03:24:29 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE PRC - [2008.01.21 03:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe PRC - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe ========== Modules (No Company Name) ========== MOD - [2009.10.16 10:02:09 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll MOD - [2009.10.15 11:32:49 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2009.10.15 11:32:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2009.10.15 11:31:37 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2009.10.15 11:31:28 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2008.08.28 14:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9) SRV - [2012.12.11 21:48:38 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.08 19:21:22 | 000,766,400 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.09.06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService) SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2008.08.29 19:11:38 | 002,180,392 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe -- (IGBASVC) SRV - [2008.08.04 15:45:56 | 000,304,688 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2008.02.28 17:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing) SRV - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys -- (Profos) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - [2012.06.22 12:01:30 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\EsgScanner.sys -- (EsgScanner) DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 20:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.11.18 11:43:28 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2008.08.28 13:27:57 | 000,066,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FPWinIo.sys -- (FPWinIo) DRV - [2008.08.28 13:27:45 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) DRV - [2008.08.08 03:15:00 | 007,555,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.08.06 15:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.08.05 23:59:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.08.04 15:46:06 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV - [2008.08.04 15:46:04 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV - [2008.08.04 15:46:04 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV - [2008.07.10 10:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2008.04.28 05:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2007.07.31 10:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap) DRV - [2006.11.30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF) DRV - [2006.11.17 09:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: DivXWebPlayer@divx.com:2.0.2.039 FF - prefs.js..extensions.enabledAddons: tabscope@xuldev.org:1.1.7 FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1 FF - prefs.js..extensions.enabledAddons: stealthyextension@gmail.com:2.4 FF - prefs.js..extensions.enabledAddons: toolbar@gmx.net:2.3.4 FF - prefs.js..network.proxy.ftp: "108.6.53.45" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "108.6.53.45" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "108.6.53.45" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "108.6.53.45" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( ) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Max\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.06 16:30:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\components [2012.10.04 13:05:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\plugins [2012.01.09 00:16:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.06 16:30:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter [2008.11.13 15:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions [2012.11.25 21:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\f8071s33.default\extensions [2012.05.14 22:33:25 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\DivXWebPlayer@divx.com.xpi [2012.10.25 16:15:46 | 000,183,174 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\stealthyextension@gmail.com.xpi [2012.07.24 15:31:03 | 000,057,698 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\tabscope@xuldev.org.xpi [2012.11.18 17:47:03 | 000,510,620 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\toolbar@gmx.net.xpi [2011.07.29 05:11:30 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012.09.01 15:07:20 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012.11.25 21:42:31 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.11.18 17:47:11 | 000,000,911 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\searchplugins\11-suche.xml [2012.11.18 17:47:11 | 000,002,273 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\searchplugins\englische-ergebnisse.xml [2012.11.18 17:47:11 | 000,010,563 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\searchplugins\gmx-suche.xml [2012.11.18 17:47:11 | 000,002,432 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\searchplugins\lastminute.xml [2012.11.18 17:47:10 | 000,005,545 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\f8071s33.default\searchplugins\webde-suche.xml Hosts file not found O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\Max\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL () O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Facebook Update] C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{228BBEBE-E967-411B-B950-8E7B8C6843A4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Max\Pictures\Korsika gr20 17.7--27.7.11\P1040871.JPG O24 - Desktop BackupWallPaper: C:\Users\Max\Pictures\Korsika gr20 17.7--27.7.11\P1040871.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2005.07.26 14:12:13 | 001,019,904 | R--- | M] (Microsoft Corporation) - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2005.07.15 11:26:36 | 000,000,238 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{16587436-8df8-11e0-ac6f-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{16587436-8df8-11e0-ac6f-001f160a3a15}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{42ad6680-b17c-11dd-a15e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{42ad6680-b17c-11dd-a15e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2005.07.26 14:12:13 | 001,019,904 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{42ad6680-b17c-11dd-a15e-806e6f6e6963}\Shell\directx\command - "" = E:\directx9\DXSETUP.exe -- [2005.03.18 18:19:42 | 000,480,976 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{42ad6680-b17c-11dd-a15e-806e6f6e6963}\Shell\setup\command - "" = E:\setup.exe -- [2005.07.27 10:13:30 | 000,253,952 | R--- | M] () O33 - MountPoints2\{5ac0cfd5-4493-11de-878b-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{5ac0cfd5-4493-11de-878b-001f160a3a15}\Shell\AutoRun\command - "" = I:\AUTORUN.EXE O33 - MountPoints2\{b234fce6-b82d-11df-a975-001f160a3a15}\Shell\AutoRun\command - "" = Toshiba\Launcher\start.exe O33 - MountPoints2\{cff39b1a-4492-11de-a4eb-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{cff39b1a-4492-11de-a4eb-001f160a3a15}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{f179dca4-5ff7-11df-a0e6-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{f179dca4-5ff7-11df-a0e6-001f160a3a15}\Shell\AutoRun\command - "" = G:\NPSAI.exe O33 - MountPoints2\{f60bc3d2-8dbd-11e0-8095-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{f60bc3d2-8dbd-11e0-8095-001f160a3a15}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f60bc3de-8dbd-11e0-8095-001f160a3a15}\Shell - "" = AutoRun O33 - MountPoints2\{f60bc3de-8dbd-11e0-8095-001f160a3a15}\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard) MsConfig - StartUpReg: LanguageShortcut - hkey= - key= - C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe () MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: toolbar_eula_launcher - hkey= - key= - C:\Program Files\GoogleEULA\EULALauncher.exe ( ) MsConfig - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig - StartUpReg: VitaKeyPdtWzd - hkey= - key= - C:\Program Files\EgisTec\VITAKEY\PdtWzd.exe (Egis Technology Inc.) MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.12.21 13:38:22 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter [2012.12.21 13:38:21 | 000,000,000 | ---D | C] -- C:\sh4ldr [2012.12.21 13:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012.12.21 13:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2012.12.21 08:02:09 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection [2012.12.20 01:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\B29DC45FEC3E1A310000B29D11C81F76 [2012.12.19 15:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012.12.18 23:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.12.18 23:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.12.10 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2012.12.10 22:37:29 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.12.05 15:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012.12.05 15:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2012.12.04 17:34:38 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Wg [2012.12.02 13:44:19 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Hotelmanagement [2012.10.04 13:05:40 | 000,073,696 | ---- | C] (Mozilla Foundation) -- C:\Program Files\breakpadinjector.dll [2012.07.31 08:50:46 | 002,288,608 | ---- | C] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll [2012.07.31 08:50:46 | 000,770,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr100.dll [2012.07.31 08:50:46 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp100.dll [2012.07.31 08:50:46 | 000,192,600 | ---- | C] (Mozilla Corporation) -- C:\Program Files\maintenanceservice_installer.exe [2012.07.31 08:50:46 | 000,114,144 | ---- | C] (Mozilla Foundation) -- C:\Program Files\maintenanceservice.exe [2012.07.31 08:50:46 | 000,068,576 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozglue.dll [2011.07.08 13:37:18 | 000,813,536 | ---- | C] (sqlite.org) -- C:\Program Files\mozsqlite3.dll [2011.07.08 13:37:18 | 000,016,864 | ---- | C] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe [2011.07.08 13:37:17 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll [2011.07.08 13:37:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll [2011.07.08 13:37:17 | 000,425,952 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll [2011.07.08 13:37:17 | 000,082,400 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libEGL.dll [2011.07.08 13:37:17 | 000,015,840 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll [2008.11.13 15:23:11 | 015,632,352 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll [2008.11.13 15:23:11 | 000,917,984 | ---- | C] (Mozilla Corporation) -- C:\Program Files\firefox.exe [2008.11.13 15:23:11 | 000,638,432 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nss3.dll [2008.11.13 15:23:11 | 000,370,656 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssckbi.dll [2008.11.13 15:23:11 | 000,270,304 | ---- | C] (Mozilla Foundation) -- C:\Program Files\updater.exe [2008.11.13 15:23:11 | 000,258,528 | ---- | C] (Mozilla Foundation) -- C:\Program Files\freebl3.dll [2008.11.13 15:23:11 | 000,171,488 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nspr4.dll [2008.11.13 15:23:11 | 000,155,104 | ---- | C] (Mozilla Foundation) -- C:\Program Files\softokn3.dll [2008.11.13 15:23:11 | 000,145,376 | ---- | C] (Mozilla Foundation) -- C:\Program Files\ssl3.dll [2008.11.13 15:23:11 | 000,118,240 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe [2008.11.13 15:23:11 | 000,096,224 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssdbm3.dll [2008.11.13 15:23:11 | 000,092,640 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssutil3.dll [2008.11.13 15:23:11 | 000,091,104 | ---- | C] (Mozilla Foundation) -- C:\Program Files\smime3.dll [2008.11.13 15:23:11 | 000,021,472 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plc4.dll [2008.11.13 15:23:11 | 000,020,960 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plds4.dll [2008.11.13 15:23:11 | 000,019,424 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xpcom.dll [2008.11.13 15:23:11 | 000,018,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\AccessibleMarshal.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Max\*.tmp files -> C:\Users\Max\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.21 13:48:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.21 13:45:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job [2012.12.21 13:38:22 | 000,002,037 | ---- | M] () -- C:\Users\Max\Desktop\SpyHunter.lnk [2012.12.21 13:36:00 | 000,042,369 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.12.21 13:34:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.21 13:34:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.21 13:34:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.21 13:34:07 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys [2012.12.21 13:32:38 | 274,255,397 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.12.21 08:02:09 | 000,002,016 | ---- | M] () -- C:\Users\Max\Desktop\System Progressive Protection.lnk [2012.12.20 01:19:06 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.12.20 01:18:28 | 000,051,172 | ---- | M] () -- C:\Users\Max\Desktop\SampleSuiteKamin.JPG [2012.12.20 01:13:24 | 000,055,653 | ---- | M] () -- C:\Users\Max\Desktop\Google Maps Zell.JPG [2012.12.20 00:15:01 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-975523181-3936759746-3493527704-1001UA.job [2012.12.19 15:56:29 | 000,001,875 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.12.19 15:56:29 | 000,001,875 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.12.19 12:15:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-975523181-3936759746-3493527704-1001Core.job [2012.12.18 23:04:27 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.12.11 21:13:04 | 000,423,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.10 22:37:29 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.12.07 14:39:06 | 000,680,833 | ---- | M] () -- C:\Users\Max\Desktop\statusbericht-2012.pdf [2012.12.07 11:17:05 | 000,050,291 | ---- | M] () -- C:\Users\Max\Desktop\ankuenfte_und_naechtigungen_im_tourismus-kalenderjahr_2002_bis_2011_030028.pdf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Max\*.tmp files -> C:\Users\Max\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.12.21 13:38:22 | 000,002,037 | ---- | C] () -- C:\Users\Max\Desktop\SpyHunter.lnk [2012.12.21 13:34:07 | 3215,839,232 | -HS- | C] () -- C:\hiberfil.sys [2012.12.21 08:02:09 | 000,002,016 | ---- | C] () -- C:\Users\Max\Desktop\System Progressive Protection.lnk [2012.12.20 01:18:25 | 000,051,172 | ---- | C] () -- C:\Users\Max\Desktop\SampleSuiteKamin.JPG [2012.12.20 01:13:21 | 000,055,653 | ---- | C] () -- C:\Users\Max\Desktop\Google Maps Zell.JPG [2012.12.19 15:56:29 | 000,001,875 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.12.10 22:37:29 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.12.07 14:39:05 | 000,680,833 | ---- | C] () -- C:\Users\Max\Desktop\statusbericht-2012.pdf [2012.12.07 11:17:05 | 000,050,291 | ---- | C] () -- C:\Users\Max\Desktop\ankuenfte_und_naechtigungen_im_tourismus-kalenderjahr_2002_bis_2011_030028.pdf [2012.12.05 15:56:04 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.10.03 22:43:52 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe [2012.07.31 08:50:46 | 008,381,460 | ---- | C] () -- C:\Program Files\omni.ja [2012.07.31 08:50:46 | 000,000,132 | ---- | C] () -- C:\Program Files\update-settings.ini [2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\Windows\System32\ESGScanner.sys [2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\Windows\System32\drivers\EsgScanner.sys [2011.09.30 21:39:10 | 002,244,064 | ---- | C] () -- C:\Program Files\mozjs.dll [2011.09.06 16:21:33 | 000,192,699 | ---- | C] () -- C:\Windows\hpoins51.dat [2011.07.12 13:30:21 | 000,000,680 | ---- | C] () -- C:\Users\Max\AppData\Local\d3d9caps.dat [2011.07.08 13:37:18 | 000,035,818 | ---- | C] () -- C:\Program Files\removed-files [2011.07.08 13:37:18 | 000,001,560 | ---- | C] () -- C:\Program Files\precomplete [2011.07.08 13:37:18 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk [2011.07.08 13:37:17 | 000,000,142 | ---- | C] () -- C:\Program Files\dependentlibs.list [2011.03.30 12:26:26 | 000,000,170 | ---- | C] () -- C:\Users\Max\AppData\Roaming\wklnhst.dat [2010.09.26 16:41:48 | 000,000,091 | ---- | C] () -- C:\Users\Max\AppData\Local\fusioncache.dat [2008.11.13 15:23:14 | 000,001,041 | ---- | C] () -- C:\Program Files\updater.ini [2008.11.13 15:23:11 | 000,023,999 | ---- | C] () -- C:\Program Files\blocklist.xml [2008.11.13 15:23:11 | 000,004,284 | ---- | C] () -- C:\Program Files\crashreporter.ini [2008.11.13 15:23:11 | 000,000,706 | ---- | C] () -- C:\Program Files\crashreporter-override.ini [2008.11.13 15:23:11 | 000,000,478 | ---- | C] () -- C:\Program Files\softokn3.chk [2008.11.13 15:23:11 | 000,000,478 | ---- | C] () -- C:\Program Files\freebl3.chk [2008.11.13 15:23:11 | 000,000,463 | ---- | C] () -- C:\Program Files\application.ini [2008.11.13 15:23:11 | 000,000,142 | ---- | C] () -- C:\Program Files\platform.ini [2008.11.13 14:47:00 | 000,071,168 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.08.28 05:28:06 | 000,042,369 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.08.28 05:22:57 | 000,042,369 | ---- | C] () -- C:\ProgramData\nvModes.dat ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2008.11.06 14:14:25 | 011,580,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2008.12.03 19:10:08 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\albumart [2009.03.05 20:20:15 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Buhl Data Service GmbH [2009.05.19 18:17:13 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DAEMON Tools [2011.10.19 23:37:37 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DAEMON Tools Lite [2010.11.22 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DataCast [2012.01.23 19:00:12 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\elsterformular [2011.11.05 14:32:33 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\gtk-2.0 [2009.03.05 19:49:23 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Kazaa Lite [2012.05.07 13:51:36 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Media Finder [2010.06.06 17:51:25 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\OpenOffice.org [2011.12.15 17:00:37 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Opera [2012.12.19 23:14:18 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Spotify [2011.06.03 09:50:56 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\T-Mobile [2011.06.05 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\T-Mobile Internet Manager [2011.11.05 16:53:22 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Template [2012.05.20 23:12:56 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\uTorrent [2008.12.24 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\VMedia [2012.05.06 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\VSO ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2008.11.13 14:24:49 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2008.08.28 13:16:34 | 000,000,000 | -HSD | M] -- C:\Boot [2012.12.21 13:38:23 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2008.11.13 14:20:36 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2009.11.18 15:58:10 | 000,000,000 | ---D | M] -- C:\Games [2008.08.28 04:50:19 | 000,000,000 | ---D | M] -- C:\Intel [2010.11.22 17:29:44 | 000,000,000 | ---D | M] -- C:\Manual-PCProgram [2008.11.20 11:23:43 | 000,000,000 | ---D | M] -- C:\My Music [2009.11.10 14:41:17 | 000,000,000 | -H-D | M] -- C:\MyWinLockerData [2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.12.21 13:38:21 | 000,000,000 | ---D | M] -- C:\Program Files [2012.12.20 01:17:14 | 000,000,000 | -H-D | M] -- C:\ProgramData [2008.11.13 14:20:36 | 000,000,000 | -HSD | M] -- C:\Programme [2008.09.02 09:40:06 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2012.12.21 13:38:40 | 000,000,000 | ---D | M] -- C:\sh4ldr [2012.12.17 09:37:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008.11.13 14:24:24 | 000,000,000 | R--D | M] -- C:\Users [2012.12.21 13:37:24 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > [2012.09.06 02:24:57 | 000,118,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe [2012.09.06 02:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\firefox.exe [2012.09.06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\maintenanceservice.exe [2012.09.06 02:25:07 | 000,192,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\maintenanceservice_installer.exe [2012.09.06 02:25:24 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe [2012.09.06 02:25:29 | 000,270,304 | ---- | M] (Mozilla Foundation) -- C:\Program Files\updater.exe < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2008.01.21 03:24:48 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 14:01:49 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2008.08.28 06:26:12 | 000,000,438 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job [2012.07.02 19:02:04 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.07.02 20:02:01 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-975523181-3936759746-3493527704-1001Core.job [2012.07.02 20:02:02 | 000,001,130 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-975523181-3936759746-3493527704-1001UA.job < MD5 for: AGP440.SYS > [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008.08.13 12:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys [2008.08.13 12:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2008.08.13 12:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.08.13 12:05:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2009.11.18 11:43:28 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.12.21 13:56:10 | 003,145,728 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT [2012.12.21 13:56:10 | 000,262,144 | -H-- | M] () -- C:\Users\Max\ntuser.dat.LOG1 [2008.11.13 14:24:29 | 000,000,000 | -H-- | M] () -- C:\Users\Max\ntuser.dat.LOG2 [2012.12.20 01:19:17 | 000,065,536 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012.05.02 13:35:24 | 000,524,288 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2012.12.20 01:19:17 | 000,524,288 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2008.11.13 14:24:30 | 000,000,020 | -HS- | M] () -- C:\Users\Max\ntuser.ini [2 C:\Users\Max\*.tmp files -> C:\Users\Max\*.tmp -> ] < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < End of report > und hier Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.12.2012 13:43:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,06% Memory free
6,18 Gb Paging File | 4,92 Gb Available in Paging File | 79,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 98,46 Gb Free Space | 35,37% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 7,11 Gb Free Space | 35,99% Space Free | Partition Type: FAT32
Drive E: | 612,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MAX-LAPTOP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AF7F2DA-45AD-4834-A6EC-9EAB4AF94E96}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0CAFA5E0-0252-4A48-9976-60C6E533778A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{150C0E4E-36A1-4DBD-BFB8-3C54C6A37853}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2F369A2E-F969-4F6E-BE43-1F8C93231A47}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{48414C9A-C22C-40DB-836A-1EA696D71D3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{490144AF-B66A-48D1-BA07-4995E873D6C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F572812-9445-41B0-8270-DB823E0C4D49}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B89F128-CF15-4A5F-87A4-F81D79DBAEA5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
"{A1822F71-1510-4AA8-AD88-4B8F657E9B61}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A47EEB1C-D176-4ECA-80C9-B7D8165BA082}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AAD00952-9B0A-4921-BF7B-3932A63CC321}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B096D949-1DC9-4A45-9EE5-9CF7DE9383CD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B100512D-7F34-47BB-8F62-61282C1D5F16}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B3798C12-2BF8-4275-A994-14C17289DBAD}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9E3716B-E3F7-4B92-88ED-FEAE933F5219}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C7E5E2FA-93E4-484B-919E-DD2395F5CB19}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C8C95885-D20F-4637-B3CB-6C81B87572B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDF57513-78AE-49B7-9D99-4FDF1827F44D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE5D098C-B367-4A5F-BFBD-1350F8506ADF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7DAD460-4C5E-42BF-82ED-6BD8E1B8044D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DBB94D04-67EB-4D7F-A60F-554E9C6421A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E22E2B07-A360-4256-A373-4D8FC46F5832}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7C3E02C-26D8-49A9-A1BA-52A0C07A9AE4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FB212189-A942-433C-9F26-1BF32E996E26}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08178A86-FC92-4FA8-B683-978C8E6E309B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D50362F-28FC-4295-BDFD-D7AFE796FBBE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11ED0ACA-2D1A-4951-BDE1-FF2339C70DD3}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{19AF27F0-4669-4D22-AD21-76029E7E040D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1C0F3FD3-A01B-4EE2-B03B-86A13FB12FFC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{2CC617DA-5987-4283-A7D4-139173F79970}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{36A0C657-C33B-4DB3-B709-75FE3104625D}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{3E82D4C8-E1EE-4338-9AE2-8A5C062D5BE0}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{4BD32049-963F-47E1-841B-728E89C53E0D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{51C6574D-4FC9-4669-87E7-4B1B7C0C082B}" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\cstrike.exe |
"{51F62A65-9BCD-44F1-8222-ACD5BA2AB4DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{5414BDB9-0BF8-4E1B-8DE6-4DE0D0518ACA}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{562A6468-012C-4CA9-8E3F-3F1CCE44C408}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5A0010C3-31A1-4354-8A4C-CF3A9E7CF072}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{672DE667-2C77-488F-AFEF-FFE1C6C05131}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{67D8233F-9EA5-4E2B-BF7A-61FD773965A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6EE67986-678F-471D-AD4C-0BE387BA05F4}" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\cstrike.exe |
"{70361967-6D2A-4BA0-9496-736B11A1DF69}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7182D7B4-C08D-499E-97EF-532EB06A549E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{79DCD69C-14B5-4F5F-B832-3D235F302D7B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{7E0E9340-14EA-40F5-8771-0A161A18BFB4}" = protocol=6 | dir=out | app=system |
"{83EAF726-F844-4BA0-B7C7-7957C3426B87}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E76B9E0-3270-42EE-8DF6-60AC0B2B2FB4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{8F7C75A4-9BC1-4DD1-A2C3-92B113856D4F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A0B766AD-8EE8-4E82-8582-E9C683953639}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5D5BE6B-2A13-4915-9D0E-B6068ED1BEF3}" = protocol=6 | dir=out | app=system |
"{A6852140-0CAC-437B-9E14-360A03C73640}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{AA7FF8A5-B82B-4F7B-9243-1644220AD074}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C2E9A4DD-1D26-4C40-A845-206AEEB8C0A1}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{C996CD8B-D410-4AE5-A2F6-5B075C20624D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{CE0B5422-176D-4B5A-AFD8-FD2DF88A15E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8FB8F8D-8F98-43A6-B850-E2A6A4E0B283}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{D92FA018-878C-458E-B2CF-200FB570E749}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{DDD55337-BB42-4E79-8EFD-5711A8C9C4E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E275B957-E8F9-4290-964C-5AC63719B8C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7B2CAC9-DA9F-48C9-96BF-1590E9EC5519}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{E8928B1C-617C-4ED1-BB85-7702E5175115}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{EF55CF96-4BF8-4EBD-8C2A-9122E6E4457E}" = protocol=6 | dir=in | app=c:\program files\pokerstars\pokerstarsupdate.exe |
"{F2303714-9ABA-4147-ABED-75BD3CAF4A08}" = dir=in | app=c:\users\max\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F4236D1F-2F25-431F-91D7-7FEA9CFF1DDC}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{F91A3D79-F3AF-42CE-86ED-3B00F2EA822E}" = protocol=17 | dir=in | app=c:\program files\pokerstars\pokerstarsupdate.exe |
"{FDFC7375-FD51-46A2-A2D1-E41F56DF5300}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"TCP Query User{07B10B45-E8BD-4B48-9744-16F11EBADBEC}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{08DC67A0-75A7-4E5C-8137-4444287EC543}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{0A4031CC-67A4-4DF3-BA17-F43A4B2C1562}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{115E0916-9B76-4BB9-8B24-E86F2EF60DA4}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{428CBC7C-4BC6-44D5-81B9-0F640A019C07}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8CFAD4E1-9A3D-40E0-ABFF-054EE9E80B49}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{B1963E15-87FC-42EF-9B47-331D5E5B9F14}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{D5DACDDF-4D73-45CE-A5DF-F2B6165A87A9}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{E89D479F-F7D7-4051-BDD3-D062580EC445}C:\program files\firefox.exe" = protocol=6 | dir=in | app=c:\program files\firefox.exe |
"TCP Query User{F72D9996-D86A-4C5F-AE77-6281055FBE81}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"UDP Query User{01DE0C2F-83E4-44B2-A5DA-8DA5ADF5FF2A}C:\program files\firefox.exe" = protocol=17 | dir=in | app=c:\program files\firefox.exe |
"UDP Query User{0FCF6B02-80A8-4D84-8422-154E23442200}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{0FE589C8-3CDE-44F7-8E58-9F437D8B2EBD}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{2A823523-915C-43FF-BED7-36E05316DF1C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{50DAF547-9755-4BC8-A240-6DFBD6898A60}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{64306117-AAA4-4868-AF30-12260B994D29}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{C9AD8BD0-241E-4DFE-95FB-C4015DB59AC5}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{D8DC731C-4ED3-4117-99BA-2A6FCD6A0228}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"UDP Query User{E45B6565-7895-4FC1-9B2F-9960858F41E8}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{F72F3FF4-DDD2-4D25-941A-AF2C6A4C6FC5}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Foxlink Webcam
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.1.7.4
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{505522F8-9BAF-4CB4-8767-EE074BB0ECE1}" = PS_AIO_07_B010_SW_Min
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{81830FEF-866C-4DC0-9435-B6287B1EDD8A}" = HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF46E02-3A99-4469-AE99-EAAE51FE8F9F}" = B010
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9428A68A-9B43-473D-9771-FDA1D15B4C0D}" = VITAKEY
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1D08B90-AE1A-4885-AC29-731496FD397E}" = Windows Live Fotogalerie
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDABC667-56B3-4122-82B0-2F5782EA2F9A}" = SpyHunter
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Counter-Strike 1.6" = Counter-Strike 1.6
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{9428A68A-9B43-473D-9771-FDA1D15B4C0D}" = VITAKEY
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"LetsTrade" = LetsTrade Komponenten
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Protected Search_is1" = Protected Search 1.1
"RarZilla Free Unrar 2.53" = RarZilla Free Unrar 2.53
"uTorrent" = µTorrent
"Videoload Manager" = Videoload Manager 2.0.2200
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"X10Hardware" = X10 Hardware(TM)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
Wie gehts weiter?  |
|
21.12.2012, 14:24
| #4 |
| /// Malware-holic | cash-trojaner in form von antivirus programm hi dass dein PC sich Schadsoftware fängt, ist kein Wunder, kaum Windows Updates instaliert, Software nicht aktuell gehalten, dass ist quasi eine Einladung... Das werden wir, wenn wir fertig sind, ändern :-) dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
[2012.12.21 08:02:09 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection
[2012.12.21 08:02:09 | 000,002,016 | ---- | M] () -- C:\Users\Max\Desktop\System Progressive Protection.lnk
:Files
:Commands
[Reboot]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden lade unhide: http://filepony.de/download-unhide/ doppelklicken, dateien werden sichtbar Teile mir bitte mit, ob du Erfolg hattest, fertig sind wir dann noch nicht.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.12.2012, 14:41
| #5 |
| | cash-trojaner in form von antivirus programm Hi - ja, das muss ich auf mangelndes wissen (und interesse) schieben...sollte sich nun vllt ändern... also neustart hat problemlos funktioniert, das desktopsymbol von dem virus/trojaner-programm ist nun immerhin schonmal weg. allerdings habe ich kein textdokument gefunden... |
|
21.12.2012, 14:43
| #6 |
| /// Malware-holic | cash-trojaner in form von antivirus programm Macht nichts. Unhide ausgeführt? falls nein, erledige dies noch, dann: download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> cash-trojaner in form von antivirus programm |
|
21.12.2012, 15:04
| #7 |
| | cash-trojaner in form von antivirus programm hier das log: 14:58:21.0668 0644 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 14:58:21.0871 0644 ============================================================ 14:58:21.0871 0644 Current date / time: 2012/12/21 14:58:21.0871 14:58:21.0871 0644 SystemInfo: 14:58:21.0871 0644 14:58:21.0871 0644 OS Version: 6.0.6001 ServicePack: 1.0 14:58:21.0871 0644 Product type: Workstation 14:58:21.0871 0644 ComputerName: MAX-LAPTOP 14:58:21.0871 0644 UserName: Max 14:58:21.0871 0644 Windows directory: C:\Windows 14:58:21.0871 0644 System windows directory: C:\Windows 14:58:21.0871 0644 Processor architecture: Intel x86 14:58:21.0871 0644 Number of processors: 2 14:58:21.0871 0644 Page size: 0x1000 14:58:21.0871 0644 Boot type: Normal boot 14:58:21.0871 0644 ============================================================ 14:58:23.0259 0644 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:58:23.0275 0644 ============================================================ 14:58:23.0275 0644 \Device\Harddisk0\DR0: 14:58:23.0275 0644 MBR partitions: 14:58:23.0275 0644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22CA4800 14:58:23.0275 0644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x22CA5000, BlocksNum 0x2789000 14:58:23.0275 0644 ============================================================ 14:58:23.0322 0644 C: <-> \Device\Harddisk0\DR0\Partition1 14:58:23.0353 0644 D: <-> \Device\Harddisk0\DR0\Partition2 14:58:23.0368 0644 ============================================================ 14:58:23.0368 0644 Initialize success 14:58:23.0368 0644 ============================================================ 14:58:45.0723 2380 ============================================================ 14:58:45.0723 2380 Scan started 14:58:45.0723 2380 Mode: Manual; SigCheck; TDLFS; 14:58:45.0723 2380 ============================================================ 14:58:46.0222 2380 ================ Scan system memory ======================== 14:58:46.0222 2380 System memory - ok 14:58:46.0222 2380 ================ Scan services ============================= 14:58:46.0425 2380 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 14:58:46.0519 2380 ACPI - ok 14:58:46.0628 2380 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:58:46.0644 2380 AdobeFlashPlayerUpdateSvc - ok 14:58:46.0675 2380 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 14:58:46.0690 2380 adp94xx - ok 14:58:46.0722 2380 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 14:58:46.0753 2380 adpahci - ok 14:58:46.0768 2380 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 14:58:46.0768 2380 adpu160m - ok 14:58:46.0800 2380 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 14:58:46.0815 2380 adpu320 - ok 14:58:46.0846 2380 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 14:58:46.0909 2380 AeLookupSvc - ok 14:58:46.0924 2380 [ 763E172A55177E478CB419F88FD0BA03 ] AFD C:\Windows\system32\drivers\afd.sys 14:58:47.0002 2380 AFD - ok 14:58:47.0049 2380 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 14:58:47.0065 2380 agp440 - ok 14:58:47.0112 2380 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 14:58:47.0127 2380 aic78xx - ok 14:58:47.0143 2380 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 14:58:47.0190 2380 ALG - ok 14:58:47.0205 2380 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 14:58:47.0221 2380 aliide - ok 14:58:47.0268 2380 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 14:58:47.0283 2380 amdagp - ok 14:58:47.0330 2380 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 14:58:47.0346 2380 amdide - ok 14:58:47.0377 2380 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 14:58:47.0424 2380 AmdK7 - ok 14:58:47.0455 2380 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 14:58:47.0595 2380 AmdK8 - ok 14:58:47.0798 2380 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 14:58:47.0814 2380 AntiVirSchedulerService - ok 14:58:47.0876 2380 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 14:58:47.0892 2380 AntiVirService - ok 14:58:47.0970 2380 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 14:58:48.0032 2380 Appinfo - ok 14:58:48.0094 2380 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 14:58:48.0110 2380 arc - ok 14:58:48.0172 2380 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 14:58:48.0188 2380 arcsas - ok 14:58:48.0438 2380 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 14:58:48.0453 2380 aspnet_state - ok 14:58:48.0578 2380 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 14:58:48.0734 2380 AsyncMac - ok 14:58:48.0843 2380 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys 14:58:48.0859 2380 atapi - ok 14:58:48.0906 2380 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 14:58:48.0952 2380 AudioEndpointBuilder - ok 14:58:48.0984 2380 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 14:58:48.0999 2380 Audiosrv - ok 14:58:49.0030 2380 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 14:58:49.0077 2380 avgntflt - ok 14:58:49.0124 2380 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 14:58:49.0140 2380 avipbb - ok 14:58:49.0171 2380 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 14:58:49.0186 2380 avkmgr - ok 14:58:49.0233 2380 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 14:58:49.0311 2380 Beep - ok 14:58:49.0342 2380 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 14:58:49.0420 2380 BFE - ok 14:58:49.0452 2380 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 14:58:49.0592 2380 BITS - ok 14:58:49.0639 2380 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 14:58:49.0701 2380 blbdrive - ok 14:58:49.0732 2380 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 14:58:49.0764 2380 bowser - ok 14:58:49.0795 2380 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 14:58:49.0826 2380 BrFiltLo - ok 14:58:49.0842 2380 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 14:58:49.0888 2380 BrFiltUp - ok 14:58:49.0935 2380 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 14:58:50.0013 2380 Browser - ok 14:58:50.0060 2380 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 14:58:50.0232 2380 Brserid - ok 14:58:50.0247 2380 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 14:58:50.0341 2380 BrSerWdm - ok 14:58:50.0356 2380 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 14:58:50.0450 2380 BrUsbMdm - ok 14:58:50.0481 2380 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 14:58:50.0559 2380 BrUsbSer - ok 14:58:50.0622 2380 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 14:58:50.0668 2380 BthEnum - ok 14:58:50.0715 2380 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 14:58:50.0778 2380 BTHMODEM - ok 14:58:50.0809 2380 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 14:58:50.0856 2380 BthPan - ok 14:58:50.0902 2380 [ AC8A1689D5EFC4D214201155A78D8F4B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 14:58:50.0949 2380 BTHPORT - ok 14:58:50.0996 2380 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 14:58:51.0058 2380 BthServ - ok 14:58:51.0090 2380 [ 288C1F74E3E2EED6C7B54EB3AAC70856 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 14:58:51.0152 2380 BTHUSB - ok 14:58:51.0183 2380 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 14:58:51.0230 2380 cdfs - ok 14:58:51.0246 2380 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 14:58:51.0308 2380 cdrom - ok 14:58:51.0355 2380 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 14:58:51.0386 2380 CertPropSvc - ok 14:58:51.0417 2380 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 14:58:51.0464 2380 circlass - ok 14:58:51.0480 2380 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 14:58:51.0495 2380 CLFS - ok 14:58:51.0542 2380 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:58:51.0558 2380 clr_optimization_v2.0.50727_32 - ok 14:58:51.0620 2380 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 14:58:51.0667 2380 CmBatt - ok 14:58:51.0698 2380 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 14:58:51.0714 2380 cmdide - ok 14:58:51.0745 2380 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 14:58:51.0760 2380 Compbatt - ok 14:58:51.0760 2380 COMSysApp - ok 14:58:51.0776 2380 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 14:58:51.0792 2380 crcdisk - ok 14:58:51.0807 2380 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 14:58:51.0854 2380 Crusoe - ok 14:58:51.0901 2380 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 14:58:51.0948 2380 CryptSvc - ok 14:58:51.0994 2380 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 14:58:52.0026 2380 DcomLaunch - ok 14:58:52.0057 2380 [ 9E635AE5E8AD93E2B5989E2E23679F97 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 14:58:52.0119 2380 DfsC - ok 14:58:52.0213 2380 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 14:58:52.0353 2380 DFSR - ok 14:58:52.0400 2380 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 14:58:52.0462 2380 Dhcp - ok 14:58:52.0494 2380 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 14:58:52.0509 2380 disk - ok 14:58:52.0525 2380 [ F5A0F1DA1ED8B429597E71D27D976E31 ] Dnscache C:\Windows\System32\dnsrslvr.dll 14:58:52.0587 2380 Dnscache - ok 14:58:52.0603 2380 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 14:58:52.0634 2380 dot3svc - ok 14:58:52.0696 2380 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 14:58:52.0743 2380 Dot4 - ok 14:58:52.0774 2380 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 14:58:52.0821 2380 Dot4Print - ok 14:58:52.0837 2380 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 14:58:52.0868 2380 dot4usb - ok 14:58:52.0930 2380 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 14:58:52.0977 2380 DPS - ok 14:58:53.0024 2380 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 14:58:53.0071 2380 drmkaud - ok 14:58:53.0102 2380 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 14:58:53.0180 2380 DXGKrnl - ok 14:58:53.0242 2380 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 14:58:53.0274 2380 E1G60 - ok 14:58:53.0336 2380 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 14:58:53.0398 2380 EapHost - ok 14:58:53.0430 2380 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 14:58:53.0445 2380 Ecache - ok 14:58:53.0492 2380 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 14:58:53.0508 2380 ehRecvr - ok 14:58:53.0554 2380 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 14:58:53.0586 2380 ehSched - ok 14:58:53.0632 2380 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 14:58:53.0664 2380 ehstart - ok 14:58:53.0773 2380 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 14:58:53.0866 2380 elxstor - ok 14:58:53.0944 2380 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 14:58:54.0054 2380 EMDMgmt - ok 14:58:54.0100 2380 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 14:58:54.0147 2380 ErrDev - ok 14:58:54.0194 2380 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys 14:58:54.0194 2380 EsgScanner - ok 14:58:54.0241 2380 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 14:58:54.0288 2380 EventSystem - ok 14:58:54.0334 2380 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 14:58:54.0366 2380 exfat - ok 14:58:54.0397 2380 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 14:58:54.0444 2380 fastfat - ok 14:58:54.0475 2380 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 14:58:54.0522 2380 fdc - ok 14:58:54.0537 2380 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 14:58:54.0600 2380 fdPHost - ok 14:58:54.0615 2380 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 14:58:54.0678 2380 FDResPub - ok 14:58:54.0678 2380 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 14:58:54.0693 2380 FileInfo - ok 14:58:54.0724 2380 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 14:58:54.0771 2380 Filetrace - ok 14:58:54.0787 2380 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 14:58:54.0849 2380 flpydisk - ok 14:58:54.0849 2380 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 14:58:54.0865 2380 FltMgr - ok 14:58:54.0927 2380 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:58:54.0943 2380 FontCache3.0.0.0 - ok 14:58:54.0990 2380 [ 78C108C807AFDC45D7867B96D01AA8F2 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys 14:58:54.0990 2380 FPSensor - ok 14:58:55.0021 2380 [ 4EFF8408DD280F2468C39D0F4A2CEC0D ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys 14:58:55.0021 2380 FPWinIo - ok 14:58:55.0036 2380 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 14:58:55.0083 2380 Fs_Rec - ok 14:58:55.0114 2380 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 14:58:55.0114 2380 gagp30kx - ok 14:58:55.0177 2380 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:58:55.0192 2380 GEARAspiWDM - ok 14:58:55.0224 2380 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 14:58:55.0302 2380 gpsvc - ok 14:58:55.0489 2380 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 14:58:55.0582 2380 HdAudAddService - ok 14:58:55.0629 2380 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 14:58:55.0660 2380 HDAudBus - ok 14:58:55.0692 2380 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 14:58:55.0738 2380 HidBth - ok 14:58:55.0754 2380 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 14:58:55.0801 2380 HidIr - ok 14:58:55.0848 2380 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 14:58:55.0894 2380 hidserv - ok 14:58:55.0926 2380 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 14:58:55.0941 2380 HidUsb - ok 14:58:55.0972 2380 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 14:58:56.0019 2380 hkmsvc - ok 14:58:56.0035 2380 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 14:58:56.0050 2380 HpCISSs - ok 14:58:56.0160 2380 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 14:58:56.0175 2380 hpqcxs08 - ok 14:58:56.0206 2380 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 14:58:56.0222 2380 hpqddsvc - ok 14:58:56.0253 2380 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 14:58:56.0331 2380 HTTP - ok 14:58:56.0347 2380 hwdatacard - ok 14:58:56.0362 2380 hwusbdev - ok 14:58:56.0394 2380 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 14:58:56.0409 2380 i2omp - ok 14:58:56.0456 2380 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 14:58:56.0472 2380 i8042prt - ok 14:58:56.0503 2380 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 14:58:56.0534 2380 iaStorV - ok 14:58:56.0690 2380 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 14:58:56.0721 2380 IDriverT ( UnsignedFile.Multi.Generic ) - warning 14:58:56.0721 2380 IDriverT - detected UnsignedFile.Multi.Generic (1) 14:58:56.0799 2380 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:58:56.0877 2380 idsvc - ok 14:58:57.0018 2380 [ BE449D6218D34D93A95C1D2873DD8A5D ] IGBASVC C:\Program Files\EgisTec\VITAKEY\BASVC.exe 14:58:57.0142 2380 IGBASVC - ok 14:58:57.0158 2380 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 14:58:57.0174 2380 iirsp - ok 14:58:57.0205 2380 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 14:58:57.0283 2380 IKEEXT - ok 14:58:57.0376 2380 [ C3C499A704A2D7958D9D7E5A9DB60CE4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 14:58:57.0564 2380 IntcAzAudAddService - ok 14:58:57.0626 2380 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 14:58:57.0642 2380 intelide - ok 14:58:57.0673 2380 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 14:58:57.0704 2380 intelppm - ok 14:58:57.0735 2380 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 14:58:57.0782 2380 IPBusEnum - ok 14:58:57.0798 2380 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:58:57.0844 2380 IpFilterDriver - ok 14:58:57.0907 2380 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 14:58:57.0954 2380 iphlpsvc - ok 14:58:57.0954 2380 IpInIp - ok 14:58:57.0985 2380 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 14:58:58.0016 2380 IPMIDRV - ok 14:58:58.0032 2380 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 14:58:58.0063 2380 IPNAT - ok 14:58:58.0141 2380 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 14:58:58.0172 2380 IRENUM - ok 14:58:58.0188 2380 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 14:58:58.0203 2380 isapnp - ok 14:58:58.0266 2380 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 14:58:58.0266 2380 iScsiPrt - ok 14:58:58.0312 2380 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 14:58:58.0328 2380 iteatapi - ok 14:58:58.0344 2380 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 14:58:58.0344 2380 iteraid - ok 14:58:58.0390 2380 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 14:58:58.0406 2380 kbdclass - ok 14:58:58.0437 2380 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 14:58:58.0484 2380 kbdhid - ok 14:58:58.0531 2380 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 14:58:58.0593 2380 KeyIso - ok 14:58:58.0609 2380 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 14:58:58.0656 2380 KSecDD - ok 14:58:58.0702 2380 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 14:58:58.0734 2380 KtmRm - ok 14:58:58.0765 2380 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll 14:58:58.0827 2380 LanmanServer - ok 14:58:58.0874 2380 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 14:58:58.0905 2380 LanmanWorkstation - ok 14:58:58.0999 2380 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 14:58:59.0061 2380 lltdio - ok 14:58:59.0108 2380 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 14:58:59.0170 2380 lltdsvc - ok 14:58:59.0186 2380 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 14:58:59.0233 2380 lmhosts - ok 14:58:59.0264 2380 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 14:58:59.0280 2380 LSI_FC - ok 14:58:59.0311 2380 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 14:58:59.0326 2380 LSI_SAS - ok 14:58:59.0373 2380 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 14:58:59.0373 2380 LSI_SCSI - ok 14:58:59.0420 2380 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 14:58:59.0451 2380 luafv - ok 14:58:59.0482 2380 MBAMSwissArmy - ok 14:58:59.0607 2380 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe 14:58:59.0623 2380 McComponentHostService - ok 14:58:59.0701 2380 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 14:58:59.0748 2380 Mcx2Svc - ok 14:58:59.0779 2380 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 14:58:59.0794 2380 megasas - ok 14:58:59.0982 2380 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 14:58:59.0997 2380 MegaSR - ok 14:59:00.0044 2380 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 14:59:00.0075 2380 MMCSS - ok 14:59:00.0106 2380 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 14:59:00.0169 2380 Modem - ok 14:59:00.0216 2380 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 14:59:00.0231 2380 monitor - ok 14:59:00.0247 2380 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 14:59:00.0262 2380 mouclass - ok 14:59:00.0262 2380 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 14:59:00.0294 2380 mouhid - ok 14:59:00.0309 2380 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 14:59:00.0309 2380 MountMgr - ok 14:59:00.0403 2380 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:59:00.0418 2380 MozillaMaintenance - ok 14:59:00.0465 2380 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 14:59:00.0481 2380 mpio - ok 14:59:00.0512 2380 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 14:59:00.0528 2380 mpsdrv - ok 14:59:00.0559 2380 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 14:59:00.0606 2380 MpsSvc - ok 14:59:00.0621 2380 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 14:59:00.0621 2380 Mraid35x - ok 14:59:00.0668 2380 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 14:59:00.0746 2380 MRxDAV - ok 14:59:00.0777 2380 [ 7AFC42E60432FD1014F5342F2B1B1F74 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 14:59:00.0840 2380 mrxsmb - ok 14:59:00.0855 2380 [ 8A75752AE17924F65452746674B14B78 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:59:00.0886 2380 mrxsmb10 - ok 14:59:00.0902 2380 [ F4D0F3252E651F02BE64984FFA738394 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:59:00.0933 2380 mrxsmb20 - ok 14:59:00.0980 2380 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 14:59:00.0996 2380 msahci - ok 14:59:01.0027 2380 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 14:59:01.0042 2380 msdsm - ok 14:59:01.0074 2380 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 14:59:01.0136 2380 MSDTC - ok 14:59:01.0152 2380 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 14:59:01.0198 2380 Msfs - ok 14:59:01.0198 2380 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 14:59:01.0214 2380 msisadrv - ok 14:59:01.0245 2380 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 14:59:01.0276 2380 MSiSCSI - ok 14:59:01.0276 2380 msiserver - ok 14:59:01.0323 2380 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 14:59:01.0354 2380 MSKSSRV - ok 14:59:01.0386 2380 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 14:59:01.0417 2380 MSPCLOCK - ok 14:59:01.0464 2380 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 14:59:01.0479 2380 MSPQM - ok 14:59:01.0495 2380 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 14:59:01.0510 2380 MsRPC - ok 14:59:01.0526 2380 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 14:59:01.0526 2380 mssmbios - ok 14:59:01.0557 2380 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 14:59:01.0604 2380 MSTEE - ok 14:59:01.0620 2380 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 14:59:01.0620 2380 Mup - ok 14:59:01.0698 2380 [ 62D3C8E2E75ABD9FC3DEE1B0E5B437E0 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 14:59:01.0713 2380 mwlPSDFilter - ok 14:59:01.0744 2380 [ 3963DB3D50D60D17CE7A5EB7D4DA2E7D ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 14:59:01.0744 2380 mwlPSDNServ - ok 14:59:01.0760 2380 [ C6DE675CE2F2B6E4F78BF7E8187FC1EC ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 14:59:01.0776 2380 mwlPSDVDisk - ok 14:59:01.0838 2380 [ 3FD2D2F48C05C9E8EC0A8D61BCE12BFA ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe 14:59:01.0854 2380 MWLService - ok 14:59:01.0900 2380 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 14:59:01.0932 2380 napagent - ok 14:59:01.0994 2380 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 14:59:02.0025 2380 NativeWifiP - ok 14:59:02.0072 2380 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 14:59:02.0103 2380 NDIS - ok 14:59:02.0119 2380 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 14:59:02.0166 2380 NdisTapi - ok 14:59:02.0181 2380 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 14:59:02.0212 2380 Ndisuio - ok 14:59:02.0228 2380 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 14:59:02.0259 2380 NdisWan - ok 14:59:02.0275 2380 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 14:59:02.0306 2380 NDProxy - ok 14:59:02.0462 2380 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 14:59:02.0556 2380 Nero BackItUp Scheduler 3 - ok 14:59:02.0587 2380 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 14:59:02.0602 2380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:59:02.0602 2380 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:59:02.0634 2380 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 14:59:02.0665 2380 NetBIOS - ok 14:59:02.0712 2380 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 14:59:02.0790 2380 netbt - ok 14:59:02.0805 2380 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 14:59:02.0821 2380 Netlogon - ok 14:59:02.0883 2380 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 14:59:02.0914 2380 Netman - ok 14:59:02.0977 2380 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:59:02.0992 2380 NetMsmqActivator - ok 14:59:03.0055 2380 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:59:03.0070 2380 NetPipeActivator - ok 14:59:03.0102 2380 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 14:59:03.0148 2380 netprofm - ok 14:59:03.0148 2380 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:59:03.0164 2380 NetTcpActivator - ok 14:59:03.0164 2380 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:59:03.0180 2380 NetTcpPortSharing - ok 14:59:03.0289 2380 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 14:59:03.0554 2380 NETw5v32 - ok 14:59:03.0585 2380 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 14:59:03.0601 2380 nfrd960 - ok 14:59:03.0741 2380 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 14:59:03.0772 2380 NlaSvc - ok 14:59:03.0850 2380 [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 14:59:03.0866 2380 NMIndexingService - ok 14:59:03.0913 2380 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 14:59:03.0991 2380 Npfs - ok 14:59:04.0022 2380 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 14:59:04.0053 2380 nsi - ok 14:59:04.0100 2380 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 14:59:04.0131 2380 nsiproxy - ok 14:59:04.0194 2380 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 14:59:04.0272 2380 Ntfs - ok 14:59:04.0287 2380 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 14:59:04.0365 2380 ntrigdigi - ok 14:59:04.0396 2380 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 14:59:04.0412 2380 Null - ok 14:59:04.0443 2380 [ A103162C62C336C2CB3C5E1E2773D17B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 14:59:04.0459 2380 NVHDA - ok 14:59:04.0677 2380 [ 692BD7AE273B8FD16D1EF1677394DD84 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 14:59:05.0176 2380 nvlddmkm - ok 14:59:05.0208 2380 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 14:59:05.0223 2380 nvraid - ok 14:59:05.0239 2380 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 14:59:05.0254 2380 nvstor - ok 14:59:05.0286 2380 [ 7708F81CC3C92E107DA01CAA67DFDB0A ] nvsvc C:\Windows\system32\nvvsvc.exe 14:59:05.0301 2380 nvsvc - ok 14:59:05.0332 2380 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 14:59:05.0348 2380 nv_agp - ok 14:59:05.0348 2380 NwlnkFlt - ok 14:59:05.0348 2380 NwlnkFwd - ok 14:59:05.0395 2380 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 14:59:05.0442 2380 ohci1394 - ok 14:59:05.0566 2380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:59:05.0582 2380 ose - ok 14:59:05.0629 2380 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 14:59:05.0707 2380 p2pimsvc - ok 14:59:05.0722 2380 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 14:59:05.0738 2380 p2psvc - ok 14:59:05.0769 2380 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 14:59:05.0832 2380 Parport - ok 14:59:05.0863 2380 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 14:59:05.0863 2380 partmgr - ok 14:59:05.0894 2380 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 14:59:05.0941 2380 Parvdm - ok 14:59:05.0956 2380 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 14:59:06.0003 2380 PcaSvc - ok 14:59:06.0019 2380 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 14:59:06.0050 2380 pci - ok 14:59:06.0066 2380 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 14:59:06.0081 2380 pciide - ok 14:59:06.0112 2380 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 14:59:06.0128 2380 pcmcia - ok 14:59:06.0190 2380 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 14:59:06.0284 2380 PEAUTH - ok 14:59:06.0362 2380 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys 14:59:06.0409 2380 PhilCap - ok 14:59:06.0487 2380 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 14:59:06.0627 2380 pla - ok 14:59:06.0674 2380 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe 14:59:06.0674 2380 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 14:59:06.0674 2380 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 14:59:06.0721 2380 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 14:59:06.0752 2380 PlugPlay - ok 14:59:06.0799 2380 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 14:59:06.0814 2380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:59:06.0814 2380 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:59:06.0861 2380 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 14:59:06.0877 2380 PNRPAutoReg - ok 14:59:06.0939 2380 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 14:59:06.0970 2380 PNRPsvc - ok 14:59:07.0002 2380 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 14:59:07.0126 2380 PolicyAgent - ok 14:59:07.0173 2380 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 14:59:07.0204 2380 PptpMiniport - ok 14:59:07.0236 2380 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 14:59:07.0267 2380 Processor - ok 14:59:07.0298 2380 Profos - ok 14:59:07.0329 2380 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 14:59:07.0360 2380 ProfSvc - ok 14:59:07.0376 2380 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 14:59:07.0392 2380 ProtectedStorage - ok 14:59:07.0423 2380 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe 14:59:07.0438 2380 ProtexisLicensing - ok 14:59:07.0454 2380 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 14:59:07.0501 2380 PSched - ok 14:59:07.0563 2380 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 14:59:07.0657 2380 ql2300 - ok 14:59:07.0672 2380 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 14:59:07.0688 2380 ql40xx - ok 14:59:07.0750 2380 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 14:59:07.0797 2380 QWAVE - ok 14:59:07.0828 2380 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 14:59:07.0860 2380 QWAVEdrv - ok 14:59:07.0906 2380 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 14:59:07.0938 2380 RasAcd - ok 14:59:07.0984 2380 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 14:59:08.0016 2380 RasAuto - ok 14:59:08.0031 2380 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 14:59:08.0062 2380 Rasl2tp - ok 14:59:08.0078 2380 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 14:59:08.0109 2380 RasMan - ok 14:59:08.0125 2380 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 14:59:08.0156 2380 RasPppoe - ok 14:59:08.0156 2380 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 14:59:08.0187 2380 RasSstp - ok 14:59:08.0203 2380 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 14:59:08.0250 2380 rdbss - ok 14:59:08.0250 2380 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 14:59:08.0296 2380 RDPCDD - ok 14:59:08.0312 2380 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 14:59:08.0343 2380 rdpdr - ok 14:59:08.0359 2380 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 14:59:08.0390 2380 RDPENCDD - ok 14:59:08.0421 2380 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 14:59:08.0468 2380 RDPWD - ok 14:59:08.0515 2380 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 14:59:08.0546 2380 RemoteAccess - ok 14:59:08.0577 2380 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 14:59:08.0624 2380 RemoteRegistry - ok 14:59:08.0671 2380 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 14:59:08.0702 2380 RFCOMM - ok 14:59:08.0796 2380 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 14:59:08.0827 2380 RichVideo ( UnsignedFile.Multi.Generic ) - warning 14:59:08.0827 2380 RichVideo - detected UnsignedFile.Multi.Generic (1) 14:59:08.0858 2380 RimUsb - ok 14:59:08.0905 2380 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys 14:59:08.0920 2380 RimVSerPort - ok 14:59:08.0983 2380 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 14:59:09.0030 2380 ROOTMODEM - ok 14:59:09.0076 2380 RoxLiveShare9 - ok 14:59:09.0139 2380 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 14:59:09.0154 2380 RpcLocator - ok 14:59:09.0201 2380 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 14:59:09.0232 2380 RpcSs - ok 14:59:09.0264 2380 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 14:59:09.0295 2380 rspndr - ok 14:59:09.0326 2380 [ 174B9514CD1A0C33CE4BBC02A3C81A62 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 14:59:09.0388 2380 RTL8169 - ok 14:59:09.0435 2380 [ 9EA88492B1DAB90DCE43A6F2C0E133BD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 14:59:09.0466 2380 RTSTOR - ok 14:59:09.0482 2380 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 14:59:09.0498 2380 SamSs - ok 14:59:09.0529 2380 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 14:59:09.0529 2380 sbp2port - ok 14:59:09.0560 2380 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 14:59:09.0607 2380 SCardSvr - ok 14:59:09.0638 2380 [ 1D5E99DB3C10F4FA034010DC49043CA4 ] Schedule C:\Windows\system32\schedsvc.dll 14:59:09.0685 2380 Schedule - ok 14:59:09.0700 2380 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 14:59:09.0716 2380 SCPolicySvc - ok 14:59:09.0732 2380 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 14:59:09.0794 2380 SDRSVC - ok 14:59:09.0825 2380 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 14:59:09.0872 2380 secdrv - ok 14:59:09.0872 2380 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 14:59:09.0919 2380 seclogon - ok 14:59:09.0950 2380 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 14:59:09.0981 2380 SENS - ok 14:59:10.0012 2380 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 14:59:10.0075 2380 Serenum - ok 14:59:10.0090 2380 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 14:59:10.0153 2380 Serial - ok 14:59:10.0184 2380 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 14:59:10.0215 2380 sermouse - ok 14:59:10.0246 2380 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 14:59:10.0278 2380 SessionEnv - ok 14:59:10.0309 2380 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 14:59:10.0324 2380 sffdisk - ok 14:59:10.0340 2380 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 14:59:10.0387 2380 sffp_mmc - ok 14:59:10.0402 2380 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 14:59:10.0449 2380 sffp_sd - ok 14:59:10.0465 2380 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 14:59:10.0527 2380 sfloppy - ok 14:59:10.0543 2380 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 14:59:10.0605 2380 SharedAccess - ok 14:59:10.0636 2380 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 14:59:10.0668 2380 ShellHWDetection - ok 14:59:10.0699 2380 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 14:59:10.0714 2380 sisagp - ok 14:59:10.0730 2380 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 14:59:10.0746 2380 SiSRaid2 - ok 14:59:10.0761 2380 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 14:59:10.0777 2380 SiSRaid4 - ok 14:59:10.0948 2380 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 14:59:11.0120 2380 Skype C2C Service - ok 14:59:11.0214 2380 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 14:59:11.0260 2380 SkypeUpdate - ok 14:59:11.0526 2380 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 14:59:11.0713 2380 slsvc - ok 14:59:11.0744 2380 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 14:59:11.0806 2380 SLUINotify - ok 14:59:11.0822 2380 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 14:59:11.0869 2380 Smb - ok 14:59:11.0900 2380 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 14:59:11.0916 2380 SNMPTRAP - ok 14:59:12.0040 2380 [ 913D2CE973ED904FE54DE9DB38FCEFF2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 14:59:12.0196 2380 SNP2UVC - ok 14:59:12.0212 2380 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 14:59:12.0228 2380 spldr - ok 14:59:12.0243 2380 [ 846CDF9A3CF4DA9B306ADFB7D55EE4C2 ] Spooler C:\Windows\System32\spoolsv.exe 14:59:12.0306 2380 Spooler - ok 14:59:12.0352 2380 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 14:59:12.0352 2380 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 14:59:12.0368 2380 sptd ( LockedFile.Multi.Generic ) - warning 14:59:12.0368 2380 sptd - detected LockedFile.Multi.Generic (1) 14:59:12.0571 2380 [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 14:59:12.0602 2380 SpyHunter 4 Service - ok 14:59:12.0649 2380 [ 8E5FC19B3B38364C5F44CCECEC5248E9 ] srv C:\Windows\system32\DRIVERS\srv.sys 14:59:12.0727 2380 srv - ok 14:59:12.0774 2380 [ 4CEEB95E0B79E48B81F2DA0A6C24C64B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 14:59:12.0820 2380 srv2 - ok 14:59:12.0930 2380 [ 71DB619F4068D7C70D447D73617CDFAC ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe 14:59:13.0101 2380 srvcPVR ( UnsignedFile.Multi.Generic ) - warning 14:59:13.0101 2380 srvcPVR - detected UnsignedFile.Multi.Generic (1) 14:59:13.0132 2380 [ F9C65E1E00A6BBF7C57D9B8EA068C525 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 14:59:13.0164 2380 srvnet - ok 14:59:13.0195 2380 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 14:59:13.0226 2380 SSDPSRV - ok 14:59:13.0288 2380 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 14:59:13.0288 2380 ssmdrv - ok 14:59:13.0351 2380 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 14:59:13.0366 2380 SstpSvc - ok 14:59:13.0382 2380 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 14:59:13.0413 2380 StillCam - ok 14:59:13.0444 2380 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 14:59:13.0460 2380 stisvc - ok 14:59:13.0491 2380 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 14:59:13.0507 2380 swenum - ok 14:59:13.0554 2380 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 14:59:13.0616 2380 swprv - ok 14:59:13.0647 2380 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 14:59:13.0647 2380 Symc8xx - ok 14:59:13.0663 2380 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 14:59:13.0678 2380 Sym_hi - ok 14:59:13.0741 2380 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 14:59:13.0756 2380 Sym_u3 - ok 14:59:13.0788 2380 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 14:59:13.0897 2380 SysMain - ok 14:59:13.0959 2380 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 14:59:14.0006 2380 TabletInputService - ok 14:59:14.0037 2380 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 14:59:14.0115 2380 TapiSrv - ok 14:59:14.0162 2380 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 14:59:14.0224 2380 TBS - ok 14:59:14.0271 2380 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 14:59:14.0349 2380 Tcpip - ok 14:59:14.0365 2380 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 14:59:14.0412 2380 Tcpip6 - ok 14:59:14.0443 2380 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 14:59:14.0490 2380 tcpipreg - ok 14:59:14.0521 2380 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 14:59:14.0568 2380 TDPIPE - ok 14:59:14.0599 2380 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 14:59:14.0614 2380 TDTCP - ok 14:59:14.0661 2380 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 14:59:14.0724 2380 tdx - ok 14:59:14.0739 2380 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 14:59:14.0755 2380 TermDD - ok 14:59:14.0802 2380 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 14:59:14.0880 2380 TermService - ok 14:59:14.0895 2380 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll 14:59:14.0926 2380 Themes - ok 14:59:14.0942 2380 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 14:59:14.0973 2380 THREADORDER - ok 14:59:14.0989 2380 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 14:59:15.0020 2380 TrkWks - ok 14:59:15.0207 2380 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 14:59:15.0301 2380 TrustedInstaller - ok 14:59:15.0316 2380 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 14:59:15.0348 2380 tssecsrv - ok 14:59:15.0394 2380 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 14:59:15.0410 2380 tunmp - ok 14:59:15.0410 2380 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 14:59:15.0426 2380 tunnel - ok 14:59:15.0441 2380 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 14:59:15.0457 2380 uagp35 - ok 14:59:15.0472 2380 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 14:59:15.0504 2380 udfs - ok 14:59:15.0535 2380 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 14:59:15.0582 2380 UI0Detect - ok 14:59:15.0597 2380 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 14:59:15.0613 2380 uliagpkx - ok 14:59:15.0628 2380 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 14:59:15.0644 2380 uliahci - ok 14:59:15.0675 2380 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 14:59:15.0675 2380 UlSata - ok 14:59:15.0706 2380 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 14:59:15.0706 2380 ulsata2 - ok 14:59:15.0738 2380 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 14:59:15.0769 2380 umbus - ok 14:59:15.0784 2380 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 14:59:15.0847 2380 upnphost - ok 14:59:15.0847 2380 USBAAPL - ok 14:59:15.0894 2380 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 14:59:15.0909 2380 usbccgp - ok 14:59:15.0925 2380 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 14:59:15.0987 2380 usbcir - ok 14:59:16.0003 2380 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 14:59:16.0050 2380 usbehci - ok 14:59:16.0065 2380 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 14:59:16.0096 2380 usbhub - ok 14:59:16.0128 2380 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 14:59:16.0159 2380 usbohci - ok 14:59:16.0206 2380 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 14:59:16.0237 2380 usbprint - ok 14:59:16.0284 2380 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 14:59:16.0330 2380 usbscan - ok 14:59:16.0346 2380 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:59:16.0424 2380 USBSTOR - ok 14:59:16.0455 2380 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 14:59:16.0502 2380 usbuhci - ok 14:59:16.0580 2380 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 14:59:16.0611 2380 usbvideo - ok 14:59:16.0627 2380 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 14:59:16.0674 2380 UxSms - ok 14:59:16.0689 2380 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 14:59:16.0767 2380 vds - ok 14:59:16.0783 2380 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 14:59:16.0830 2380 vga - ok 14:59:16.0861 2380 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 14:59:16.0908 2380 VgaSave - ok 14:59:16.0954 2380 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 14:59:16.0954 2380 viaagp - ok 14:59:16.0970 2380 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 14:59:17.0001 2380 ViaC7 - ok 14:59:17.0017 2380 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 14:59:17.0032 2380 viaide - ok 14:59:17.0048 2380 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 14:59:17.0064 2380 volmgr - ok 14:59:17.0079 2380 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 14:59:17.0095 2380 volmgrx - ok 14:59:17.0110 2380 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 14:59:17.0126 2380 volsnap - ok 14:59:17.0157 2380 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 14:59:17.0173 2380 vsmraid - ok 14:59:17.0235 2380 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 14:59:17.0360 2380 VSS - ok 14:59:17.0376 2380 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 14:59:17.0438 2380 W32Time - ok 14:59:17.0454 2380 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 14:59:17.0532 2380 WacomPen - ok 14:59:17.0547 2380 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 14:59:17.0578 2380 Wanarp - ok 14:59:17.0594 2380 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 14:59:17.0610 2380 Wanarpv6 - ok 14:59:17.0641 2380 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 14:59:17.0672 2380 wcncsvc - ok 14:59:17.0688 2380 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 14:59:17.0719 2380 WcsPlugInService - ok 14:59:17.0734 2380 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 14:59:17.0750 2380 Wd - ok 14:59:17.0781 2380 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 14:59:17.0797 2380 Wdf01000 - ok 14:59:17.0812 2380 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 14:59:17.0859 2380 WdiServiceHost - ok 14:59:17.0875 2380 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 14:59:17.0890 2380 WdiSystemHost - ok 14:59:17.0937 2380 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 14:59:18.0000 2380 WebClient - ok 14:59:18.0015 2380 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 14:59:18.0062 2380 Wecsvc - ok 14:59:18.0062 2380 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 14:59:18.0093 2380 wercplsupport - ok 14:59:18.0140 2380 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 14:59:18.0156 2380 WerSvc - ok 14:59:18.0280 2380 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 14:59:18.0312 2380 WinDefend - ok 14:59:18.0312 2380 WinHttpAutoProxySvc - ok 14:59:18.0374 2380 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 14:59:18.0405 2380 Winmgmt - ok 14:59:18.0468 2380 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll 14:59:18.0546 2380 WinRM - ok 14:59:18.0608 2380 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 14:59:18.0639 2380 WinUSB - ok 14:59:18.0686 2380 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 14:59:18.0733 2380 Wlansvc - ok 14:59:18.0780 2380 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 14:59:18.0811 2380 WmiAcpi - ok 14:59:18.0842 2380 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 14:59:18.0889 2380 wmiApSrv - ok 14:59:18.0967 2380 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 14:59:19.0029 2380 WMPNetworkSvc - ok 14:59:19.0076 2380 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 14:59:19.0092 2380 WPCSvc - ok 14:59:19.0107 2380 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 14:59:19.0138 2380 WPDBusEnum - ok 14:59:19.0185 2380 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 14:59:19.0201 2380 WpdUsb - ok 14:59:19.0248 2380 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 14:59:19.0279 2380 ws2ifsl - ok 14:59:19.0294 2380 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 14:59:19.0310 2380 wscsvc - ok 14:59:19.0310 2380 WSearch - ok 14:59:19.0435 2380 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 14:59:19.0575 2380 wuauserv - ok 14:59:19.0606 2380 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 14:59:19.0700 2380 WUDFRd - ok 14:59:19.0731 2380 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 14:59:19.0809 2380 wudfsvc - ok 14:59:19.0856 2380 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys 14:59:19.0872 2380 X10Hid - ok 14:59:19.0965 2380 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 14:59:19.0965 2380 x10nets ( UnsignedFile.Multi.Generic ) - warning 14:59:19.0965 2380 x10nets - detected UnsignedFile.Multi.Generic (1) 14:59:20.0043 2380 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys 14:59:20.0043 2380 XUIF - ok 14:59:20.0059 2380 ================ Scan global =============================== 14:59:20.0090 2380 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 14:59:20.0137 2380 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 14:59:20.0152 2380 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 14:59:20.0184 2380 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 14:59:20.0199 2380 [Global] - ok 14:59:20.0199 2380 ================ Scan MBR ================================== 14:59:20.0215 2380 [ 04D4350AE5FB6FC2AD3E7C26B1323C68 ] \Device\Harddisk0\DR0 14:59:20.0215 2380 Suspicious mbr (Forged): \Device\Harddisk0\DR0 14:59:20.0246 2380 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected 14:59:20.0246 2380 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 14:59:20.0262 2380 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 14:59:20.0262 2380 \Device\Harddisk0\DR0 - detected TDSS File System (1) 14:59:20.0262 2380 ================ Scan VBR ================================== 14:59:20.0293 2380 [ D388FB9CCF230EC959D1A647C421C6B8 ] \Device\Harddisk0\DR0\Partition1 14:59:20.0293 2380 \Device\Harddisk0\DR0\Partition1 - ok 14:59:20.0324 2380 [ 6F7E15BF1F320FCCDD1AB9F387F82803 ] \Device\Harddisk0\DR0\Partition2 14:59:20.0324 2380 \Device\Harddisk0\DR0\Partition2 - ok 14:59:20.0324 2380 ============================================================ 14:59:20.0324 2380 Scan finished 14:59:20.0324 2380 ============================================================ 14:59:20.0340 3252 Detected object count: 10 14:59:20.0340 3252 Actual detected object count: 10 15:01:59.0272 3252 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0272 3252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0272 3252 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0272 3252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0272 3252 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0272 3252 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:01:59.0272 3252 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:01:59.0288 3252 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0288 3252 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0288 3252 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 15:01:59.0288 3252 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:01:59.0288 3252 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user 15:01:59.0288 3252 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip 15:01:59.0288 3252 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 15:01:59.0288 3252 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip |
|
21.12.2012, 15:41
| #8 |
| /// Malware-holic | cash-trojaner in form von antivirus programm Hi, für die beiden funde: Rootkit.Win32.TDSS.tdl4 TDSS File System Wähle cure, bzw delete. dann neustarten, und TDSS killer ausführen wie oben beschrieben, log posten bitte.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.12.2012, 15:59
| #9 |
| | cash-trojaner in form von antivirus programm hi markus, hier: 15:54:53.0161 2084 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 15:54:53.0395 2084 ============================================================ 15:54:53.0395 2084 Current date / time: 2012/12/21 15:54:53.0395 15:54:53.0395 2084 SystemInfo: 15:54:53.0395 2084 15:54:53.0395 2084 OS Version: 6.0.6001 ServicePack: 1.0 15:54:53.0395 2084 Product type: Workstation 15:54:53.0395 2084 ComputerName: MAX-LAPTOP 15:54:53.0395 2084 UserName: Max 15:54:53.0395 2084 Windows directory: C:\Windows 15:54:53.0395 2084 System windows directory: C:\Windows 15:54:53.0395 2084 Processor architecture: Intel x86 15:54:53.0395 2084 Number of processors: 2 15:54:53.0395 2084 Page size: 0x1000 15:54:53.0395 2084 Boot type: Normal boot 15:54:53.0395 2084 ============================================================ 15:54:55.0299 2084 BG loaded 15:54:57.0871 2084 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 15:54:57.0886 2084 ============================================================ 15:54:57.0886 2084 \Device\Harddisk0\DR0: 15:54:57.0886 2084 MBR partitions: 15:54:57.0886 2084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22CA4800 15:54:57.0886 2084 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x22CA5000, BlocksNum 0x2789000 15:54:57.0886 2084 ============================================================ 15:54:57.0933 2084 C: <-> \Device\Harddisk0\DR0\Partition1 15:54:58.0370 2084 D: <-> \Device\Harddisk0\DR0\Partition2 15:54:58.0370 2084 ============================================================ 15:54:58.0370 2084 Initialize success 15:54:58.0370 2084 ============================================================ 15:58:07.0848 21272 ============================================================ 15:58:07.0848 21272 Scan started 15:58:07.0848 21272 Mode: Manual; SigCheck; TDLFS; 15:58:07.0848 21272 ============================================================ 15:58:08.0628 21272 ================ Scan system memory ======================== 15:58:08.0628 21272 System memory - ok 15:58:08.0628 21272 ================ Scan services ============================= 15:58:08.0924 21272 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 15:58:09.0018 21272 ACPI - ok 15:58:09.0111 21272 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:58:09.0127 21272 AdobeFlashPlayerUpdateSvc - ok 15:58:09.0189 21272 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 15:58:09.0205 21272 adp94xx - ok 15:58:09.0236 21272 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 15:58:09.0252 21272 adpahci - ok 15:58:09.0283 21272 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 15:58:09.0283 21272 adpu160m - ok 15:58:09.0314 21272 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 15:58:09.0314 21272 adpu320 - ok 15:58:09.0376 21272 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:58:09.0423 21272 AeLookupSvc - ok 15:58:09.0486 21272 [ 763E172A55177E478CB419F88FD0BA03 ] AFD C:\Windows\system32\drivers\afd.sys 15:58:09.0532 21272 AFD - ok 15:58:09.0595 21272 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 15:58:09.0595 21272 agp440 - ok 15:58:09.0642 21272 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 15:58:09.0657 21272 aic78xx - ok 15:58:09.0673 21272 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 15:58:09.0704 21272 ALG - ok 15:58:09.0876 21272 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 15:58:09.0891 21272 aliide - ok 15:58:09.0938 21272 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 15:58:09.0938 21272 amdagp - ok 15:58:09.0954 21272 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 15:58:09.0969 21272 amdide - ok 15:58:10.0016 21272 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 15:58:10.0047 21272 AmdK7 - ok 15:58:10.0094 21272 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 15:58:10.0125 21272 AmdK8 - ok 15:58:10.0266 21272 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 15:58:10.0281 21272 AntiVirSchedulerService - ok 15:58:10.0359 21272 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 15:58:10.0375 21272 AntiVirService - ok 15:58:10.0422 21272 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 15:58:10.0468 21272 Appinfo - ok 15:58:10.0656 21272 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 15:58:10.0656 21272 arc - ok 15:58:10.0718 21272 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 15:58:10.0734 21272 arcsas - ok 15:58:10.0874 21272 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:58:10.0890 21272 aspnet_state - ok 15:58:10.0936 21272 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:58:10.0968 21272 AsyncMac - ok 15:58:11.0061 21272 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys 15:58:11.0061 21272 atapi - ok 15:58:11.0155 21272 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:58:11.0170 21272 AudioEndpointBuilder - ok 15:58:11.0186 21272 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 15:58:11.0217 21272 Audiosrv - ok 15:58:11.0311 21272 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:58:11.0389 21272 avgntflt - ok 15:58:11.0436 21272 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 15:58:11.0436 21272 avipbb - ok 15:58:11.0498 21272 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 15:58:11.0514 21272 avkmgr - ok 15:58:11.0592 21272 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 15:58:11.0607 21272 Beep - ok 15:58:11.0654 21272 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 15:58:11.0685 21272 BFE - ok 15:58:11.0748 21272 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 15:58:11.0779 21272 BITS - ok 15:58:11.0810 21272 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 15:58:11.0826 21272 blbdrive - ok 15:58:11.0841 21272 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:58:11.0872 21272 bowser - ok 15:58:11.0966 21272 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 15:58:11.0982 21272 BrFiltLo - ok 15:58:12.0028 21272 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 15:58:12.0060 21272 BrFiltUp - ok 15:58:12.0122 21272 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 15:58:12.0200 21272 Browser - ok 15:58:12.0278 21272 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 15:58:12.0340 21272 Brserid - ok 15:58:12.0372 21272 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 15:58:12.0418 21272 BrSerWdm - ok 15:58:12.0434 21272 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 15:58:12.0496 21272 BrUsbMdm - ok 15:58:12.0528 21272 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 15:58:12.0559 21272 BrUsbSer - ok 15:58:12.0699 21272 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 15:58:12.0715 21272 BthEnum - ok 15:58:12.0886 21272 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 15:58:12.0933 21272 BTHMODEM - ok 15:58:12.0996 21272 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 15:58:13.0027 21272 BthPan - ok 15:58:13.0136 21272 [ AC8A1689D5EFC4D214201155A78D8F4B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 15:58:13.0152 21272 BTHPORT - ok 15:58:13.0183 21272 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 15:58:13.0214 21272 BthServ - ok 15:58:13.0245 21272 [ 288C1F74E3E2EED6C7B54EB3AAC70856 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 15:58:13.0245 21272 BTHUSB - ok 15:58:13.0292 21272 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:58:13.0308 21272 cdfs - ok 15:58:13.0417 21272 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 15:58:13.0448 21272 cdrom - ok 15:58:13.0496 21272 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 15:58:13.0527 21272 CertPropSvc - ok 15:58:13.0558 21272 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 15:58:13.0574 21272 circlass - ok 15:58:13.0621 21272 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 15:58:13.0636 21272 CLFS - ok 15:58:13.0730 21272 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:58:13.0730 21272 clr_optimization_v2.0.50727_32 - ok 15:58:13.0839 21272 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 15:58:13.0870 21272 CmBatt - ok 15:58:14.0011 21272 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:58:14.0011 21272 cmdide - ok 15:58:14.0057 21272 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 15:58:14.0057 21272 Compbatt - ok 15:58:14.0073 21272 COMSysApp - ok 15:58:14.0104 21272 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 15:58:14.0120 21272 crcdisk - ok 15:58:14.0135 21272 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 15:58:14.0167 21272 Crusoe - ok 15:58:14.0213 21272 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:58:14.0245 21272 CryptSvc - ok 15:58:14.0338 21272 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:58:14.0354 21272 DcomLaunch - ok 15:58:14.0401 21272 [ 9E635AE5E8AD93E2B5989E2E23679F97 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:58:14.0416 21272 DfsC - ok 15:58:14.0510 21272 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 15:58:14.0603 21272 DFSR - ok 15:58:14.0635 21272 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 15:58:14.0666 21272 Dhcp - ok 15:58:14.0697 21272 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 15:58:14.0697 21272 disk - ok 15:58:14.0713 21272 [ F5A0F1DA1ED8B429597E71D27D976E31 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:58:14.0744 21272 Dnscache - ok 15:58:14.0759 21272 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 15:58:14.0775 21272 dot3svc - ok 15:58:14.0853 21272 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 15:58:14.0884 21272 Dot4 - ok 15:58:14.0931 21272 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:58:14.0947 21272 Dot4Print - ok 15:58:14.0993 21272 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 15:58:15.0025 21272 dot4usb - ok 15:58:15.0040 21272 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 15:58:15.0071 21272 DPS - ok 15:58:15.0134 21272 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:58:15.0149 21272 drmkaud - ok 15:58:15.0259 21272 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:58:15.0290 21272 DXGKrnl - ok 15:58:15.0321 21272 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 15:58:15.0352 21272 E1G60 - ok 15:58:15.0617 21272 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 15:58:15.0649 21272 EapHost - ok 15:58:15.0727 21272 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 15:58:15.0727 21272 Ecache - ok 15:58:15.0929 21272 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:58:15.0945 21272 ehRecvr - ok 15:58:15.0992 21272 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 15:58:16.0007 21272 ehSched - ok 15:58:16.0070 21272 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 15:58:16.0085 21272 ehstart - ok 15:58:16.0413 21272 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 15:58:16.0413 21272 elxstor - ok 15:58:16.0460 21272 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 15:58:16.0491 21272 EMDMgmt - ok 15:58:16.0538 21272 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:58:16.0569 21272 ErrDev - ok 15:58:16.0631 21272 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys 15:58:16.0631 21272 EsgScanner - ok 15:58:16.0663 21272 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 15:58:16.0678 21272 EventSystem - ok 15:58:16.0725 21272 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 15:58:16.0756 21272 exfat - ok 15:58:16.0819 21272 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:58:16.0850 21272 fastfat - ok 15:58:16.0912 21272 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 15:58:16.0928 21272 fdc - ok 15:58:16.0959 21272 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 15:58:16.0975 21272 fdPHost - ok 15:58:17.0006 21272 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 15:58:17.0053 21272 FDResPub - ok 15:58:17.0084 21272 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:58:17.0084 21272 FileInfo - ok 15:58:17.0131 21272 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:58:17.0162 21272 Filetrace - ok 15:58:17.0302 21272 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 15:58:17.0318 21272 flpydisk - ok 15:58:17.0333 21272 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:58:17.0333 21272 FltMgr - ok 15:58:17.0817 21272 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 15:58:17.0817 21272 FontCache3.0.0.0 - ok 15:58:17.0911 21272 [ 78C108C807AFDC45D7867B96D01AA8F2 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys 15:58:17.0926 21272 FPSensor - ok 15:58:18.0051 21272 [ 4EFF8408DD280F2468C39D0F4A2CEC0D ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys 15:58:18.0051 21272 FPWinIo - ok 15:58:18.0082 21272 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:58:18.0098 21272 Fs_Rec - ok 15:58:18.0129 21272 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 15:58:18.0129 21272 gagp30kx - ok 15:58:18.0191 21272 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:58:18.0207 21272 GEARAspiWDM - ok 15:58:18.0238 21272 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 15:58:18.0269 21272 gpsvc - ok 15:58:18.0316 21272 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 15:58:18.0363 21272 HdAudAddService - ok 15:58:18.0394 21272 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 15:58:18.0410 21272 HDAudBus - ok 15:58:18.0441 21272 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 15:58:18.0488 21272 HidBth - ok 15:58:18.0519 21272 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 15:58:18.0566 21272 HidIr - ok 15:58:18.0659 21272 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 15:58:18.0691 21272 hidserv - ok 15:58:18.0800 21272 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 15:58:18.0815 21272 HidUsb - ok 15:58:18.0956 21272 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:58:18.0971 21272 hkmsvc - ok 15:58:19.0049 21272 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 15:58:19.0065 21272 HpCISSs - ok 15:58:19.0299 21272 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 15:58:19.0315 21272 hpqcxs08 - ok 15:58:19.0361 21272 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 15:58:19.0361 21272 hpqddsvc - ok 15:58:19.0627 21272 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:58:19.0705 21272 HTTP - ok 15:58:19.0767 21272 hwdatacard - ok 15:58:19.0783 21272 hwusbdev - ok 15:58:19.0861 21272 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 15:58:19.0876 21272 i2omp - ok 15:58:19.0907 21272 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 15:58:19.0923 21272 i8042prt - ok 15:58:20.0001 21272 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 15:58:20.0017 21272 iaStorV - ok 15:58:20.0188 21272 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 15:58:20.0188 21272 IDriverT ( UnsignedFile.Multi.Generic ) - warning 15:58:20.0188 21272 IDriverT - detected UnsignedFile.Multi.Generic (1) 15:58:20.0313 21272 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:58:20.0360 21272 idsvc - ok 15:58:20.0516 21272 [ BE449D6218D34D93A95C1D2873DD8A5D ] IGBASVC C:\Program Files\EgisTec\VITAKEY\BASVC.exe 15:58:20.0594 21272 IGBASVC - ok 15:58:20.0641 21272 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 15:58:20.0641 21272 iirsp - ok 15:58:20.0687 21272 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 15:58:20.0719 21272 IKEEXT - ok 15:58:20.0859 21272 [ C3C499A704A2D7958D9D7E5A9DB60CE4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 15:58:20.0937 21272 IntcAzAudAddService - ok 15:58:20.0999 21272 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 15:58:20.0999 21272 intelide - ok 15:58:21.0046 21272 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 15:58:21.0077 21272 intelppm - ok 15:58:21.0187 21272 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:58:21.0202 21272 IPBusEnum - ok 15:58:21.0249 21272 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:58:21.0280 21272 IpFilterDriver - ok 15:58:21.0374 21272 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:58:21.0405 21272 iphlpsvc - ok 15:58:21.0405 21272 IpInIp - ok 15:58:21.0452 21272 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 15:58:21.0467 21272 IPMIDRV - ok 15:58:21.0514 21272 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 15:58:21.0545 21272 IPNAT - ok 15:58:22.0169 21272 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:58:22.0201 21272 IRENUM - ok 15:58:22.0294 21272 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:58:22.0310 21272 isapnp - ok 15:58:22.0388 21272 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 15:58:22.0388 21272 iScsiPrt - ok 15:58:22.0435 21272 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 15:58:22.0450 21272 iteatapi - ok 15:58:22.0481 21272 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 15:58:22.0481 21272 iteraid - ok 15:58:22.0513 21272 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:58:22.0528 21272 kbdclass - ok 15:58:22.0544 21272 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:58:22.0559 21272 kbdhid - ok 15:58:22.0684 21272 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 15:58:22.0700 21272 KeyIso - ok 15:58:22.0762 21272 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:58:22.0778 21272 KSecDD - ok 15:58:22.0840 21272 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 15:58:22.0856 21272 KtmRm - ok 15:58:22.0934 21272 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll 15:58:22.0965 21272 LanmanServer - ok 15:58:23.0012 21272 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:58:23.0027 21272 LanmanWorkstation - ok 15:58:23.0059 21272 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:58:23.0090 21272 lltdio - ok 15:58:23.0277 21272 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:58:23.0308 21272 lltdsvc - ok 15:58:23.0324 21272 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:58:23.0371 21272 lmhosts - ok 15:58:23.0480 21272 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 15:58:23.0495 21272 LSI_FC - ok 15:58:23.0589 21272 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 15:58:23.0605 21272 LSI_SAS - ok 15:58:23.0683 21272 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 15:58:23.0698 21272 LSI_SCSI - ok 15:58:23.0714 21272 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 15:58:23.0745 21272 luafv - ok 15:58:23.0807 21272 MBAMSwissArmy - ok 15:58:23.0932 21272 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe 15:58:23.0948 21272 McComponentHostService - ok 15:58:24.0166 21272 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:58:24.0182 21272 Mcx2Svc - ok 15:58:24.0447 21272 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 15:58:24.0463 21272 megasas - ok 15:58:24.0525 21272 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 15:58:24.0541 21272 MegaSR - ok 15:58:24.0603 21272 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 15:58:24.0634 21272 MMCSS - ok 15:58:24.0697 21272 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 15:58:24.0728 21272 Modem - ok 15:58:24.0759 21272 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:58:24.0790 21272 monitor - ok 15:58:24.0821 21272 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:58:24.0837 21272 mouclass - ok 15:58:24.0853 21272 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:58:24.0884 21272 mouhid - ok 15:58:25.0414 21272 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 15:58:25.0461 21272 MountMgr - ok 15:58:25.0523 21272 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 15:58:25.0539 21272 MozillaMaintenance - ok 15:58:25.0586 21272 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 15:58:25.0586 21272 mpio - ok 15:58:25.0617 21272 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:58:25.0633 21272 mpsdrv - ok 15:58:25.0757 21272 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 15:58:25.0804 21272 MpsSvc - ok 15:58:25.0820 21272 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 15:58:25.0835 21272 Mraid35x - ok 15:58:25.0851 21272 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:58:25.0867 21272 MRxDAV - ok 15:58:26.0771 21272 [ 7AFC42E60432FD1014F5342F2B1B1F74 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:58:26.0787 21272 mrxsmb - ok 15:58:26.0849 21272 [ 8A75752AE17924F65452746674B14B78 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:58:26.0849 21272 mrxsmb10 - ok 15:58:26.0896 21272 [ F4D0F3252E651F02BE64984FFA738394 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:58:26.0912 21272 mrxsmb20 - ok 15:58:26.0959 21272 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 15:58:26.0959 21272 msahci - ok 15:58:27.0083 21272 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:58:27.0099 21272 msdsm - ok 15:58:27.0146 21272 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 15:58:27.0177 21272 MSDTC - ok 15:58:27.0208 21272 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:58:27.0239 21272 Msfs - ok 15:58:27.0271 21272 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:58:27.0271 21272 msisadrv - ok 15:58:27.0349 21272 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:58:27.0380 21272 MSiSCSI - ok 15:58:27.0380 21272 msiserver - ok 15:58:27.0442 21272 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:58:27.0458 21272 MSKSSRV - ok 15:58:27.0505 21272 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:58:27.0536 21272 MSPCLOCK - ok 15:58:27.0583 21272 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:58:27.0614 21272 MSPQM - ok 15:58:27.0629 21272 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:58:27.0645 21272 MsRPC - ok 15:58:27.0661 21272 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 15:58:27.0676 21272 mssmbios - ok 15:58:27.0692 21272 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:58:27.0739 21272 MSTEE - ok 15:58:27.0770 21272 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 15:58:27.0801 21272 Mup - ok 15:58:27.0879 21272 [ 62D3C8E2E75ABD9FC3DEE1B0E5B437E0 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 15:58:27.0879 21272 mwlPSDFilter - ok 15:58:27.0910 21272 [ 3963DB3D50D60D17CE7A5EB7D4DA2E7D ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 15:58:27.0910 21272 mwlPSDNServ - ok 15:58:27.0957 21272 [ C6DE675CE2F2B6E4F78BF7E8187FC1EC ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 15:58:27.0973 21272 mwlPSDVDisk - ok 15:58:28.0066 21272 [ 3FD2D2F48C05C9E8EC0A8D61BCE12BFA ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe 15:58:28.0066 21272 MWLService - ok 15:58:28.0144 21272 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 15:58:28.0160 21272 napagent - ok 15:58:28.0222 21272 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:58:28.0238 21272 NativeWifiP - ok 15:58:28.0300 21272 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 15:58:28.0316 21272 NDIS - ok 15:58:28.0378 21272 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:58:28.0409 21272 NdisTapi - ok 15:58:28.0472 21272 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:58:28.0503 21272 Ndisuio - ok 15:58:28.0550 21272 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:58:28.0581 21272 NdisWan - ok 15:58:28.0628 21272 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:58:28.0659 21272 NDProxy - ok 15:58:28.0846 21272 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 15:58:28.0909 21272 Nero BackItUp Scheduler 3 - ok 15:58:28.0971 21272 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 15:58:28.0971 21272 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:58:28.0971 21272 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:58:29.0002 21272 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:58:29.0018 21272 NetBIOS - ok 15:58:29.0127 21272 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 15:58:29.0158 21272 netbt - ok 15:58:29.0236 21272 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 15:58:29.0252 21272 Netlogon - ok 15:58:29.0501 21272 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 15:58:29.0548 21272 Netman - ok 15:58:29.0611 21272 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:58:29.0626 21272 NetMsmqActivator - ok 15:58:29.0657 21272 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:58:29.0657 21272 NetPipeActivator - ok 15:58:29.0751 21272 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 15:58:29.0782 21272 netprofm - ok 15:58:29.0782 21272 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:58:29.0798 21272 NetTcpActivator - ok 15:58:29.0798 21272 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:58:29.0813 21272 NetTcpPortSharing - ok 15:58:29.0985 21272 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 15:58:30.0188 21272 NETw5v32 - ok 15:58:30.0250 21272 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 15:58:30.0266 21272 nfrd960 - ok 15:58:30.0313 21272 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:58:30.0344 21272 NlaSvc - ok 15:58:30.0531 21272 [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 15:58:30.0547 21272 NMIndexingService - ok 15:58:30.0609 21272 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:58:30.0656 21272 Npfs - ok 15:58:30.0703 21272 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 15:58:30.0718 21272 nsi - ok 15:58:30.0859 21272 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:58:30.0874 21272 nsiproxy - ok 15:58:30.0952 21272 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:58:31.0030 21272 Ntfs - ok 15:58:31.0046 21272 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 15:58:31.0093 21272 ntrigdigi - ok 15:58:31.0139 21272 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 15:58:31.0171 21272 Null - ok 15:58:31.0529 21272 [ A103162C62C336C2CB3C5E1E2773D17B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 15:58:31.0545 21272 NVHDA - ok 15:58:31.0779 21272 [ 692BD7AE273B8FD16D1EF1677394DD84 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:58:32.0044 21272 nvlddmkm - ok 15:58:32.0216 21272 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:58:32.0231 21272 nvraid - ok 15:58:32.0294 21272 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:58:32.0294 21272 nvstor - ok 15:58:32.0465 21272 [ 7708F81CC3C92E107DA01CAA67DFDB0A ] nvsvc C:\Windows\system32\nvvsvc.exe 15:58:32.0481 21272 nvsvc - ok 15:58:32.0543 21272 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:58:32.0559 21272 nv_agp - ok 15:58:32.0559 21272 NwlnkFlt - ok 15:58:32.0559 21272 NwlnkFwd - ok 15:58:32.0637 21272 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:58:32.0699 21272 ohci1394 - ok 15:58:32.0809 21272 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:58:32.0809 21272 ose - ok 15:58:33.0058 21272 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 15:58:33.0074 21272 p2pimsvc - ok 15:58:33.0105 21272 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 15:58:33.0121 21272 p2psvc - ok 15:58:33.0183 21272 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 15:58:33.0230 21272 Parport - ok 15:58:33.0245 21272 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:58:33.0261 21272 partmgr - ok 15:58:33.0589 21272 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 15:58:33.0635 21272 Parvdm - ok 15:58:33.0776 21272 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 15:58:33.0791 21272 PcaSvc - ok 15:58:33.0823 21272 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 15:58:33.0838 21272 pci - ok 15:58:34.0384 21272 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 15:58:34.0384 21272 pciide - ok 15:58:34.0431 21272 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 15:58:34.0447 21272 pcmcia - ok 15:58:34.0509 21272 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:58:34.0587 21272 PEAUTH - ok 15:58:34.0649 21272 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys 15:58:34.0696 21272 PhilCap - ok 15:58:34.0774 21272 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 15:58:34.0837 21272 pla - ok 15:58:34.0899 21272 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe 15:58:34.0899 21272 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 15:58:34.0899 21272 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 15:58:34.0977 21272 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:58:35.0008 21272 PlugPlay - ok 15:58:35.0055 21272 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 15:58:35.0055 21272 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:58:35.0055 21272 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:58:35.0071 21272 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 15:58:35.0102 21272 PNRPAutoReg - ok 15:58:35.0117 21272 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 15:58:35.0133 21272 PNRPsvc - ok 15:58:35.0195 21272 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:58:35.0211 21272 PolicyAgent - ok 15:58:35.0273 21272 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:58:35.0305 21272 PptpMiniport - ok 15:58:35.0383 21272 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 15:58:35.0398 21272 Processor - ok 15:58:35.0445 21272 Profos - ok 15:58:35.0492 21272 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 15:58:35.0523 21272 ProfSvc - ok 15:58:35.0554 21272 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:58:35.0570 21272 ProtectedStorage - ok 15:58:35.0648 21272 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe 15:58:35.0663 21272 ProtexisLicensing - ok 15:58:35.0695 21272 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 15:58:35.0757 21272 PSched - ok 15:58:35.0835 21272 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 15:58:35.0897 21272 ql2300 - ok 15:58:35.0944 21272 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 15:58:35.0944 21272 ql40xx - ok 15:58:36.0007 21272 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 15:58:36.0022 21272 QWAVE - ok 15:58:36.0085 21272 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:58:36.0085 21272 QWAVEdrv - ok 15:58:36.0147 21272 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:58:36.0178 21272 RasAcd - ok 15:58:36.0241 21272 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 15:58:36.0272 21272 RasAuto - ok 15:58:36.0319 21272 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:58:36.0334 21272 Rasl2tp - ok 15:58:36.0397 21272 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 15:58:36.0412 21272 RasMan - ok 15:58:36.0475 21272 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:58:36.0506 21272 RasPppoe - ok 15:58:36.0521 21272 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:58:36.0553 21272 RasSstp - ok 15:58:36.0599 21272 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:58:36.0631 21272 rdbss - ok 15:58:36.0677 21272 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:58:36.0693 21272 RDPCDD - ok 15:58:36.0740 21272 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 15:58:36.0771 21272 rdpdr - ok 15:58:36.0818 21272 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:58:36.0849 21272 RDPENCDD - ok 15:58:36.0896 21272 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:58:36.0927 21272 RDPWD - ok 15:58:36.0989 21272 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:58:37.0021 21272 RemoteAccess - ok 15:58:37.0067 21272 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:58:37.0099 21272 RemoteRegistry - ok 15:58:37.0161 21272 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 15:58:37.0177 21272 RFCOMM - ok 15:58:37.0270 21272 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 15:58:37.0286 21272 RichVideo ( UnsignedFile.Multi.Generic ) - warning 15:58:37.0286 21272 RichVideo - detected UnsignedFile.Multi.Generic (1) 15:58:37.0348 21272 RimUsb - ok 15:58:37.0395 21272 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys 15:58:37.0395 21272 RimVSerPort - ok 15:58:37.0457 21272 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 15:58:37.0473 21272 ROOTMODEM - ok 15:58:37.0551 21272 RoxLiveShare9 - ok 15:58:37.0629 21272 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 15:58:37.0645 21272 RpcLocator - ok 15:58:37.0707 21272 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 15:58:37.0738 21272 RpcSs - ok 15:58:37.0801 21272 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:58:37.0832 21272 rspndr - ok 15:58:37.0972 21272 [ 174B9514CD1A0C33CE4BBC02A3C81A62 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 15:58:38.0066 21272 RTL8169 - ok 15:58:38.0097 21272 [ 9EA88492B1DAB90DCE43A6F2C0E133BD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 15:58:38.0113 21272 RTSTOR - ok 15:58:38.0128 21272 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 15:58:38.0144 21272 SamSs - ok 15:58:38.0191 21272 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:58:38.0206 21272 sbp2port - ok 15:58:38.0237 21272 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:58:38.0269 21272 SCardSvr - ok 15:58:38.0315 21272 [ 1D5E99DB3C10F4FA034010DC49043CA4 ] Schedule C:\Windows\system32\schedsvc.dll 15:58:38.0362 21272 Schedule - ok 15:58:38.0362 21272 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 15:58:38.0393 21272 SCPolicySvc - ok 15:58:38.0425 21272 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:58:38.0440 21272 SDRSVC - ok 15:58:38.0503 21272 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:58:38.0565 21272 secdrv - ok 15:58:38.0612 21272 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 15:58:38.0627 21272 seclogon - ok 15:58:38.0643 21272 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 15:58:38.0674 21272 SENS - ok 15:58:38.0721 21272 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 15:58:38.0768 21272 Serenum - ok 15:58:38.0799 21272 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 15:58:38.0846 21272 Serial - ok 15:58:38.0877 21272 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 15:58:38.0908 21272 sermouse - ok 15:58:38.0971 21272 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 15:58:39.0002 21272 SessionEnv - ok 15:58:39.0049 21272 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 15:58:39.0064 21272 sffdisk - ok 15:58:39.0111 21272 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:58:39.0142 21272 sffp_mmc - ok 15:58:39.0189 21272 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 15:58:39.0220 21272 sffp_sd - ok 15:58:39.0251 21272 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 15:58:39.0298 21272 sfloppy - ok 15:58:39.0361 21272 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:58:39.0392 21272 SharedAccess - ok 15:58:39.0579 21272 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:58:39.0610 21272 ShellHWDetection - ok 15:58:39.0922 21272 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 15:58:39.0922 21272 sisagp - ok 15:58:39.0985 21272 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 15:58:40.0000 21272 SiSRaid2 - ok 15:58:40.0094 21272 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 15:58:40.0109 21272 SiSRaid4 - ok 15:58:40.0624 21272 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 15:58:40.0765 21272 Skype C2C Service - ok 15:58:40.0858 21272 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 15:58:40.0858 21272 SkypeUpdate - ok 15:58:40.0983 21272 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 15:58:41.0108 21272 slsvc - ok 15:58:41.0155 21272 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 15:58:41.0186 21272 SLUINotify - ok 15:58:41.0201 21272 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:58:41.0233 21272 Smb - ok 15:58:41.0279 21272 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:58:41.0295 21272 SNMPTRAP - ok 15:58:41.0451 21272 [ 913D2CE973ED904FE54DE9DB38FCEFF2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 15:58:41.0513 21272 SNP2UVC - ok 15:58:41.0560 21272 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 15:58:41.0560 21272 spldr - ok 15:58:41.0623 21272 [ 846CDF9A3CF4DA9B306ADFB7D55EE4C2 ] Spooler C:\Windows\System32\spoolsv.exe 15:58:41.0654 21272 Spooler - ok 15:58:41.0732 21272 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 15:58:41.0732 21272 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 15:58:41.0732 21272 sptd ( LockedFile.Multi.Generic ) - warning 15:58:41.0732 21272 sptd - detected LockedFile.Multi.Generic (1) 15:58:42.0013 21272 [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 15:58:42.0044 21272 SpyHunter 4 Service - ok 15:58:42.0122 21272 [ 8E5FC19B3B38364C5F44CCECEC5248E9 ] srv C:\Windows\system32\DRIVERS\srv.sys 15:58:42.0137 21272 srv - ok 15:58:42.0184 21272 [ 4CEEB95E0B79E48B81F2DA0A6C24C64B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:58:42.0200 21272 srv2 - ok 15:58:42.0325 21272 [ 71DB619F4068D7C70D447D73617CDFAC ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe 15:58:42.0418 21272 srvcPVR ( UnsignedFile.Multi.Generic ) - warning 15:58:42.0418 21272 srvcPVR - detected UnsignedFile.Multi.Generic (1) 15:58:42.0465 21272 [ F9C65E1E00A6BBF7C57D9B8EA068C525 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:58:42.0465 21272 srvnet - ok 15:58:42.0543 21272 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:58:42.0574 21272 SSDPSRV - ok 15:58:42.0668 21272 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 15:58:42.0683 21272 ssmdrv - ok 15:58:42.0683 21272 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:58:42.0699 21272 SstpSvc - ok 15:58:42.0746 21272 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 15:58:42.0761 21272 StillCam - ok 15:58:42.0839 21272 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 15:58:42.0855 21272 stisvc - ok 15:58:42.0886 21272 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 15:58:42.0902 21272 swenum - ok 15:58:43.0089 21272 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 15:58:43.0120 21272 swprv - ok 15:58:43.0151 21272 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 15:58:43.0167 21272 Symc8xx - ok 15:58:43.0214 21272 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 15:58:43.0214 21272 Sym_hi - ok 15:58:43.0276 21272 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 15:58:43.0292 21272 Sym_u3 - ok 15:58:43.0339 21272 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 15:58:43.0370 21272 SysMain - ok 15:58:43.0432 21272 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:58:43.0448 21272 TabletInputService - ok 15:58:43.0463 21272 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 15:58:43.0495 21272 TapiSrv - ok 15:58:43.0557 21272 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 15:58:43.0573 21272 TBS - ok 15:58:43.0666 21272 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:58:43.0760 21272 Tcpip - ok 15:58:43.0791 21272 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 15:58:43.0853 21272 Tcpip6 - ok 15:58:43.0885 21272 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:58:43.0916 21272 tcpipreg - ok 15:58:43.0963 21272 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:58:43.0994 21272 TDPIPE - ok 15:58:44.0025 21272 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:58:44.0056 21272 TDTCP - ok 15:58:44.0103 21272 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:58:44.0134 21272 tdx - ok 15:58:44.0197 21272 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 15:58:44.0212 21272 TermDD - ok 15:58:44.0290 21272 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 15:58:44.0321 21272 TermService - ok 15:58:44.0415 21272 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll 15:58:44.0446 21272 Themes - ok 15:58:45.0476 21272 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 15:58:45.0507 21272 THREADORDER - ok 15:58:45.0554 21272 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 15:58:45.0601 21272 TrkWks - ok 15:58:45.0663 21272 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:58:45.0679 21272 TrustedInstaller - ok 15:58:45.0741 21272 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:58:45.0757 21272 tssecsrv - ok 15:58:45.0850 21272 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 15:58:45.0850 21272 tunmp - ok 15:58:45.0959 21272 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:58:45.0975 21272 tunnel - ok 15:58:45.0991 21272 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 15:58:45.0991 21272 uagp35 - ok 15:58:46.0022 21272 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:58:46.0037 21272 udfs - ok 15:58:46.0084 21272 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:58:46.0100 21272 UI0Detect - ok 15:58:46.0115 21272 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:58:46.0131 21272 uliagpkx - ok 15:58:46.0443 21272 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 15:58:46.0459 21272 uliahci - ok 15:58:46.0474 21272 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 15:58:46.0490 21272 UlSata - ok 15:58:46.0521 21272 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 15:58:46.0537 21272 ulsata2 - ok 15:58:46.0552 21272 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 15:58:46.0583 21272 umbus - ok 15:58:46.0630 21272 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 15:58:46.0661 21272 upnphost - ok 15:58:46.0661 21272 USBAAPL - ok 15:58:46.0755 21272 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:58:46.0771 21272 usbccgp - ok 15:58:46.0817 21272 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:58:46.0864 21272 usbcir - ok 15:58:46.0958 21272 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:58:46.0973 21272 usbehci - ok 15:58:47.0005 21272 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:58:47.0020 21272 usbhub - ok 15:58:47.0067 21272 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 15:58:47.0098 21272 usbohci - ok 15:58:47.0129 21272 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 15:58:47.0161 21272 usbprint - ok 15:58:47.0223 21272 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 15:58:47.0239 21272 usbscan - ok 15:58:47.0348 21272 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:58:47.0363 21272 USBSTOR - ok 15:58:47.0395 21272 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 15:58:47.0410 21272 usbuhci - ok 15:58:47.0473 21272 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 15:58:47.0488 21272 usbvideo - ok 15:58:47.0535 21272 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 15:58:47.0566 21272 UxSms - ok 15:58:47.0597 21272 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 15:58:47.0660 21272 vds - ok 15:58:47.0691 21272 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:58:47.0738 21272 vga - ok 15:58:47.0769 21272 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 15:58:47.0785 21272 VgaSave - ok 15:58:47.0816 21272 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 15:58:47.0816 21272 viaagp - ok 15:58:47.0894 21272 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 15:58:47.0909 21272 ViaC7 - ok 15:58:47.0972 21272 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 15:58:47.0972 21272 viaide - ok 15:58:48.0050 21272 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:58:48.0065 21272 volmgr - ok 15:58:48.0097 21272 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:58:48.0112 21272 volmgrx - ok 15:58:48.0128 21272 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:58:48.0128 21272 volsnap - ok 15:58:48.0159 21272 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 15:58:48.0159 21272 vsmraid - ok 15:58:48.0237 21272 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 15:58:48.0299 21272 VSS - ok 15:58:48.0315 21272 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 15:58:48.0362 21272 W32Time - ok 15:58:48.0377 21272 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 15:58:48.0424 21272 WacomPen - ok 15:58:48.0455 21272 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 15:58:48.0471 21272 Wanarp - ok 15:58:48.0471 21272 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:58:48.0487 21272 Wanarpv6 - ok 15:58:48.0518 21272 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:58:48.0580 21272 wcncsvc - ok 15:58:48.0596 21272 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:58:48.0611 21272 WcsPlugInService - ok 15:58:48.0689 21272 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 15:58:48.0689 21272 Wd - ok 15:58:48.0783 21272 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:58:48.0799 21272 Wdf01000 - ok 15:58:48.0830 21272 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:58:48.0861 21272 WdiServiceHost - ok 15:58:48.0861 21272 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:58:48.0877 21272 WdiSystemHost - ok 15:58:48.0939 21272 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 15:58:48.0955 21272 WebClient - ok 15:58:49.0001 21272 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:58:49.0017 21272 Wecsvc - ok 15:58:49.0064 21272 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:58:49.0126 21272 wercplsupport - ok 15:58:49.0173 21272 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 15:58:49.0173 21272 WerSvc - ok 15:58:49.0251 21272 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 15:58:49.0267 21272 WinDefend - ok 15:58:49.0267 21272 WinHttpAutoProxySvc - ok 15:58:49.0313 21272 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:58:49.0345 21272 Winmgmt - ok 15:58:49.0391 21272 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll 15:58:49.0438 21272 WinRM - ok 15:58:49.0501 21272 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 15:58:49.0516 21272 WinUSB - ok 15:58:49.0610 21272 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 15:58:49.0625 21272 Wlansvc - ok 15:58:49.0657 21272 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 15:58:49.0672 21272 WmiAcpi - ok 15:58:49.0735 21272 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:58:49.0766 21272 wmiApSrv - ok 15:58:50.0140 21272 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 15:58:50.0203 21272 WMPNetworkSvc - ok 15:58:50.0265 21272 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:58:50.0265 21272 WPCSvc - ok 15:58:50.0312 21272 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:58:50.0327 21272 WPDBusEnum - ok 15:58:50.0405 21272 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 15:58:50.0421 21272 WpdUsb - ok 15:58:50.0452 21272 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:58:50.0468 21272 ws2ifsl - ok 15:58:50.0499 21272 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 15:58:50.0530 21272 wscsvc - ok 15:58:50.0530 21272 WSearch - ok 15:58:50.0624 21272 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 15:58:50.0717 21272 wuauserv - ok 15:58:50.0733 21272 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:58:50.0764 21272 WUDFRd - ok 15:58:50.0811 21272 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:58:50.0842 21272 wudfsvc - ok 15:58:50.0905 21272 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys 15:58:50.0920 21272 X10Hid - ok 15:58:50.0998 21272 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 15:58:51.0014 21272 x10nets ( UnsignedFile.Multi.Generic ) - warning 15:58:51.0014 21272 x10nets - detected UnsignedFile.Multi.Generic (1) 15:58:51.0045 21272 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys 15:58:51.0045 21272 XUIF - ok 15:58:51.0076 21272 ================ Scan global =============================== 15:58:51.0107 21272 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 15:58:51.0139 21272 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 15:58:51.0201 21272 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 15:58:51.0279 21272 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 15:58:51.0279 21272 [Global] - ok 15:58:51.0279 21272 ================ Scan MBR ================================== 15:58:51.0295 21272 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 15:58:51.0685 21272 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 15:58:51.0685 21272 \Device\Harddisk0\DR0 - detected TDSS File System (1) 15:58:51.0685 21272 ================ Scan VBR ================================== 15:58:51.0685 21272 [ D388FB9CCF230EC959D1A647C421C6B8 ] \Device\Harddisk0\DR0\Partition1 15:58:51.0700 21272 \Device\Harddisk0\DR0\Partition1 - ok 15:58:51.0794 21272 [ 6F7E15BF1F320FCCDD1AB9F387F82803 ] \Device\Harddisk0\DR0\Partition2 15:58:51.0794 21272 \Device\Harddisk0\DR0\Partition2 - ok 15:58:51.0794 21272 ============================================================ 15:58:51.0794 21272 Scan finished 15:58:51.0794 21272 ============================================================ 15:58:51.0809 21264 Detected object count: 9 15:58:51.0809 21264 Actual detected object count: 9 15:59:12.0776 21264 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0776 21264 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 15:59:12.0791 21264 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:59:12.0791 21264 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 15:59:12.0791 21264 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip |
|
21.12.2012, 16:50
| #10 |
| /// Malware-holic | cash-trojaner in form von antivirus programm Hi versuch noch mal bei dem Fund TDSS File System Cure bzw delete zu wählen, dann neustarten und TDSS Killer ausführen wie oben.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.12.2012, 18:53
| #11 |
| | cash-trojaner in form von antivirus programm sooo...hier das nächste log 18:51:17.0804 4984 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 18:51:18.0085 4984 ============================================================ 18:51:18.0085 4984 Current date / time: 2012/12/21 18:51:18.0085 18:51:18.0085 4984 SystemInfo: 18:51:18.0085 4984 18:51:18.0085 4984 OS Version: 6.0.6001 ServicePack: 1.0 18:51:18.0085 4984 Product type: Workstation 18:51:18.0085 4984 ComputerName: MAX-LAPTOP 18:51:18.0085 4984 UserName: Max 18:51:18.0085 4984 Windows directory: C:\Windows 18:51:18.0085 4984 System windows directory: C:\Windows 18:51:18.0085 4984 Processor architecture: Intel x86 18:51:18.0085 4984 Number of processors: 2 18:51:18.0085 4984 Page size: 0x1000 18:51:18.0085 4984 Boot type: Normal boot 18:51:18.0085 4984 ============================================================ 18:51:19.0723 4984 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:51:19.0739 4984 ============================================================ 18:51:19.0739 4984 \Device\Harddisk0\DR0: 18:51:19.0739 4984 MBR partitions: 18:51:19.0739 4984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22CA4800 18:51:19.0739 4984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x22CA5000, BlocksNum 0x2789000 18:51:19.0739 4984 ============================================================ 18:51:19.0754 4984 C: <-> \Device\Harddisk0\DR0\Partition1 18:51:20.0066 4984 D: <-> \Device\Harddisk0\DR0\Partition2 18:51:20.0066 4984 ============================================================ 18:51:20.0066 4984 Initialize success 18:51:20.0066 4984 ============================================================ 18:51:25.0979 5148 ============================================================ 18:51:25.0979 5148 Scan started 18:51:25.0979 5148 Mode: Manual; SigCheck; TDLFS; 18:51:25.0979 5148 ============================================================ 18:51:27.0492 5148 ================ Scan system memory ======================== 18:51:27.0492 5148 System memory - ok 18:51:27.0492 5148 ================ Scan services ============================= 18:51:27.0851 5148 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 18:51:27.0944 5148 ACPI - ok 18:51:28.0054 5148 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:51:28.0069 5148 AdobeFlashPlayerUpdateSvc - ok 18:51:28.0116 5148 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:51:28.0132 5148 adp94xx - ok 18:51:28.0194 5148 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:51:28.0210 5148 adpahci - ok 18:51:28.0241 5148 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 18:51:28.0256 5148 adpu160m - ok 18:51:28.0350 5148 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:51:28.0366 5148 adpu320 - ok 18:51:28.0412 5148 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:51:28.0428 5148 AeLookupSvc - ok 18:51:28.0490 5148 [ 763E172A55177E478CB419F88FD0BA03 ] AFD C:\Windows\system32\drivers\afd.sys 18:51:28.0522 5148 AFD - ok 18:51:28.0584 5148 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:51:28.0600 5148 agp440 - ok 18:51:28.0646 5148 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 18:51:28.0662 5148 aic78xx - ok 18:51:28.0693 5148 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 18:51:28.0709 5148 ALG - ok 18:51:28.0740 5148 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 18:51:28.0740 5148 aliide - ok 18:51:28.0802 5148 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 18:51:28.0818 5148 amdagp - ok 18:51:28.0834 5148 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 18:51:28.0834 5148 amdide - ok 18:51:28.0880 5148 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 18:51:28.0912 5148 AmdK7 - ok 18:51:28.0927 5148 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:51:28.0943 5148 AmdK8 - ok 18:51:29.0130 5148 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 18:51:29.0146 5148 AntiVirSchedulerService - ok 18:51:29.0177 5148 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 18:51:29.0192 5148 AntiVirService - ok 18:51:29.0270 5148 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 18:51:29.0286 5148 Appinfo - ok 18:51:29.0333 5148 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 18:51:29.0348 5148 arc - ok 18:51:29.0395 5148 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:51:29.0395 5148 arcsas - ok 18:51:29.0551 5148 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 18:51:29.0551 5148 aspnet_state - ok 18:51:29.0614 5148 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:51:29.0629 5148 AsyncMac - ok 18:51:29.0660 5148 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys 18:51:29.0660 5148 atapi - ok 18:51:29.0723 5148 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:51:29.0754 5148 AudioEndpointBuilder - ok 18:51:29.0770 5148 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 18:51:29.0785 5148 Audiosrv - ok 18:51:29.0816 5148 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 18:51:29.0848 5148 avgntflt - ok 18:51:30.0019 5148 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:51:30.0019 5148 avipbb - ok 18:51:30.0097 5148 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:51:30.0097 5148 avkmgr - ok 18:51:30.0144 5148 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 18:51:30.0160 5148 Beep - ok 18:51:30.0206 5148 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 18:51:30.0238 5148 BFE - ok 18:51:30.0284 5148 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 18:51:30.0331 5148 BITS - ok 18:51:30.0347 5148 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 18:51:30.0362 5148 blbdrive - ok 18:51:30.0394 5148 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:51:30.0425 5148 bowser - ok 18:51:30.0487 5148 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 18:51:30.0503 5148 BrFiltLo - ok 18:51:30.0518 5148 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 18:51:30.0534 5148 BrFiltUp - ok 18:51:30.0643 5148 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 18:51:30.0674 5148 Browser - ok 18:51:30.0768 5148 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 18:51:30.0815 5148 Brserid - ok 18:51:30.0830 5148 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 18:51:30.0877 5148 BrSerWdm - ok 18:51:31.0033 5148 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 18:51:31.0080 5148 BrUsbMdm - ok 18:51:31.0158 5148 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 18:51:31.0189 5148 BrUsbSer - ok 18:51:31.0252 5148 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 18:51:31.0252 5148 BthEnum - ok 18:51:31.0298 5148 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:51:31.0345 5148 BTHMODEM - ok 18:51:31.0376 5148 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 18:51:31.0408 5148 BthPan - ok 18:51:31.0486 5148 [ AC8A1689D5EFC4D214201155A78D8F4B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 18:51:31.0501 5148 BTHPORT - ok 18:51:31.0532 5148 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 18:51:31.0548 5148 BthServ - ok 18:51:31.0564 5148 [ 288C1F74E3E2EED6C7B54EB3AAC70856 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 18:51:31.0579 5148 BTHUSB - ok 18:51:31.0657 5148 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:51:31.0673 5148 cdfs - ok 18:51:31.0735 5148 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:51:31.0751 5148 cdrom - ok 18:51:31.0798 5148 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 18:51:31.0813 5148 CertPropSvc - ok 18:51:31.0969 5148 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 18:51:32.0000 5148 circlass - ok 18:51:32.0016 5148 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 18:51:32.0032 5148 CLFS - ok 18:51:32.0125 5148 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:51:32.0125 5148 clr_optimization_v2.0.50727_32 - ok 18:51:32.0188 5148 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:51:32.0203 5148 CmBatt - ok 18:51:32.0250 5148 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:51:32.0250 5148 cmdide - ok 18:51:32.0281 5148 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:51:32.0297 5148 Compbatt - ok 18:51:32.0297 5148 COMSysApp - ok 18:51:32.0297 5148 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:51:32.0312 5148 crcdisk - ok 18:51:32.0406 5148 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 18:51:32.0422 5148 Crusoe - ok 18:51:32.0515 5148 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:51:32.0531 5148 CryptSvc - ok 18:51:32.0671 5148 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:51:32.0718 5148 DcomLaunch - ok 18:51:32.0734 5148 [ 9E635AE5E8AD93E2B5989E2E23679F97 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:51:32.0765 5148 DfsC - ok 18:51:32.0999 5148 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 18:51:33.0077 5148 DFSR - ok 18:51:33.0139 5148 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 18:51:33.0155 5148 Dhcp - ok 18:51:33.0202 5148 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 18:51:33.0202 5148 disk - ok 18:51:33.0217 5148 [ F5A0F1DA1ED8B429597E71D27D976E31 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:51:33.0248 5148 Dnscache - ok 18:51:33.0264 5148 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 18:51:33.0280 5148 dot3svc - ok 18:51:33.0358 5148 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 18:51:33.0389 5148 Dot4 - ok 18:51:33.0451 5148 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 18:51:33.0482 5148 Dot4Print - ok 18:51:33.0607 5148 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 18:51:33.0638 5148 dot4usb - ok 18:51:33.0685 5148 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 18:51:33.0716 5148 DPS - ok 18:51:33.0748 5148 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:51:33.0763 5148 drmkaud - ok 18:51:33.0857 5148 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:51:33.0872 5148 DXGKrnl - ok 18:51:33.0982 5148 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 18:51:33.0997 5148 E1G60 - ok 18:51:34.0060 5148 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 18:51:34.0075 5148 EapHost - ok 18:51:34.0122 5148 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 18:51:34.0138 5148 Ecache - ok 18:51:34.0200 5148 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:51:34.0216 5148 ehRecvr - ok 18:51:34.0231 5148 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 18:51:34.0247 5148 ehSched - ok 18:51:34.0294 5148 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 18:51:34.0294 5148 ehstart - ok 18:51:34.0340 5148 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:51:34.0356 5148 elxstor - ok 18:51:34.0434 5148 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 18:51:34.0450 5148 EMDMgmt - ok 18:51:34.0512 5148 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:51:34.0528 5148 ErrDev - ok 18:51:34.0606 5148 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys 18:51:34.0606 5148 EsgScanner - ok 18:51:34.0637 5148 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 18:51:34.0652 5148 EventSystem - ok 18:51:34.0730 5148 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 18:51:34.0746 5148 exfat - ok 18:51:34.0793 5148 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:51:34.0824 5148 fastfat - ok 18:51:34.0918 5148 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:51:34.0933 5148 fdc - ok 18:51:34.0964 5148 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 18:51:34.0980 5148 fdPHost - ok 18:51:35.0042 5148 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 18:51:35.0089 5148 FDResPub - ok 18:51:35.0339 5148 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:51:35.0354 5148 FileInfo - ok 18:51:35.0417 5148 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:51:35.0432 5148 Filetrace - ok 18:51:35.0495 5148 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:51:35.0510 5148 flpydisk - ok 18:51:35.0526 5148 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:51:35.0542 5148 FltMgr - ok 18:51:35.0807 5148 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:51:35.0822 5148 FontCache3.0.0.0 - ok 18:51:35.0869 5148 [ 78C108C807AFDC45D7867B96D01AA8F2 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys 18:51:35.0869 5148 FPSensor - ok 18:51:35.0916 5148 [ 4EFF8408DD280F2468C39D0F4A2CEC0D ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys 18:51:35.0916 5148 FPWinIo - ok 18:51:35.0978 5148 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:51:35.0994 5148 Fs_Rec - ok 18:51:36.0025 5148 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:51:36.0041 5148 gagp30kx - ok 18:51:36.0134 5148 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:51:36.0134 5148 GEARAspiWDM - ok 18:51:36.0228 5148 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 18:51:36.0259 5148 gpsvc - ok 18:51:36.0368 5148 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:51:36.0415 5148 HdAudAddService - ok 18:51:36.0462 5148 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:51:36.0478 5148 HDAudBus - ok 18:51:36.0509 5148 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:51:36.0556 5148 HidBth - ok 18:51:36.0602 5148 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 18:51:36.0649 5148 HidIr - ok 18:51:36.0712 5148 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 18:51:36.0758 5148 hidserv - ok 18:51:36.0805 5148 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:51:36.0821 5148 HidUsb - ok 18:51:36.0868 5148 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:51:36.0899 5148 hkmsvc - ok 18:51:36.0977 5148 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 18:51:36.0992 5148 HpCISSs - ok 18:51:37.0164 5148 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:51:37.0164 5148 hpqcxs08 - ok 18:51:37.0211 5148 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:51:37.0211 5148 hpqddsvc - ok 18:51:37.0273 5148 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:51:37.0304 5148 HTTP - ok 18:51:37.0320 5148 hwdatacard - ok 18:51:37.0336 5148 hwusbdev - ok 18:51:37.0367 5148 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 18:51:37.0367 5148 i2omp - ok 18:51:37.0414 5148 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:51:37.0445 5148 i8042prt - ok 18:51:37.0492 5148 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 18:51:37.0492 5148 iaStorV - ok 18:51:37.0663 5148 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:51:37.0679 5148 IDriverT ( UnsignedFile.Multi.Generic ) - warning 18:51:37.0679 5148 IDriverT - detected UnsignedFile.Multi.Generic (1) 18:51:37.0804 5148 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:51:37.0866 5148 idsvc - ok 18:51:38.0209 5148 [ BE449D6218D34D93A95C1D2873DD8A5D ] IGBASVC C:\Program Files\EgisTec\VITAKEY\BASVC.exe 18:51:38.0381 5148 IGBASVC - ok 18:51:38.0412 5148 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:51:38.0412 5148 iirsp - ok 18:51:38.0459 5148 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 18:51:38.0490 5148 IKEEXT - ok 18:51:38.0599 5148 [ C3C499A704A2D7958D9D7E5A9DB60CE4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 18:51:38.0693 5148 IntcAzAudAddService - ok 18:51:38.0755 5148 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 18:51:38.0755 5148 intelide - ok 18:51:38.0786 5148 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:51:38.0802 5148 intelppm - ok 18:51:38.0864 5148 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:51:38.0896 5148 IPBusEnum - ok 18:51:39.0254 5148 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:51:39.0270 5148 IpFilterDriver - ok 18:51:39.0395 5148 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:51:39.0410 5148 iphlpsvc - ok 18:51:39.0410 5148 IpInIp - ok 18:51:39.0504 5148 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 18:51:39.0535 5148 IPMIDRV - ok 18:51:39.0566 5148 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 18:51:39.0598 5148 IPNAT - ok 18:51:39.0676 5148 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:51:39.0738 5148 IRENUM - ok 18:51:39.0754 5148 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:51:39.0754 5148 isapnp - ok 18:51:39.0800 5148 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 18:51:39.0800 5148 iScsiPrt - ok 18:51:39.0832 5148 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 18:51:39.0832 5148 iteatapi - ok 18:51:39.0878 5148 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 18:51:39.0878 5148 iteraid - ok 18:51:39.0894 5148 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:51:39.0910 5148 kbdclass - ok 18:51:40.0003 5148 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:51:40.0019 5148 kbdhid - ok 18:51:40.0112 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 18:51:40.0128 5148 KeyIso - ok 18:51:40.0144 5148 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:51:40.0175 5148 KSecDD - ok 18:51:40.0222 5148 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 18:51:40.0253 5148 KtmRm - ok 18:51:40.0300 5148 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:51:40.0331 5148 LanmanServer - ok 18:51:40.0378 5148 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:51:40.0393 5148 LanmanWorkstation - ok 18:51:40.0424 5148 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:51:40.0440 5148 lltdio - ok 18:51:40.0502 5148 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:51:40.0518 5148 lltdsvc - ok 18:51:40.0549 5148 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:51:40.0596 5148 lmhosts - ok 18:51:40.0627 5148 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:51:40.0643 5148 LSI_FC - ok 18:51:40.0690 5148 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:51:40.0690 5148 LSI_SAS - ok 18:51:40.0736 5148 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:51:40.0752 5148 LSI_SCSI - ok 18:51:40.0768 5148 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 18:51:40.0799 5148 luafv - ok 18:51:40.0877 5148 MBAMSwissArmy - ok 18:51:41.0048 5148 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe 18:51:41.0048 5148 McComponentHostService - ok 18:51:41.0158 5148 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:51:41.0173 5148 Mcx2Svc - ok 18:51:41.0532 5148 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 18:51:41.0548 5148 megasas - ok 18:51:41.0688 5148 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 18:51:41.0704 5148 MegaSR - ok 18:51:41.0828 5148 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 18:51:41.0860 5148 MMCSS - ok 18:51:41.0875 5148 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 18:51:41.0906 5148 Modem - ok 18:51:41.0953 5148 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:51:41.0984 5148 monitor - ok 18:51:41.0984 5148 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:51:42.0000 5148 mouclass - ok 18:51:42.0031 5148 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:51:42.0047 5148 mouhid - ok 18:51:42.0094 5148 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 18:51:42.0109 5148 MountMgr - ok 18:51:42.0203 5148 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 18:51:42.0218 5148 MozillaMaintenance - ok 18:51:42.0281 5148 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 18:51:42.0296 5148 mpio - ok 18:51:42.0312 5148 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:51:42.0343 5148 mpsdrv - ok 18:51:42.0374 5148 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 18:51:42.0406 5148 MpsSvc - ok 18:51:42.0437 5148 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 18:51:42.0437 5148 Mraid35x - ok 18:51:42.0468 5148 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:51:42.0484 5148 MRxDAV - ok 18:51:42.0546 5148 [ 7AFC42E60432FD1014F5342F2B1B1F74 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:51:42.0562 5148 mrxsmb - ok 18:51:42.0624 5148 [ 8A75752AE17924F65452746674B14B78 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:51:42.0640 5148 mrxsmb10 - ok 18:51:42.0655 5148 [ F4D0F3252E651F02BE64984FFA738394 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:51:42.0671 5148 mrxsmb20 - ok 18:51:42.0780 5148 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 18:51:42.0780 5148 msahci - ok 18:51:42.0889 5148 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:51:42.0889 5148 msdsm - ok 18:51:42.0936 5148 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 18:51:42.0967 5148 MSDTC - ok 18:51:43.0014 5148 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:51:43.0030 5148 Msfs - ok 18:51:43.0154 5148 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:51:43.0154 5148 msisadrv - ok 18:51:43.0232 5148 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:51:43.0264 5148 MSiSCSI - ok 18:51:43.0264 5148 msiserver - ok 18:51:43.0326 5148 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:51:43.0357 5148 MSKSSRV - ok 18:51:43.0404 5148 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:51:43.0435 5148 MSPCLOCK - ok 18:51:43.0451 5148 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:51:43.0498 5148 MSPQM - ok 18:51:43.0513 5148 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:51:43.0529 5148 MsRPC - ok 18:51:43.0576 5148 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:51:43.0576 5148 mssmbios - ok 18:51:43.0607 5148 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:51:43.0638 5148 MSTEE - ok 18:51:43.0732 5148 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 18:51:43.0747 5148 Mup - ok 18:51:43.0903 5148 [ 62D3C8E2E75ABD9FC3DEE1B0E5B437E0 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 18:51:43.0903 5148 mwlPSDFilter - ok 18:51:43.0950 5148 [ 3963DB3D50D60D17CE7A5EB7D4DA2E7D ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 18:51:43.0950 5148 mwlPSDNServ - ok 18:51:44.0090 5148 [ C6DE675CE2F2B6E4F78BF7E8187FC1EC ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 18:51:44.0090 5148 mwlPSDVDisk - ok 18:51:44.0200 5148 [ 3FD2D2F48C05C9E8EC0A8D61BCE12BFA ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe 18:51:44.0215 5148 MWLService - ok 18:51:44.0309 5148 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 18:51:44.0340 5148 napagent - ok 18:51:44.0402 5148 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:51:44.0418 5148 NativeWifiP - ok 18:51:44.0480 5148 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:51:44.0496 5148 NDIS - ok 18:51:44.0543 5148 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:51:44.0574 5148 NdisTapi - ok 18:51:44.0636 5148 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:51:44.0652 5148 Ndisuio - ok 18:51:44.0714 5148 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:51:44.0746 5148 NdisWan - ok 18:51:44.0777 5148 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:51:44.0808 5148 NDProxy - ok 18:51:44.0980 5148 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 18:51:45.0104 5148 Nero BackItUp Scheduler 3 - ok 18:51:45.0151 5148 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:51:45.0167 5148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:51:45.0167 5148 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:51:45.0182 5148 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:51:45.0229 5148 NetBIOS - ok 18:51:45.0307 5148 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 18:51:45.0338 5148 netbt - ok 18:51:45.0416 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 18:51:45.0432 5148 Netlogon - ok 18:51:45.0463 5148 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 18:51:45.0494 5148 Netman - ok 18:51:45.0572 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0588 5148 NetMsmqActivator - ok 18:51:45.0635 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0650 5148 NetPipeActivator - ok 18:51:45.0682 5148 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 18:51:45.0697 5148 netprofm - ok 18:51:45.0713 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0728 5148 NetTcpActivator - ok 18:51:45.0728 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0744 5148 NetTcpPortSharing - ok 18:51:45.0931 5148 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 18:51:46.0056 5148 NETw5v32 - ok 18:51:46.0087 5148 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:51:46.0103 5148 nfrd960 - ok 18:51:46.0150 5148 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:51:46.0181 5148 NlaSvc - ok 18:51:46.0274 5148 [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 18:51:46.0306 5148 NMIndexingService - ok 18:51:46.0337 5148 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:51:46.0384 5148 Npfs - ok 18:51:46.0399 5148 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 18:51:46.0415 5148 nsi - ok 18:51:46.0446 5148 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:51:46.0493 5148 nsiproxy - ok 18:51:46.0555 5148 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:51:46.0774 5148 Ntfs - ok 18:51:49.0270 5148 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 18:51:49.0316 5148 ntrigdigi - ok 18:51:49.0379 5148 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 18:51:49.0394 5148 Null - ok 18:51:49.0441 5148 [ A103162C62C336C2CB3C5E1E2773D17B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 18:51:49.0441 5148 NVHDA - ok 18:51:49.0706 5148 [ 692BD7AE273B8FD16D1EF1677394DD84 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:51:49.0956 5148 nvlddmkm - ok 18:51:50.0050 5148 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:51:50.0065 5148 nvraid - ok 18:51:50.0081 5148 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:51:50.0096 5148 nvstor - ok 18:51:50.0128 5148 [ 7708F81CC3C92E107DA01CAA67DFDB0A ] nvsvc C:\Windows\system32\nvvsvc.exe 18:51:50.0143 5148 nvsvc - ok 18:51:50.0174 5148 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:51:50.0190 5148 nv_agp - ok 18:51:50.0190 5148 NwlnkFlt - ok 18:51:50.0206 5148 NwlnkFwd - ok 18:51:50.0221 5148 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:51:50.0268 5148 ohci1394 - ok 18:51:50.0440 5148 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:51:50.0440 5148 ose - ok 18:51:50.0518 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 18:51:50.0549 5148 p2pimsvc - ok 18:51:50.0611 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 18:51:50.0674 5148 p2psvc - ok 18:51:50.0705 5148 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 18:51:50.0752 5148 Parport - ok 18:51:50.0798 5148 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:51:50.0798 5148 partmgr - ok 18:51:50.0845 5148 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 18:51:50.0908 5148 Parvdm - ok 18:51:50.0954 5148 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 18:51:50.0970 5148 PcaSvc - ok 18:51:50.0986 5148 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 18:51:51.0001 5148 pci - ok 18:51:51.0064 5148 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 18:51:51.0064 5148 pciide - ok 18:51:51.0095 5148 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:51:51.0095 5148 pcmcia - ok 18:51:51.0142 5148 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:51:51.0235 5148 PEAUTH - ok 18:51:51.0298 5148 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys 18:51:51.0344 5148 PhilCap - ok 18:51:51.0407 5148 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 18:51:51.0469 5148 pla - ok 18:51:51.0532 5148 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe 18:51:51.0532 5148 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 18:51:51.0532 5148 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 18:51:51.0594 5148 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:51:51.0625 5148 PlugPlay - ok 18:51:51.0672 5148 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:51:51.0672 5148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:51:51.0672 5148 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:51:51.0703 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 18:51:51.0750 5148 PNRPAutoReg - ok 18:51:51.0844 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 18:51:51.0859 5148 PNRPsvc - ok 18:51:51.0984 5148 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:51:52.0015 5148 PolicyAgent - ok 18:51:52.0062 5148 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:51:52.0093 5148 PptpMiniport - ok 18:51:52.0109 5148 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 18:51:52.0140 5148 Processor - ok 18:51:52.0249 5148 Profos - ok 18:51:52.0265 5148 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 18:51:52.0296 5148 ProfSvc - ok 18:51:52.0327 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:51:52.0343 5148 ProtectedStorage - ok 18:51:52.0405 5148 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe 18:51:52.0405 5148 ProtexisLicensing - ok 18:51:52.0702 5148 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 18:51:52.0717 5148 PSched - ok 18:51:52.0811 5148 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:51:52.0889 5148 ql2300 - ok 18:51:52.0920 5148 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:51:52.0936 5148 ql40xx - ok 18:51:52.0982 5148 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 18:51:53.0014 5148 QWAVE - ok 18:51:53.0029 5148 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:51:53.0045 5148 QWAVEdrv - ok 18:51:53.0092 5148 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:51:53.0123 5148 RasAcd - ok 18:51:53.0138 5148 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 18:51:53.0170 5148 RasAuto - ok 18:51:53.0232 5148 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:51:53.0279 5148 Rasl2tp - ok 18:51:53.0326 5148 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 18:51:53.0357 5148 RasMan - ok 18:51:53.0388 5148 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:51:53.0419 5148 RasPppoe - ok 18:51:53.0419 5148 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:51:53.0450 5148 RasSstp - ok 18:51:53.0482 5148 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:51:53.0513 5148 rdbss - ok 18:51:53.0575 5148 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:51:53.0606 5148 RDPCDD - ok 18:51:53.0638 5148 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 18:51:53.0669 5148 rdpdr - ok 18:51:53.0684 5148 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:51:53.0716 5148 RDPENCDD - ok 18:51:53.0778 5148 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:51:53.0794 5148 RDPWD - ok 18:51:53.0840 5148 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:51:53.0872 5148 RemoteAccess - ok 18:51:53.0903 5148 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:51:53.0918 5148 RemoteRegistry - ok 18:51:54.0059 5148 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 18:51:54.0074 5148 RFCOMM - ok 18:51:54.0168 5148 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 18:51:54.0168 5148 RichVideo ( UnsignedFile.Multi.Generic ) - warning 18:51:54.0168 5148 RichVideo - detected UnsignedFile.Multi.Generic (1) 18:51:54.0215 5148 RimUsb - ok 18:51:54.0246 5148 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys 18:51:54.0262 5148 RimVSerPort - ok 18:51:54.0324 5148 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 18:51:54.0355 5148 ROOTMODEM - ok 18:51:54.0449 5148 RoxLiveShare9 - ok 18:51:54.0480 5148 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 18:51:54.0496 5148 RpcLocator - ok 18:51:54.0558 5148 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 18:51:54.0589 5148 RpcSs - ok 18:51:54.0636 5148 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:51:54.0667 5148 rspndr - ok 18:51:54.0745 5148 [ 174B9514CD1A0C33CE4BBC02A3C81A62 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 18:51:54.0792 5148 RTL8169 - ok 18:51:54.0870 5148 [ 9EA88492B1DAB90DCE43A6F2C0E133BD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 18:51:54.0870 5148 RTSTOR - ok 18:51:54.0917 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 18:51:54.0932 5148 SamSs - ok 18:51:55.0010 5148 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:51:55.0026 5148 sbp2port - ok 18:51:55.0135 5148 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:51:55.0151 5148 SCardSvr - ok 18:51:55.0229 5148 [ 1D5E99DB3C10F4FA034010DC49043CA4 ] Schedule C:\Windows\system32\schedsvc.dll 18:51:55.0260 5148 Schedule - ok 18:51:55.0338 5148 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 18:51:55.0354 5148 SCPolicySvc - ok 18:51:55.0385 5148 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:51:55.0400 5148 SDRSVC - ok 18:51:55.0432 5148 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:51:55.0463 5148 secdrv - ok 18:51:55.0478 5148 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 18:51:55.0510 5148 seclogon - ok 18:51:55.0525 5148 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 18:51:55.0541 5148 SENS - ok 18:51:55.0603 5148 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 18:51:55.0650 5148 Serenum - ok 18:51:55.0681 5148 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 18:51:55.0728 5148 Serial - ok 18:51:55.0790 5148 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:51:55.0806 5148 sermouse - ok 18:51:55.0853 5148 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 18:51:55.0884 5148 SessionEnv - ok 18:51:55.0900 5148 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:51:55.0915 5148 sffdisk - ok 18:51:56.0071 5148 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:51:56.0102 5148 sffp_mmc - ok 18:51:56.0118 5148 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:51:56.0149 5148 sffp_sd - ok 18:51:56.0165 5148 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:51:56.0212 5148 sfloppy - ok 18:51:56.0243 5148 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:51:56.0274 5148 SharedAccess - ok 18:51:56.0508 5148 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:51:56.0539 5148 ShellHWDetection - ok 18:51:56.0602 5148 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 18:51:56.0602 5148 sisagp - ok 18:51:56.0726 5148 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 18:51:56.0742 5148 SiSRaid2 - ok 18:51:56.0773 5148 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:51:56.0773 5148 SiSRaid4 - ok 18:51:56.0945 5148 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 18:51:57.0366 5148 Skype C2C Service - ok 18:51:57.0475 5148 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 18:51:57.0475 5148 SkypeUpdate - ok 18:51:57.0678 5148 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 18:51:57.0803 5148 slsvc - ok 18:51:57.0850 5148 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 18:51:57.0881 5148 SLUINotify - ok 18:51:57.0896 5148 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:51:57.0912 5148 Smb - ok 18:51:57.0928 5148 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:51:57.0943 5148 SNMPTRAP - ok 18:51:58.0037 5148 [ 913D2CE973ED904FE54DE9DB38FCEFF2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 18:51:58.0146 5148 SNP2UVC - ok 18:51:58.0177 5148 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 18:51:58.0193 5148 spldr - ok 18:51:58.0255 5148 [ 846CDF9A3CF4DA9B306ADFB7D55EE4C2 ] Spooler C:\Windows\System32\spoolsv.exe 18:51:58.0286 5148 Spooler - ok 18:51:58.0349 5148 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 18:51:58.0349 5148 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 18:51:58.0349 5148 sptd ( LockedFile.Multi.Generic ) - warning 18:51:58.0349 5148 sptd - detected LockedFile.Multi.Generic (1) 18:51:58.0630 5148 [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:51:58.0645 5148 SpyHunter 4 Service - ok 18:51:58.0692 5148 [ 8E5FC19B3B38364C5F44CCECEC5248E9 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:51:58.0708 5148 srv - ok 18:51:58.0786 5148 [ 4CEEB95E0B79E48B81F2DA0A6C24C64B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:51:58.0801 5148 srv2 - ok 18:51:58.0926 5148 [ 71DB619F4068D7C70D447D73617CDFAC ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe 18:51:59.0020 5148 srvcPVR ( UnsignedFile.Multi.Generic ) - warning 18:51:59.0020 5148 srvcPVR - detected UnsignedFile.Multi.Generic (1) 18:51:59.0082 5148 [ F9C65E1E00A6BBF7C57D9B8EA068C525 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:51:59.0098 5148 srvnet - ok 18:51:59.0129 5148 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:51:59.0160 5148 SSDPSRV - ok 18:51:59.0222 5148 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 18:51:59.0222 5148 ssmdrv - ok 18:51:59.0254 5148 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:51:59.0269 5148 SstpSvc - ok 18:51:59.0285 5148 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 18:51:59.0316 5148 StillCam - ok 18:51:59.0363 5148 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 18:51:59.0394 5148 stisvc - ok 18:51:59.0425 5148 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:51:59.0425 5148 swenum - ok 18:51:59.0441 5148 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 18:51:59.0472 5148 swprv - ok 18:51:59.0488 5148 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 18:51:59.0503 5148 Symc8xx - ok 18:51:59.0534 5148 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 18:51:59.0550 5148 Sym_hi - ok 18:51:59.0581 5148 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 18:51:59.0581 5148 Sym_u3 - ok 18:51:59.0644 5148 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 18:51:59.0675 5148 SysMain - ok 18:51:59.0706 5148 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:51:59.0706 5148 TabletInputService - ok 18:51:59.0768 5148 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 18:51:59.0800 5148 TapiSrv - ok 18:51:59.0831 5148 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 18:51:59.0862 5148 TBS - ok 18:51:59.0956 5148 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:52:00.0002 5148 Tcpip - ok 18:52:00.0049 5148 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 18:52:00.0096 5148 Tcpip6 - ok 18:52:00.0127 5148 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:52:00.0158 5148 tcpipreg - ok 18:52:00.0236 5148 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:52:00.0252 5148 TDPIPE - ok 18:52:00.0330 5148 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:52:00.0361 5148 TDTCP - ok 18:52:00.0392 5148 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:52:00.0424 5148 tdx - ok 18:52:00.0439 5148 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:52:00.0455 5148 TermDD - ok 18:52:00.0720 5148 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 18:52:00.0751 5148 TermService - ok 18:52:00.0782 5148 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll 18:52:00.0814 5148 Themes - ok 18:52:00.0845 5148 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 18:52:00.0876 5148 THREADORDER - ok 18:52:00.0923 5148 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 18:52:00.0954 5148 TrkWks - ok 18:52:01.0001 5148 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:52:01.0032 5148 TrustedInstaller - ok 18:52:01.0079 5148 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:52:01.0094 5148 tssecsrv - ok 18:52:01.0141 5148 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 18:52:01.0141 5148 tunmp - ok 18:52:01.0157 5148 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:52:01.0172 5148 tunnel - ok 18:52:01.0219 5148 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:52:01.0219 5148 uagp35 - ok 18:52:01.0250 5148 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:52:01.0266 5148 udfs - ok 18:52:01.0422 5148 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:52:01.0438 5148 UI0Detect - ok 18:52:01.0469 5148 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:52:01.0469 5148 uliagpkx - ok 18:52:01.0500 5148 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 18:52:01.0500 5148 uliahci - ok 18:52:01.0531 5148 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 18:52:01.0531 5148 UlSata - ok 18:52:01.0562 5148 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 18:52:01.0578 5148 ulsata2 - ok 18:52:01.0594 5148 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:52:01.0625 5148 umbus - ok 18:52:01.0640 5148 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 18:52:01.0656 5148 upnphost - ok 18:52:01.0672 5148 USBAAPL - ok 18:52:01.0718 5148 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:52:01.0734 5148 usbccgp - ok 18:52:01.0750 5148 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:52:01.0796 5148 usbcir - ok 18:52:01.0828 5148 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:52:01.0843 5148 usbehci - ok 18:52:01.0890 5148 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:52:01.0906 5148 usbhub - ok 18:52:01.0937 5148 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:52:01.0984 5148 usbohci - ok 18:52:02.0015 5148 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:52:02.0046 5148 usbprint - ok 18:52:02.0108 5148 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 18:52:02.0124 5148 usbscan - ok 18:52:02.0155 5148 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:52:02.0171 5148 USBSTOR - ok 18:52:02.0186 5148 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 18:52:02.0202 5148 usbuhci - ok 18:52:02.0233 5148 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:52:02.0264 5148 usbvideo - ok 18:52:02.0296 5148 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 18:52:02.0311 5148 UxSms - ok 18:52:02.0342 5148 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 18:52:02.0374 5148 vds - ok 18:52:02.0405 5148 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:52:02.0420 5148 vga - ok 18:52:02.0436 5148 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 18:52:02.0467 5148 VgaSave - ok 18:52:02.0483 5148 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 18:52:02.0498 5148 viaagp - ok 18:52:02.0514 5148 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 18:52:02.0530 5148 ViaC7 - ok 18:52:02.0545 5148 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 18:52:02.0561 5148 viaide - ok 18:52:02.0576 5148 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:52:02.0592 5148 volmgr - ok 18:52:02.0608 5148 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:52:02.0623 5148 volmgrx - ok 18:52:02.0623 5148 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:52:02.0639 5148 volsnap - ok 18:52:02.0670 5148 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:52:02.0686 5148 vsmraid - ok 18:52:02.0717 5148 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 18:52:02.0779 5148 VSS - ok 18:52:02.0810 5148 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 18:52:02.0842 5148 W32Time - ok 18:52:02.0873 5148 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:52:02.0920 5148 WacomPen - ok 18:52:02.0935 5148 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0951 5148 Wanarp - ok 18:52:02.0951 5148 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0982 5148 Wanarpv6 - ok 18:52:02.0998 5148 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:52:03.0013 5148 wcncsvc - ok 18:52:03.0044 5148 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:52:03.0060 5148 WcsPlugInService - ok 18:52:03.0091 5148 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 18:52:03.0091 5148 Wd - ok 18:52:03.0138 5148 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:52:03.0154 5148 Wdf01000 - ok 18:52:03.0185 5148 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:52:03.0216 5148 WdiServiceHost - ok 18:52:03.0216 5148 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:52:03.0247 5148 WdiSystemHost - ok 18:52:03.0263 5148 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 18:52:03.0278 5148 WebClient - ok 18:52:03.0294 5148 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:52:03.0325 5148 Wecsvc - ok 18:52:03.0325 5148 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:52:03.0341 5148 wercplsupport - ok 18:52:03.0372 5148 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 18:52:03.0388 5148 WerSvc - ok 18:52:03.0450 5148 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 18:52:03.0450 5148 WinDefend - ok 18:52:03.0466 5148 WinHttpAutoProxySvc - ok 18:52:03.0528 5148 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:52:03.0544 5148 Winmgmt - ok 18:52:03.0575 5148 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll 18:52:03.0622 5148 WinRM - ok 18:52:03.0668 5148 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 18:52:03.0684 5148 WinUSB - ok 18:52:03.0731 5148 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:52:03.0762 5148 Wlansvc - ok 18:52:03.0793 5148 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 18:52:03.0809 5148 WmiAcpi - ok 18:52:03.0856 5148 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:52:03.0871 5148 wmiApSrv - ok 18:52:03.0965 5148 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 18:52:04.0012 5148 WMPNetworkSvc - ok 18:52:04.0043 5148 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:52:04.0058 5148 WPCSvc - ok 18:52:04.0105 5148 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:52:04.0121 5148 WPDBusEnum - ok 18:52:04.0168 5148 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 18:52:04.0183 5148 WpdUsb - ok 18:52:04.0246 5148 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:52:04.0261 5148 ws2ifsl - ok 18:52:04.0292 5148 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 18:52:04.0308 5148 wscsvc - ok 18:52:04.0308 5148 WSearch - ok 18:52:04.0386 5148 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 18:52:04.0464 5148 wuauserv - ok 18:52:04.0495 5148 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:52:04.0526 5148 WUDFRd - ok 18:52:04.0526 5148 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:52:04.0558 5148 wudfsvc - ok 18:52:04.0589 5148 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys 18:52:04.0589 5148 X10Hid - ok 18:52:04.0651 5148 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 18:52:04.0667 5148 x10nets ( UnsignedFile.Multi.Generic ) - warning 18:52:04.0667 5148 x10nets - detected UnsignedFile.Multi.Generic (1) 18:52:04.0698 5148 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys 18:52:04.0698 5148 XUIF - ok 18:52:04.0729 5148 ================ Scan global =============================== 18:52:04.0760 5148 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 18:52:04.0792 5148 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 18:52:04.0823 5148 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 18:52:04.0838 5148 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 18:52:04.0838 5148 [Global] - ok 18:52:04.0854 5148 ================ Scan MBR ================================== 18:52:04.0870 5148 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 18:52:05.0696 5148 \Device\Harddisk0\DR0 - ok 18:52:05.0696 5148 ================ Scan VBR ================================== 18:52:05.0728 5148 [ D388FB9CCF230EC959D1A647C421C6B8 ] \Device\Harddisk0\DR0\Partition1 18:52:05.0806 5148 \Device\Harddisk0\DR0\Partition1 - ok 18:52:05.0852 5148 [ 6F7E15BF1F320FCCDD1AB9F387F82803 ] \Device\Harddisk0\DR0\Partition2 18:52:05.0852 5148 \Device\Harddisk0\DR0\Partition2 - ok 18:52:05.0852 5148 ============================================================ 18:52:05.0852 5148 Scan finished 18:52:05.0852 5148 ============================================================ 18:52:05.0852 5140 Detected object count: 8 18:52:05.0852 5140 Actual detected object count: 8 18:52:11.0905 5140 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 sptd ( LockedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Ski |
|
21.12.2012, 18:56
| #12 |
| | cash-trojaner in form von antivirus programm sooo...der nächste: 18:51:17.0804 4984 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 18:51:18.0085 4984 ============================================================ 18:51:18.0085 4984 Current date / time: 2012/12/21 18:51:18.0085 18:51:18.0085 4984 SystemInfo: 18:51:18.0085 4984 18:51:18.0085 4984 OS Version: 6.0.6001 ServicePack: 1.0 18:51:18.0085 4984 Product type: Workstation 18:51:18.0085 4984 ComputerName: MAX-LAPTOP 18:51:18.0085 4984 UserName: Max 18:51:18.0085 4984 Windows directory: C:\Windows 18:51:18.0085 4984 System windows directory: C:\Windows 18:51:18.0085 4984 Processor architecture: Intel x86 18:51:18.0085 4984 Number of processors: 2 18:51:18.0085 4984 Page size: 0x1000 18:51:18.0085 4984 Boot type: Normal boot 18:51:18.0085 4984 ============================================================ 18:51:19.0723 4984 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:51:19.0739 4984 ============================================================ 18:51:19.0739 4984 \Device\Harddisk0\DR0: 18:51:19.0739 4984 MBR partitions: 18:51:19.0739 4984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22CA4800 18:51:19.0739 4984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x22CA5000, BlocksNum 0x2789000 18:51:19.0739 4984 ============================================================ 18:51:19.0754 4984 C: <-> \Device\Harddisk0\DR0\Partition1 18:51:20.0066 4984 D: <-> \Device\Harddisk0\DR0\Partition2 18:51:20.0066 4984 ============================================================ 18:51:20.0066 4984 Initialize success 18:51:20.0066 4984 ============================================================ 18:51:25.0979 5148 ============================================================ 18:51:25.0979 5148 Scan started 18:51:25.0979 5148 Mode: Manual; SigCheck; TDLFS; 18:51:25.0979 5148 ============================================================ 18:51:27.0492 5148 ================ Scan system memory ======================== 18:51:27.0492 5148 System memory - ok 18:51:27.0492 5148 ================ Scan services ============================= 18:51:27.0851 5148 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 18:51:27.0944 5148 ACPI - ok 18:51:28.0054 5148 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:51:28.0069 5148 AdobeFlashPlayerUpdateSvc - ok 18:51:28.0116 5148 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:51:28.0132 5148 adp94xx - ok 18:51:28.0194 5148 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:51:28.0210 5148 adpahci - ok 18:51:28.0241 5148 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 18:51:28.0256 5148 adpu160m - ok 18:51:28.0350 5148 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:51:28.0366 5148 adpu320 - ok 18:51:28.0412 5148 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:51:28.0428 5148 AeLookupSvc - ok 18:51:28.0490 5148 [ 763E172A55177E478CB419F88FD0BA03 ] AFD C:\Windows\system32\drivers\afd.sys 18:51:28.0522 5148 AFD - ok 18:51:28.0584 5148 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:51:28.0600 5148 agp440 - ok 18:51:28.0646 5148 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 18:51:28.0662 5148 aic78xx - ok 18:51:28.0693 5148 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 18:51:28.0709 5148 ALG - ok 18:51:28.0740 5148 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 18:51:28.0740 5148 aliide - ok 18:51:28.0802 5148 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 18:51:28.0818 5148 amdagp - ok 18:51:28.0834 5148 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 18:51:28.0834 5148 amdide - ok 18:51:28.0880 5148 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 18:51:28.0912 5148 AmdK7 - ok 18:51:28.0927 5148 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:51:28.0943 5148 AmdK8 - ok 18:51:29.0130 5148 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 18:51:29.0146 5148 AntiVirSchedulerService - ok 18:51:29.0177 5148 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 18:51:29.0192 5148 AntiVirService - ok 18:51:29.0270 5148 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 18:51:29.0286 5148 Appinfo - ok 18:51:29.0333 5148 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 18:51:29.0348 5148 arc - ok 18:51:29.0395 5148 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:51:29.0395 5148 arcsas - ok 18:51:29.0551 5148 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 18:51:29.0551 5148 aspnet_state - ok 18:51:29.0614 5148 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:51:29.0629 5148 AsyncMac - ok 18:51:29.0660 5148 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys 18:51:29.0660 5148 atapi - ok 18:51:29.0723 5148 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:51:29.0754 5148 AudioEndpointBuilder - ok 18:51:29.0770 5148 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 18:51:29.0785 5148 Audiosrv - ok 18:51:29.0816 5148 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 18:51:29.0848 5148 avgntflt - ok 18:51:30.0019 5148 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:51:30.0019 5148 avipbb - ok 18:51:30.0097 5148 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:51:30.0097 5148 avkmgr - ok 18:51:30.0144 5148 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 18:51:30.0160 5148 Beep - ok 18:51:30.0206 5148 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 18:51:30.0238 5148 BFE - ok 18:51:30.0284 5148 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 18:51:30.0331 5148 BITS - ok 18:51:30.0347 5148 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 18:51:30.0362 5148 blbdrive - ok 18:51:30.0394 5148 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:51:30.0425 5148 bowser - ok 18:51:30.0487 5148 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 18:51:30.0503 5148 BrFiltLo - ok 18:51:30.0518 5148 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 18:51:30.0534 5148 BrFiltUp - ok 18:51:30.0643 5148 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 18:51:30.0674 5148 Browser - ok 18:51:30.0768 5148 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 18:51:30.0815 5148 Brserid - ok 18:51:30.0830 5148 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 18:51:30.0877 5148 BrSerWdm - ok 18:51:31.0033 5148 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 18:51:31.0080 5148 BrUsbMdm - ok 18:51:31.0158 5148 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 18:51:31.0189 5148 BrUsbSer - ok 18:51:31.0252 5148 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 18:51:31.0252 5148 BthEnum - ok 18:51:31.0298 5148 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:51:31.0345 5148 BTHMODEM - ok 18:51:31.0376 5148 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 18:51:31.0408 5148 BthPan - ok 18:51:31.0486 5148 [ AC8A1689D5EFC4D214201155A78D8F4B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 18:51:31.0501 5148 BTHPORT - ok 18:51:31.0532 5148 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 18:51:31.0548 5148 BthServ - ok 18:51:31.0564 5148 [ 288C1F74E3E2EED6C7B54EB3AAC70856 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 18:51:31.0579 5148 BTHUSB - ok 18:51:31.0657 5148 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:51:31.0673 5148 cdfs - ok 18:51:31.0735 5148 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:51:31.0751 5148 cdrom - ok 18:51:31.0798 5148 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 18:51:31.0813 5148 CertPropSvc - ok 18:51:31.0969 5148 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 18:51:32.0000 5148 circlass - ok 18:51:32.0016 5148 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 18:51:32.0032 5148 CLFS - ok 18:51:32.0125 5148 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:51:32.0125 5148 clr_optimization_v2.0.50727_32 - ok 18:51:32.0188 5148 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:51:32.0203 5148 CmBatt - ok 18:51:32.0250 5148 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:51:32.0250 5148 cmdide - ok 18:51:32.0281 5148 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:51:32.0297 5148 Compbatt - ok 18:51:32.0297 5148 COMSysApp - ok 18:51:32.0297 5148 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:51:32.0312 5148 crcdisk - ok 18:51:32.0406 5148 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 18:51:32.0422 5148 Crusoe - ok 18:51:32.0515 5148 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:51:32.0531 5148 CryptSvc - ok 18:51:32.0671 5148 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:51:32.0718 5148 DcomLaunch - ok 18:51:32.0734 5148 [ 9E635AE5E8AD93E2B5989E2E23679F97 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:51:32.0765 5148 DfsC - ok 18:51:32.0999 5148 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 18:51:33.0077 5148 DFSR - ok 18:51:33.0139 5148 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 18:51:33.0155 5148 Dhcp - ok 18:51:33.0202 5148 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 18:51:33.0202 5148 disk - ok 18:51:33.0217 5148 [ F5A0F1DA1ED8B429597E71D27D976E31 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:51:33.0248 5148 Dnscache - ok 18:51:33.0264 5148 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 18:51:33.0280 5148 dot3svc - ok 18:51:33.0358 5148 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 18:51:33.0389 5148 Dot4 - ok 18:51:33.0451 5148 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 18:51:33.0482 5148 Dot4Print - ok 18:51:33.0607 5148 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 18:51:33.0638 5148 dot4usb - ok 18:51:33.0685 5148 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 18:51:33.0716 5148 DPS - ok 18:51:33.0748 5148 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:51:33.0763 5148 drmkaud - ok 18:51:33.0857 5148 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:51:33.0872 5148 DXGKrnl - ok 18:51:33.0982 5148 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 18:51:33.0997 5148 E1G60 - ok 18:51:34.0060 5148 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 18:51:34.0075 5148 EapHost - ok 18:51:34.0122 5148 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 18:51:34.0138 5148 Ecache - ok 18:51:34.0200 5148 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:51:34.0216 5148 ehRecvr - ok 18:51:34.0231 5148 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 18:51:34.0247 5148 ehSched - ok 18:51:34.0294 5148 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 18:51:34.0294 5148 ehstart - ok 18:51:34.0340 5148 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:51:34.0356 5148 elxstor - ok 18:51:34.0434 5148 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 18:51:34.0450 5148 EMDMgmt - ok 18:51:34.0512 5148 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:51:34.0528 5148 ErrDev - ok 18:51:34.0606 5148 [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys 18:51:34.0606 5148 EsgScanner - ok 18:51:34.0637 5148 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 18:51:34.0652 5148 EventSystem - ok 18:51:34.0730 5148 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 18:51:34.0746 5148 exfat - ok 18:51:34.0793 5148 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:51:34.0824 5148 fastfat - ok 18:51:34.0918 5148 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:51:34.0933 5148 fdc - ok 18:51:34.0964 5148 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 18:51:34.0980 5148 fdPHost - ok 18:51:35.0042 5148 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 18:51:35.0089 5148 FDResPub - ok 18:51:35.0339 5148 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:51:35.0354 5148 FileInfo - ok 18:51:35.0417 5148 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:51:35.0432 5148 Filetrace - ok 18:51:35.0495 5148 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:51:35.0510 5148 flpydisk - ok 18:51:35.0526 5148 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:51:35.0542 5148 FltMgr - ok 18:51:35.0807 5148 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:51:35.0822 5148 FontCache3.0.0.0 - ok 18:51:35.0869 5148 [ 78C108C807AFDC45D7867B96D01AA8F2 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys 18:51:35.0869 5148 FPSensor - ok 18:51:35.0916 5148 [ 4EFF8408DD280F2468C39D0F4A2CEC0D ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys 18:51:35.0916 5148 FPWinIo - ok 18:51:35.0978 5148 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:51:35.0994 5148 Fs_Rec - ok 18:51:36.0025 5148 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:51:36.0041 5148 gagp30kx - ok 18:51:36.0134 5148 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:51:36.0134 5148 GEARAspiWDM - ok 18:51:36.0228 5148 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 18:51:36.0259 5148 gpsvc - ok 18:51:36.0368 5148 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:51:36.0415 5148 HdAudAddService - ok 18:51:36.0462 5148 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:51:36.0478 5148 HDAudBus - ok 18:51:36.0509 5148 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:51:36.0556 5148 HidBth - ok 18:51:36.0602 5148 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 18:51:36.0649 5148 HidIr - ok 18:51:36.0712 5148 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 18:51:36.0758 5148 hidserv - ok 18:51:36.0805 5148 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:51:36.0821 5148 HidUsb - ok 18:51:36.0868 5148 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:51:36.0899 5148 hkmsvc - ok 18:51:36.0977 5148 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 18:51:36.0992 5148 HpCISSs - ok 18:51:37.0164 5148 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 18:51:37.0164 5148 hpqcxs08 - ok 18:51:37.0211 5148 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 18:51:37.0211 5148 hpqddsvc - ok 18:51:37.0273 5148 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:51:37.0304 5148 HTTP - ok 18:51:37.0320 5148 hwdatacard - ok 18:51:37.0336 5148 hwusbdev - ok 18:51:37.0367 5148 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 18:51:37.0367 5148 i2omp - ok 18:51:37.0414 5148 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:51:37.0445 5148 i8042prt - ok 18:51:37.0492 5148 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 18:51:37.0492 5148 iaStorV - ok 18:51:37.0663 5148 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:51:37.0679 5148 IDriverT ( UnsignedFile.Multi.Generic ) - warning 18:51:37.0679 5148 IDriverT - detected UnsignedFile.Multi.Generic (1) 18:51:37.0804 5148 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:51:37.0866 5148 idsvc - ok 18:51:38.0209 5148 [ BE449D6218D34D93A95C1D2873DD8A5D ] IGBASVC C:\Program Files\EgisTec\VITAKEY\BASVC.exe 18:51:38.0381 5148 IGBASVC - ok 18:51:38.0412 5148 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:51:38.0412 5148 iirsp - ok 18:51:38.0459 5148 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 18:51:38.0490 5148 IKEEXT - ok 18:51:38.0599 5148 [ C3C499A704A2D7958D9D7E5A9DB60CE4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 18:51:38.0693 5148 IntcAzAudAddService - ok 18:51:38.0755 5148 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 18:51:38.0755 5148 intelide - ok 18:51:38.0786 5148 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:51:38.0802 5148 intelppm - ok 18:51:38.0864 5148 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:51:38.0896 5148 IPBusEnum - ok 18:51:39.0254 5148 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:51:39.0270 5148 IpFilterDriver - ok 18:51:39.0395 5148 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:51:39.0410 5148 iphlpsvc - ok 18:51:39.0410 5148 IpInIp - ok 18:51:39.0504 5148 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 18:51:39.0535 5148 IPMIDRV - ok 18:51:39.0566 5148 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 18:51:39.0598 5148 IPNAT - ok 18:51:39.0676 5148 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:51:39.0738 5148 IRENUM - ok 18:51:39.0754 5148 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:51:39.0754 5148 isapnp - ok 18:51:39.0800 5148 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 18:51:39.0800 5148 iScsiPrt - ok 18:51:39.0832 5148 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 18:51:39.0832 5148 iteatapi - ok 18:51:39.0878 5148 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 18:51:39.0878 5148 iteraid - ok 18:51:39.0894 5148 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:51:39.0910 5148 kbdclass - ok 18:51:40.0003 5148 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:51:40.0019 5148 kbdhid - ok 18:51:40.0112 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 18:51:40.0128 5148 KeyIso - ok 18:51:40.0144 5148 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:51:40.0175 5148 KSecDD - ok 18:51:40.0222 5148 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 18:51:40.0253 5148 KtmRm - ok 18:51:40.0300 5148 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:51:40.0331 5148 LanmanServer - ok 18:51:40.0378 5148 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:51:40.0393 5148 LanmanWorkstation - ok 18:51:40.0424 5148 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:51:40.0440 5148 lltdio - ok 18:51:40.0502 5148 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:51:40.0518 5148 lltdsvc - ok 18:51:40.0549 5148 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:51:40.0596 5148 lmhosts - ok 18:51:40.0627 5148 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:51:40.0643 5148 LSI_FC - ok 18:51:40.0690 5148 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:51:40.0690 5148 LSI_SAS - ok 18:51:40.0736 5148 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:51:40.0752 5148 LSI_SCSI - ok 18:51:40.0768 5148 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 18:51:40.0799 5148 luafv - ok 18:51:40.0877 5148 MBAMSwissArmy - ok 18:51:41.0048 5148 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe 18:51:41.0048 5148 McComponentHostService - ok 18:51:41.0158 5148 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:51:41.0173 5148 Mcx2Svc - ok 18:51:41.0532 5148 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 18:51:41.0548 5148 megasas - ok 18:51:41.0688 5148 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 18:51:41.0704 5148 MegaSR - ok 18:51:41.0828 5148 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 18:51:41.0860 5148 MMCSS - ok 18:51:41.0875 5148 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 18:51:41.0906 5148 Modem - ok 18:51:41.0953 5148 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:51:41.0984 5148 monitor - ok 18:51:41.0984 5148 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:51:42.0000 5148 mouclass - ok 18:51:42.0031 5148 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:51:42.0047 5148 mouhid - ok 18:51:42.0094 5148 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 18:51:42.0109 5148 MountMgr - ok 18:51:42.0203 5148 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 18:51:42.0218 5148 MozillaMaintenance - ok 18:51:42.0281 5148 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 18:51:42.0296 5148 mpio - ok 18:51:42.0312 5148 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:51:42.0343 5148 mpsdrv - ok 18:51:42.0374 5148 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 18:51:42.0406 5148 MpsSvc - ok 18:51:42.0437 5148 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 18:51:42.0437 5148 Mraid35x - ok 18:51:42.0468 5148 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:51:42.0484 5148 MRxDAV - ok 18:51:42.0546 5148 [ 7AFC42E60432FD1014F5342F2B1B1F74 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:51:42.0562 5148 mrxsmb - ok 18:51:42.0624 5148 [ 8A75752AE17924F65452746674B14B78 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:51:42.0640 5148 mrxsmb10 - ok 18:51:42.0655 5148 [ F4D0F3252E651F02BE64984FFA738394 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:51:42.0671 5148 mrxsmb20 - ok 18:51:42.0780 5148 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 18:51:42.0780 5148 msahci - ok 18:51:42.0889 5148 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:51:42.0889 5148 msdsm - ok 18:51:42.0936 5148 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 18:51:42.0967 5148 MSDTC - ok 18:51:43.0014 5148 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:51:43.0030 5148 Msfs - ok 18:51:43.0154 5148 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:51:43.0154 5148 msisadrv - ok 18:51:43.0232 5148 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:51:43.0264 5148 MSiSCSI - ok 18:51:43.0264 5148 msiserver - ok 18:51:43.0326 5148 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:51:43.0357 5148 MSKSSRV - ok 18:51:43.0404 5148 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:51:43.0435 5148 MSPCLOCK - ok 18:51:43.0451 5148 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:51:43.0498 5148 MSPQM - ok 18:51:43.0513 5148 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:51:43.0529 5148 MsRPC - ok 18:51:43.0576 5148 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:51:43.0576 5148 mssmbios - ok 18:51:43.0607 5148 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:51:43.0638 5148 MSTEE - ok 18:51:43.0732 5148 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 18:51:43.0747 5148 Mup - ok 18:51:43.0903 5148 [ 62D3C8E2E75ABD9FC3DEE1B0E5B437E0 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 18:51:43.0903 5148 mwlPSDFilter - ok 18:51:43.0950 5148 [ 3963DB3D50D60D17CE7A5EB7D4DA2E7D ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 18:51:43.0950 5148 mwlPSDNServ - ok 18:51:44.0090 5148 [ C6DE675CE2F2B6E4F78BF7E8187FC1EC ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 18:51:44.0090 5148 mwlPSDVDisk - ok 18:51:44.0200 5148 [ 3FD2D2F48C05C9E8EC0A8D61BCE12BFA ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe 18:51:44.0215 5148 MWLService - ok 18:51:44.0309 5148 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 18:51:44.0340 5148 napagent - ok 18:51:44.0402 5148 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:51:44.0418 5148 NativeWifiP - ok 18:51:44.0480 5148 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:51:44.0496 5148 NDIS - ok 18:51:44.0543 5148 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:51:44.0574 5148 NdisTapi - ok 18:51:44.0636 5148 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:51:44.0652 5148 Ndisuio - ok 18:51:44.0714 5148 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:51:44.0746 5148 NdisWan - ok 18:51:44.0777 5148 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:51:44.0808 5148 NDProxy - ok 18:51:44.0980 5148 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 18:51:45.0104 5148 Nero BackItUp Scheduler 3 - ok 18:51:45.0151 5148 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:51:45.0167 5148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:51:45.0167 5148 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:51:45.0182 5148 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:51:45.0229 5148 NetBIOS - ok 18:51:45.0307 5148 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 18:51:45.0338 5148 netbt - ok 18:51:45.0416 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 18:51:45.0432 5148 Netlogon - ok 18:51:45.0463 5148 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 18:51:45.0494 5148 Netman - ok 18:51:45.0572 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0588 5148 NetMsmqActivator - ok 18:51:45.0635 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0650 5148 NetPipeActivator - ok 18:51:45.0682 5148 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 18:51:45.0697 5148 netprofm - ok 18:51:45.0713 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0728 5148 NetTcpActivator - ok 18:51:45.0728 5148 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:45.0744 5148 NetTcpPortSharing - ok 18:51:45.0931 5148 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 18:51:46.0056 5148 NETw5v32 - ok 18:51:46.0087 5148 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:51:46.0103 5148 nfrd960 - ok 18:51:46.0150 5148 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:51:46.0181 5148 NlaSvc - ok 18:51:46.0274 5148 [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 18:51:46.0306 5148 NMIndexingService - ok 18:51:46.0337 5148 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:51:46.0384 5148 Npfs - ok 18:51:46.0399 5148 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 18:51:46.0415 5148 nsi - ok 18:51:46.0446 5148 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:51:46.0493 5148 nsiproxy - ok 18:51:46.0555 5148 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:51:46.0774 5148 Ntfs - ok 18:51:49.0270 5148 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 18:51:49.0316 5148 ntrigdigi - ok 18:51:49.0379 5148 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 18:51:49.0394 5148 Null - ok 18:51:49.0441 5148 [ A103162C62C336C2CB3C5E1E2773D17B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 18:51:49.0441 5148 NVHDA - ok 18:51:49.0706 5148 [ 692BD7AE273B8FD16D1EF1677394DD84 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:51:49.0956 5148 nvlddmkm - ok 18:51:50.0050 5148 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:51:50.0065 5148 nvraid - ok 18:51:50.0081 5148 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:51:50.0096 5148 nvstor - ok 18:51:50.0128 5148 [ 7708F81CC3C92E107DA01CAA67DFDB0A ] nvsvc C:\Windows\system32\nvvsvc.exe 18:51:50.0143 5148 nvsvc - ok 18:51:50.0174 5148 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:51:50.0190 5148 nv_agp - ok 18:51:50.0190 5148 NwlnkFlt - ok 18:51:50.0206 5148 NwlnkFwd - ok 18:51:50.0221 5148 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:51:50.0268 5148 ohci1394 - ok 18:51:50.0440 5148 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:51:50.0440 5148 ose - ok 18:51:50.0518 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 18:51:50.0549 5148 p2pimsvc - ok 18:51:50.0611 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 18:51:50.0674 5148 p2psvc - ok 18:51:50.0705 5148 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 18:51:50.0752 5148 Parport - ok 18:51:50.0798 5148 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:51:50.0798 5148 partmgr - ok 18:51:50.0845 5148 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 18:51:50.0908 5148 Parvdm - ok 18:51:50.0954 5148 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 18:51:50.0970 5148 PcaSvc - ok 18:51:50.0986 5148 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 18:51:51.0001 5148 pci - ok 18:51:51.0064 5148 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 18:51:51.0064 5148 pciide - ok 18:51:51.0095 5148 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:51:51.0095 5148 pcmcia - ok 18:51:51.0142 5148 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:51:51.0235 5148 PEAUTH - ok 18:51:51.0298 5148 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys 18:51:51.0344 5148 PhilCap - ok 18:51:51.0407 5148 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 18:51:51.0469 5148 pla - ok 18:51:51.0532 5148 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe 18:51:51.0532 5148 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 18:51:51.0532 5148 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 18:51:51.0594 5148 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:51:51.0625 5148 PlugPlay - ok 18:51:51.0672 5148 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:51:51.0672 5148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:51:51.0672 5148 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:51:51.0703 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 18:51:51.0750 5148 PNRPAutoReg - ok 18:51:51.0844 5148 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 18:51:51.0859 5148 PNRPsvc - ok 18:51:51.0984 5148 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:51:52.0015 5148 PolicyAgent - ok 18:51:52.0062 5148 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:51:52.0093 5148 PptpMiniport - ok 18:51:52.0109 5148 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 18:51:52.0140 5148 Processor - ok 18:51:52.0249 5148 Profos - ok 18:51:52.0265 5148 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 18:51:52.0296 5148 ProfSvc - ok 18:51:52.0327 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:51:52.0343 5148 ProtectedStorage - ok 18:51:52.0405 5148 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe 18:51:52.0405 5148 ProtexisLicensing - ok 18:51:52.0702 5148 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 18:51:52.0717 5148 PSched - ok 18:51:52.0811 5148 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:51:52.0889 5148 ql2300 - ok 18:51:52.0920 5148 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:51:52.0936 5148 ql40xx - ok 18:51:52.0982 5148 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 18:51:53.0014 5148 QWAVE - ok 18:51:53.0029 5148 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:51:53.0045 5148 QWAVEdrv - ok 18:51:53.0092 5148 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:51:53.0123 5148 RasAcd - ok 18:51:53.0138 5148 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 18:51:53.0170 5148 RasAuto - ok 18:51:53.0232 5148 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:51:53.0279 5148 Rasl2tp - ok 18:51:53.0326 5148 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 18:51:53.0357 5148 RasMan - ok 18:51:53.0388 5148 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:51:53.0419 5148 RasPppoe - ok 18:51:53.0419 5148 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:51:53.0450 5148 RasSstp - ok 18:51:53.0482 5148 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:51:53.0513 5148 rdbss - ok 18:51:53.0575 5148 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:51:53.0606 5148 RDPCDD - ok 18:51:53.0638 5148 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 18:51:53.0669 5148 rdpdr - ok 18:51:53.0684 5148 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:51:53.0716 5148 RDPENCDD - ok 18:51:53.0778 5148 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:51:53.0794 5148 RDPWD - ok 18:51:53.0840 5148 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:51:53.0872 5148 RemoteAccess - ok 18:51:53.0903 5148 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:51:53.0918 5148 RemoteRegistry - ok 18:51:54.0059 5148 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 18:51:54.0074 5148 RFCOMM - ok 18:51:54.0168 5148 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 18:51:54.0168 5148 RichVideo ( UnsignedFile.Multi.Generic ) - warning 18:51:54.0168 5148 RichVideo - detected UnsignedFile.Multi.Generic (1) 18:51:54.0215 5148 RimUsb - ok 18:51:54.0246 5148 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys 18:51:54.0262 5148 RimVSerPort - ok 18:51:54.0324 5148 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 18:51:54.0355 5148 ROOTMODEM - ok 18:51:54.0449 5148 RoxLiveShare9 - ok 18:51:54.0480 5148 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 18:51:54.0496 5148 RpcLocator - ok 18:51:54.0558 5148 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 18:51:54.0589 5148 RpcSs - ok 18:51:54.0636 5148 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:51:54.0667 5148 rspndr - ok 18:51:54.0745 5148 [ 174B9514CD1A0C33CE4BBC02A3C81A62 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 18:51:54.0792 5148 RTL8169 - ok 18:51:54.0870 5148 [ 9EA88492B1DAB90DCE43A6F2C0E133BD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 18:51:54.0870 5148 RTSTOR - ok 18:51:54.0917 5148 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 18:51:54.0932 5148 SamSs - ok 18:51:55.0010 5148 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:51:55.0026 5148 sbp2port - ok 18:51:55.0135 5148 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:51:55.0151 5148 SCardSvr - ok 18:51:55.0229 5148 [ 1D5E99DB3C10F4FA034010DC49043CA4 ] Schedule C:\Windows\system32\schedsvc.dll 18:51:55.0260 5148 Schedule - ok 18:51:55.0338 5148 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 18:51:55.0354 5148 SCPolicySvc - ok 18:51:55.0385 5148 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:51:55.0400 5148 SDRSVC - ok 18:51:55.0432 5148 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:51:55.0463 5148 secdrv - ok 18:51:55.0478 5148 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 18:51:55.0510 5148 seclogon - ok 18:51:55.0525 5148 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 18:51:55.0541 5148 SENS - ok 18:51:55.0603 5148 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 18:51:55.0650 5148 Serenum - ok 18:51:55.0681 5148 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 18:51:55.0728 5148 Serial - ok 18:51:55.0790 5148 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:51:55.0806 5148 sermouse - ok 18:51:55.0853 5148 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 18:51:55.0884 5148 SessionEnv - ok 18:51:55.0900 5148 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:51:55.0915 5148 sffdisk - ok 18:51:56.0071 5148 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:51:56.0102 5148 sffp_mmc - ok 18:51:56.0118 5148 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:51:56.0149 5148 sffp_sd - ok 18:51:56.0165 5148 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:51:56.0212 5148 sfloppy - ok 18:51:56.0243 5148 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:51:56.0274 5148 SharedAccess - ok 18:51:56.0508 5148 [ 27F10F348E508243F6254846F8370D0D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:51:56.0539 5148 ShellHWDetection - ok 18:51:56.0602 5148 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 18:51:56.0602 5148 sisagp - ok 18:51:56.0726 5148 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 18:51:56.0742 5148 SiSRaid2 - ok 18:51:56.0773 5148 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:51:56.0773 5148 SiSRaid4 - ok 18:51:56.0945 5148 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 18:51:57.0366 5148 Skype C2C Service - ok 18:51:57.0475 5148 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 18:51:57.0475 5148 SkypeUpdate - ok 18:51:57.0678 5148 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 18:51:57.0803 5148 slsvc - ok 18:51:57.0850 5148 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 18:51:57.0881 5148 SLUINotify - ok 18:51:57.0896 5148 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:51:57.0912 5148 Smb - ok 18:51:57.0928 5148 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:51:57.0943 5148 SNMPTRAP - ok 18:51:58.0037 5148 [ 913D2CE973ED904FE54DE9DB38FCEFF2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 18:51:58.0146 5148 SNP2UVC - ok 18:51:58.0177 5148 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 18:51:58.0193 5148 spldr - ok 18:51:58.0255 5148 [ 846CDF9A3CF4DA9B306ADFB7D55EE4C2 ] Spooler C:\Windows\System32\spoolsv.exe 18:51:58.0286 5148 Spooler - ok 18:51:58.0349 5148 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 18:51:58.0349 5148 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 18:51:58.0349 5148 sptd ( LockedFile.Multi.Generic ) - warning 18:51:58.0349 5148 sptd - detected LockedFile.Multi.Generic (1) 18:51:58.0630 5148 [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE 18:51:58.0645 5148 SpyHunter 4 Service - ok 18:51:58.0692 5148 [ 8E5FC19B3B38364C5F44CCECEC5248E9 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:51:58.0708 5148 srv - ok 18:51:58.0786 5148 [ 4CEEB95E0B79E48B81F2DA0A6C24C64B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:51:58.0801 5148 srv2 - ok 18:51:58.0926 5148 [ 71DB619F4068D7C70D447D73617CDFAC ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe 18:51:59.0020 5148 srvcPVR ( UnsignedFile.Multi.Generic ) - warning 18:51:59.0020 5148 srvcPVR - detected UnsignedFile.Multi.Generic (1) 18:51:59.0082 5148 [ F9C65E1E00A6BBF7C57D9B8EA068C525 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:51:59.0098 5148 srvnet - ok 18:51:59.0129 5148 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:51:59.0160 5148 SSDPSRV - ok 18:51:59.0222 5148 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 18:51:59.0222 5148 ssmdrv - ok 18:51:59.0254 5148 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:51:59.0269 5148 SstpSvc - ok 18:51:59.0285 5148 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 18:51:59.0316 5148 StillCam - ok 18:51:59.0363 5148 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 18:51:59.0394 5148 stisvc - ok 18:51:59.0425 5148 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:51:59.0425 5148 swenum - ok 18:51:59.0441 5148 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 18:51:59.0472 5148 swprv - ok 18:51:59.0488 5148 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 18:51:59.0503 5148 Symc8xx - ok 18:51:59.0534 5148 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 18:51:59.0550 5148 Sym_hi - ok 18:51:59.0581 5148 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 18:51:59.0581 5148 Sym_u3 - ok 18:51:59.0644 5148 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 18:51:59.0675 5148 SysMain - ok 18:51:59.0706 5148 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:51:59.0706 5148 TabletInputService - ok 18:51:59.0768 5148 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 18:51:59.0800 5148 TapiSrv - ok 18:51:59.0831 5148 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 18:51:59.0862 5148 TBS - ok 18:51:59.0956 5148 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:52:00.0002 5148 Tcpip - ok 18:52:00.0049 5148 [ 2EAE4500984C2F8DACFB977060300A15 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 18:52:00.0096 5148 Tcpip6 - ok 18:52:00.0127 5148 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:52:00.0158 5148 tcpipreg - ok 18:52:00.0236 5148 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:52:00.0252 5148 TDPIPE - ok 18:52:00.0330 5148 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:52:00.0361 5148 TDTCP - ok 18:52:00.0392 5148 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:52:00.0424 5148 tdx - ok 18:52:00.0439 5148 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:52:00.0455 5148 TermDD - ok 18:52:00.0720 5148 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 18:52:00.0751 5148 TermService - ok 18:52:00.0782 5148 [ 27F10F348E508243F6254846F8370D0D ] Themes C:\Windows\system32\shsvcs.dll 18:52:00.0814 5148 Themes - ok 18:52:00.0845 5148 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 18:52:00.0876 5148 THREADORDER - ok 18:52:00.0923 5148 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 18:52:00.0954 5148 TrkWks - ok 18:52:01.0001 5148 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:52:01.0032 5148 TrustedInstaller - ok 18:52:01.0079 5148 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:52:01.0094 5148 tssecsrv - ok 18:52:01.0141 5148 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 18:52:01.0141 5148 tunmp - ok 18:52:01.0157 5148 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:52:01.0172 5148 tunnel - ok 18:52:01.0219 5148 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:52:01.0219 5148 uagp35 - ok 18:52:01.0250 5148 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:52:01.0266 5148 udfs - ok 18:52:01.0422 5148 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:52:01.0438 5148 UI0Detect - ok 18:52:01.0469 5148 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:52:01.0469 5148 uliagpkx - ok 18:52:01.0500 5148 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 18:52:01.0500 5148 uliahci - ok 18:52:01.0531 5148 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 18:52:01.0531 5148 UlSata - ok 18:52:01.0562 5148 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 18:52:01.0578 5148 ulsata2 - ok 18:52:01.0594 5148 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:52:01.0625 5148 umbus - ok 18:52:01.0640 5148 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 18:52:01.0656 5148 upnphost - ok 18:52:01.0672 5148 USBAAPL - ok 18:52:01.0718 5148 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:52:01.0734 5148 usbccgp - ok 18:52:01.0750 5148 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:52:01.0796 5148 usbcir - ok 18:52:01.0828 5148 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:52:01.0843 5148 usbehci - ok 18:52:01.0890 5148 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:52:01.0906 5148 usbhub - ok 18:52:01.0937 5148 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:52:01.0984 5148 usbohci - ok 18:52:02.0015 5148 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:52:02.0046 5148 usbprint - ok 18:52:02.0108 5148 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 18:52:02.0124 5148 usbscan - ok 18:52:02.0155 5148 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:52:02.0171 5148 USBSTOR - ok 18:52:02.0186 5148 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 18:52:02.0202 5148 usbuhci - ok 18:52:02.0233 5148 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:52:02.0264 5148 usbvideo - ok 18:52:02.0296 5148 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 18:52:02.0311 5148 UxSms - ok 18:52:02.0342 5148 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 18:52:02.0374 5148 vds - ok 18:52:02.0405 5148 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:52:02.0420 5148 vga - ok 18:52:02.0436 5148 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 18:52:02.0467 5148 VgaSave - ok 18:52:02.0483 5148 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 18:52:02.0498 5148 viaagp - ok 18:52:02.0514 5148 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 18:52:02.0530 5148 ViaC7 - ok 18:52:02.0545 5148 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 18:52:02.0561 5148 viaide - ok 18:52:02.0576 5148 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:52:02.0592 5148 volmgr - ok 18:52:02.0608 5148 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:52:02.0623 5148 volmgrx - ok 18:52:02.0623 5148 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:52:02.0639 5148 volsnap - ok 18:52:02.0670 5148 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:52:02.0686 5148 vsmraid - ok 18:52:02.0717 5148 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 18:52:02.0779 5148 VSS - ok 18:52:02.0810 5148 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 18:52:02.0842 5148 W32Time - ok 18:52:02.0873 5148 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:52:02.0920 5148 WacomPen - ok 18:52:02.0935 5148 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0951 5148 Wanarp - ok 18:52:02.0951 5148 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0982 5148 Wanarpv6 - ok 18:52:02.0998 5148 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:52:03.0013 5148 wcncsvc - ok 18:52:03.0044 5148 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:52:03.0060 5148 WcsPlugInService - ok 18:52:03.0091 5148 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 18:52:03.0091 5148 Wd - ok 18:52:03.0138 5148 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:52:03.0154 5148 Wdf01000 - ok 18:52:03.0185 5148 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:52:03.0216 5148 WdiServiceHost - ok 18:52:03.0216 5148 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:52:03.0247 5148 WdiSystemHost - ok 18:52:03.0263 5148 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 18:52:03.0278 5148 WebClient - ok 18:52:03.0294 5148 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:52:03.0325 5148 Wecsvc - ok 18:52:03.0325 5148 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:52:03.0341 5148 wercplsupport - ok 18:52:03.0372 5148 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 18:52:03.0388 5148 WerSvc - ok 18:52:03.0450 5148 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 18:52:03.0450 5148 WinDefend - ok 18:52:03.0466 5148 WinHttpAutoProxySvc - ok 18:52:03.0528 5148 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:52:03.0544 5148 Winmgmt - ok 18:52:03.0575 5148 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll 18:52:03.0622 5148 WinRM - ok 18:52:03.0668 5148 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 18:52:03.0684 5148 WinUSB - ok 18:52:03.0731 5148 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:52:03.0762 5148 Wlansvc - ok 18:52:03.0793 5148 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 18:52:03.0809 5148 WmiAcpi - ok 18:52:03.0856 5148 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:52:03.0871 5148 wmiApSrv - ok 18:52:03.0965 5148 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 18:52:04.0012 5148 WMPNetworkSvc - ok 18:52:04.0043 5148 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:52:04.0058 5148 WPCSvc - ok 18:52:04.0105 5148 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:52:04.0121 5148 WPDBusEnum - ok 18:52:04.0168 5148 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 18:52:04.0183 5148 WpdUsb - ok 18:52:04.0246 5148 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:52:04.0261 5148 ws2ifsl - ok 18:52:04.0292 5148 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 18:52:04.0308 5148 wscsvc - ok 18:52:04.0308 5148 WSearch - ok 18:52:04.0386 5148 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 18:52:04.0464 5148 wuauserv - ok 18:52:04.0495 5148 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:52:04.0526 5148 WUDFRd - ok 18:52:04.0526 5148 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:52:04.0558 5148 wudfsvc - ok 18:52:04.0589 5148 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys 18:52:04.0589 5148 X10Hid - ok 18:52:04.0651 5148 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 18:52:04.0667 5148 x10nets ( UnsignedFile.Multi.Generic ) - warning 18:52:04.0667 5148 x10nets - detected UnsignedFile.Multi.Generic (1) 18:52:04.0698 5148 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys 18:52:04.0698 5148 XUIF - ok 18:52:04.0729 5148 ================ Scan global =============================== 18:52:04.0760 5148 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 18:52:04.0792 5148 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 18:52:04.0823 5148 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll 18:52:04.0838 5148 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 18:52:04.0838 5148 [Global] - ok 18:52:04.0854 5148 ================ Scan MBR ================================== 18:52:04.0870 5148 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 18:52:05.0696 5148 \Device\Harddisk0\DR0 - ok 18:52:05.0696 5148 ================ Scan VBR ================================== 18:52:05.0728 5148 [ D388FB9CCF230EC959D1A647C421C6B8 ] \Device\Harddisk0\DR0\Partition1 18:52:05.0806 5148 \Device\Harddisk0\DR0\Partition1 - ok 18:52:05.0852 5148 [ 6F7E15BF1F320FCCDD1AB9F387F82803 ] \Device\Harddisk0\DR0\Partition2 18:52:05.0852 5148 \Device\Harddisk0\DR0\Partition2 - ok 18:52:05.0852 5148 ============================================================ 18:52:05.0852 5148 Scan finished 18:52:05.0852 5148 ============================================================ 18:52:05.0852 5140 Detected object count: 8 18:52:05.0852 5140 Actual detected object count: 8 18:52:11.0905 5140 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 sptd ( LockedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:52:11.0905 5140 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 18:52:11.0905 5140 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
21.12.2012, 18:59
| #13 |
| /// Malware-holic | cash-trojaner in form von antivirus programm Hi, gut. Nutzt du den PC für Onlinebanking, zum einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.12.2012, 19:11
| #14 |
| | cash-trojaner in form von antivirus programm ja in der Regel schon |
|
21.12.2012, 19:14
| #15 |
| /// Malware-holic | cash-trojaner in form von antivirus programm Hi rufe bitte deine Bank an, da diese wohl schon geschlossen hatt, Notfall Nummer: 116 116 Lasse dein Onlinebanking aufgrund des rootkits TDSS sperren. Da dieses rootkit weitere Schadkomponennten nachladen kann, die wir evtl. nicht finden, du aber fürs Banking nen sauberen PC benötigst: der pc muss neu aufgesetzt und dann abgesichert werden 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu cash-trojaner in form von antivirus programm |
| anderen, anderes, angeblich, antivirus, automatisch, autostart, avira, computer, down, explorer, forum, funktioniert, internet, internet explorer, kaufen, malwarebytes, manuel, meldung, online, programm, programme, shutdown, startet, vollversion, öffnen |
Linear-Darstellung
