Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TDSS rootkit auf sauberen Laptop übertragen?

TDSS rootkit auf sauberen Laptop übertragen?


Log-Analyse und Auswertung: TDSS rootkit auf sauberen Laptop übertragen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 09.01.2013, 23:45   #1
Gisela
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


hallo nochmal,

wie bereits in meinem Thema "Windows XP fährt hoch, zeigt erst Desktop Bild, dann weißer Bildschirm" angesprochen, habe ich den komprimierten Movedfiles-ordner des OTLPE Programm logs von dem infizierten pc auf einen usb-stick gezogen und zum hochladen kurz an meinem sauberen laptop angesteckt. muss ich hier jetzt bedenken haben?

auf diesem laptop habe ich vista und das antivirenprogramm avast (free version) laufen. hätte mir avast das problem gemeldet bzw. wie kann ich rausfinden ob ich den laptop mitinfiziert habe?

Alt 10.01.2013, 00:18   #2
markusg
/// Malware-holic
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


Hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________

__________________
Alt 10.01.2013, 08:31   #3
Gisela
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


hier das ergebnis:

Code:
ATTFilter
08:28:18.0515 5828  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:28:18.0640 5828  ============================================================
08:28:18.0640 5828  Current date / time: 2013/01/10 08:28:18.0640
08:28:18.0640 5828  SystemInfo:
08:28:18.0640 5828  
08:28:18.0640 5828  OS Version: 6.0.6002 ServicePack: 2.0
08:28:18.0640 5828  Product type: Workstation
08:28:18.0640 5828  ComputerName: ESTHER-NOTEBOOK
08:28:18.0640 5828  UserName: Esther
08:28:18.0640 5828  Windows directory: C:\Windows
08:28:18.0640 5828  System windows directory: C:\Windows
08:28:18.0640 5828  Processor architecture: Intel x86
08:28:18.0640 5828  Number of processors: 2
08:28:18.0640 5828  Page size: 0x1000
08:28:18.0640 5828  Boot type: Normal boot
08:28:18.0640 5828  ============================================================
08:28:19.0279 5828  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:28:19.0295 5828  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:28:19.0747 5828  ============================================================
08:28:19.0747 5828  \Device\Harddisk0\DR0:
08:28:19.0810 5828  MBR partitions:
08:28:19.0810 5828  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x950C800
08:28:19.0810 5828  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x97FB000, BlocksNum 0x921E800
08:28:19.0810 5828  \Device\Harddisk1\DR1:
08:28:19.0810 5828  MBR partitions:
08:28:19.0810 5828  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x575452C2
08:28:19.0810 5828  ============================================================
08:28:19.0857 5828  C: <-> \Device\Harddisk0\DR0\Partition1
08:28:19.0950 5828  E: <-> \Device\Harddisk0\DR0\Partition2
08:28:19.0950 5828  I: <-> \Device\Harddisk1\DR1\Partition1
08:28:19.0950 5828  ============================================================
08:28:19.0950 5828  Initialize success
08:28:19.0950 5828  ============================================================
08:28:27.0251 1292  ============================================================
08:28:27.0251 1292  Scan started
08:28:27.0251 1292  Mode: Manual; SigCheck; TDLFS; 
08:28:27.0251 1292  ============================================================
08:28:28.0452 1292  ================ Scan system memory ========================
08:28:28.0452 1292  System memory - ok
08:28:28.0452 1292  ================ Scan services =============================
08:28:28.0749 1292  [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10        C:\Windows\system32\drivers\acedrv10.sys
08:28:34.0505 1292  acedrv10 - ok
08:28:34.0614 1292  [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10        C:\Windows\system32\drivers\acehlp10.sys
08:28:34.0645 1292  acehlp10 - ok
08:28:34.0708 1292  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
08:28:34.0739 1292  ACPI - ok
08:28:34.0848 1292  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:28:34.0879 1292  AdobeARMservice - ok
08:28:34.0973 1292  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:28:34.0989 1292  AdobeFlashPlayerUpdateSvc - ok
08:28:35.0067 1292  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:28:35.0113 1292  adp94xx - ok
08:28:35.0160 1292  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:28:35.0191 1292  adpahci - ok
08:28:35.0207 1292  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
08:28:35.0223 1292  adpu160m - ok
08:28:35.0254 1292  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:28:35.0285 1292  adpu320 - ok
08:28:35.0332 1292  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:28:35.0379 1292  AeLookupSvc - ok
08:28:35.0441 1292  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
08:28:35.0503 1292  AFD - ok
08:28:35.0535 1292  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
08:28:35.0566 1292  AgereModemAudio - ok
08:28:35.0675 1292  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
08:28:35.0737 1292  AgereSoftModem - ok
08:28:35.0769 1292  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:28:35.0784 1292  agp440 - ok
08:28:35.0815 1292  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
08:28:35.0831 1292  aic78xx - ok
08:28:35.0909 1292  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
08:28:35.0956 1292  ALG - ok
08:28:35.0987 1292  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:28:36.0003 1292  aliide - ok
08:28:36.0049 1292  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
08:28:36.0081 1292  amdagp - ok
08:28:36.0096 1292  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
08:28:36.0112 1292  amdide - ok
08:28:36.0143 1292  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
08:28:36.0205 1292  AmdK7 - ok
08:28:36.0237 1292  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:28:36.0299 1292  AmdK8 - ok
08:28:36.0471 1292  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
08:28:36.0533 1292  Appinfo - ok
08:28:36.0720 1292  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:28:36.0736 1292  Apple Mobile Device - ok
08:28:36.0767 1292  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
08:28:36.0798 1292  arc - ok
08:28:36.0861 1292  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
08:28:36.0876 1292  arcsas - ok
08:28:36.0939 1292  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
08:28:36.0970 1292  aswFsBlk - ok
08:28:37.0032 1292  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
08:28:37.0048 1292  aswMonFlt - ok
08:28:37.0141 1292  [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
08:28:37.0188 1292  AswRdr - ok
08:28:37.0266 1292  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
08:28:37.0360 1292  aswSnx - ok
08:28:37.0438 1292  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
08:28:37.0485 1292  aswSP - ok
08:28:37.0516 1292  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
08:28:37.0531 1292  aswTdi - ok
08:28:37.0578 1292  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:28:37.0641 1292  AsyncMac - ok
08:28:37.0672 1292  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:28:37.0687 1292  atapi - ok
08:28:37.0750 1292  [ 6046A55F79DE9C581B8D5E9C1366CC81 ] athr            C:\Windows\system32\DRIVERS\athr.sys
08:28:37.0843 1292  athr - ok
08:28:37.0906 1292  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:28:37.0968 1292  AudioEndpointBuilder - ok
08:28:37.0984 1292  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
08:28:38.0015 1292  Audiosrv - ok
08:28:38.0140 1292  [ B5D974C1FD078A68C7536C561B031D39 ] Automatisches LiveUpdate - Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
08:28:38.0171 1292  Automatisches LiveUpdate - Scheduler - ok
08:28:38.0218 1292  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:28:38.0233 1292  avast! Antivirus - ok
08:28:38.0327 1292  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:28:38.0389 1292  Beep - ok
08:28:38.0467 1292  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
08:28:38.0514 1292  BFE - ok
08:28:38.0592 1292  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
08:28:38.0717 1292  BITS - ok
08:28:38.0717 1292  blbdrive - ok
08:28:38.0920 1292  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:28:38.0998 1292  Bonjour Service - ok
08:28:39.0029 1292  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:28:39.0076 1292  bowser - ok
08:28:39.0138 1292  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
08:28:39.0185 1292  BrFiltLo - ok
08:28:39.0201 1292  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
08:28:39.0247 1292  BrFiltUp - ok
08:28:39.0310 1292  [ B1564976D98E91FC764D5DC28A0297DA ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
08:28:39.0357 1292  Bridge - ok
08:28:39.0357 1292  [ B1564976D98E91FC764D5DC28A0297DA ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
08:28:39.0388 1292  BridgeMP - ok
08:28:39.0466 1292  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
08:28:39.0528 1292  Browser - ok
08:28:39.0544 1292  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
08:28:39.0622 1292  Brserid - ok
08:28:39.0653 1292  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
08:28:39.0715 1292  BrSerWdm - ok
08:28:39.0731 1292  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
08:28:39.0793 1292  BrUsbMdm - ok
08:28:39.0840 1292  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
08:28:39.0903 1292  BrUsbSer - ok
08:28:39.0949 1292  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
08:28:40.0012 1292  BTHMODEM - ok
08:28:40.0059 1292  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:28:40.0121 1292  cdfs - ok
08:28:40.0168 1292  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:28:40.0215 1292  cdrom - ok
08:28:40.0277 1292  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:28:40.0324 1292  CertPropSvc - ok
08:28:40.0417 1292  [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
08:28:40.0433 1292  CFSvcs ( UnsignedFile.Multi.Generic ) - warning
08:28:40.0433 1292  CFSvcs - detected UnsignedFile.Multi.Generic (1)
08:28:40.0480 1292  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:28:40.0511 1292  circlass - ok
08:28:40.0558 1292  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
08:28:40.0589 1292  CLFS - ok
08:28:40.0683 1292  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:28:40.0698 1292  clr_optimization_v2.0.50727_32 - ok
08:28:40.0823 1292  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:28:40.0901 1292  clr_optimization_v4.0.30319_32 - ok
08:28:40.0979 1292  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:28:41.0088 1292  CmBatt - ok
08:28:41.0135 1292  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:28:41.0166 1292  cmdide - ok
08:28:41.0197 1292  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:28:41.0229 1292  Compbatt - ok
08:28:41.0229 1292  COMSysApp - ok
08:28:41.0291 1292  [ C3156B712E3873AAD354F1696B2B2925 ] CplIR           C:\Windows\system32\DRIVERS\CplIR.SYS
08:28:41.0353 1292  CplIR - ok
08:28:41.0431 1292  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
08:28:41.0463 1292  crcdisk - ok
08:28:41.0494 1292  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
08:28:41.0587 1292  Crusoe - ok
08:28:41.0665 1292  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:28:41.0697 1292  CryptSvc - ok
08:28:41.0790 1292  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:28:41.0915 1292  DcomLaunch - ok
08:28:41.0946 1292  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:28:41.0993 1292  DfsC - ok
08:28:42.0133 1292  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
08:28:42.0867 1292  DFSR - ok
08:28:43.0085 1292  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
08:28:43.0241 1292  Dhcp - ok
08:28:43.0319 1292  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
08:28:43.0397 1292  disk - ok
08:28:45.0300 1292  [ 12CA083A5C9463CDA58E448E489C866B ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
08:28:46.0065 1292  DisplayLinkService - ok
08:28:46.0283 1292  [ 03F0E57A127FBE09B7641D68A9483D2D ] DisplayLinkUsbPort C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys
08:28:46.0377 1292  DisplayLinkUsbPort - ok
08:28:46.0486 1292  [ C5D57D70AD00D2FBAF04B38675F1ED0A ] dlkmd           C:\Windows\system32\drivers\dlkmd.sys
08:28:46.0533 1292  dlkmd - ok
08:28:46.0642 1292  [ B0A027364265D1FCA68C27C9596DDA0F ] dlkmdldr        C:\Windows\system32\drivers\dlkmdldr.sys
08:28:46.0673 1292  dlkmdldr - ok
08:28:46.0751 1292  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:28:46.0813 1292  Dnscache - ok
08:28:46.0923 1292  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:28:47.0063 1292  dot3svc - ok
08:28:47.0219 1292  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
08:28:47.0281 1292  Dot4 - ok
08:28:47.0391 1292  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:28:47.0469 1292  Dot4Print - ok
08:28:47.0515 1292  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
08:28:47.0609 1292  dot4usb - ok
08:28:47.0671 1292  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
08:28:47.0703 1292  DPS - ok
08:28:47.0749 1292  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:28:48.0841 1292  drmkaud - ok
08:28:49.0387 1292  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:28:49.0559 1292  DXGKrnl - ok
08:28:49.0668 1292  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
08:28:49.0746 1292  E1G60 - ok
08:28:49.0824 1292  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
08:28:49.0918 1292  EapHost - ok
08:28:50.0027 1292  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
08:28:50.0058 1292  Ecache - ok
08:28:50.0230 1292  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:28:50.0323 1292  ehRecvr - ok
08:28:50.0386 1292  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
08:28:50.0417 1292  ehSched - ok
08:28:50.0464 1292  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
08:28:50.0511 1292  ehstart - ok
08:28:50.0729 1292  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
08:28:50.0776 1292  elxstor - ok
08:28:50.0994 1292  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
08:28:51.0259 1292  EMDMgmt - ok
08:28:51.0337 1292  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
08:28:51.0400 1292  EventSystem - ok
08:28:51.0462 1292  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
08:28:51.0493 1292  exfat - ok
08:28:51.0571 1292  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:28:51.0649 1292  fastfat - ok
08:28:51.0712 1292  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:28:51.0805 1292  fdc - ok
08:28:51.0852 1292  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:28:51.0915 1292  fdPHost - ok
08:28:51.0930 1292  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:28:51.0993 1292  FDResPub - ok
08:28:52.0055 1292  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:28:52.0086 1292  FileInfo - ok
08:28:52.0149 1292  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:28:52.0242 1292  Filetrace - ok
08:28:52.0320 1292  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:28:52.0383 1292  flpydisk - ok
08:28:52.0445 1292  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:28:52.0461 1292  FltMgr - ok
08:28:52.0648 1292  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
08:28:52.0726 1292  FontCache - ok
08:28:52.0804 1292  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:28:52.0835 1292  FontCache3.0.0.0 - ok
08:28:52.0866 1292  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:28:52.0975 1292  Fs_Rec - ok
08:28:53.0022 1292  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
08:28:53.0053 1292  gagp30kx - ok
08:28:53.0116 1292  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:28:53.0131 1292  GEARAspiWDM - ok
08:28:53.0209 1292  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:28:53.0319 1292  gpsvc - ok
08:28:53.0553 1292  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
08:28:53.0568 1292  gupdate - ok
08:28:53.0693 1292  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
08:28:53.0709 1292  gupdatem - ok
08:28:53.0880 1292  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:28:54.0052 1292  HdAudAddService - ok
08:28:54.0255 1292  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
08:28:54.0646 1292  HDAudBus - ok
08:28:54.0692 1292  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
08:28:54.0848 1292  HidBth - ok
08:28:54.0911 1292  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:28:54.0973 1292  HidIr - ok
08:28:55.0020 1292  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
08:28:55.0051 1292  hidserv - ok
08:28:55.0129 1292  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:28:55.0192 1292  HidUsb - ok
08:28:55.0223 1292  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:28:55.0301 1292  hkmsvc - ok
08:28:55.0363 1292  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
08:28:55.0379 1292  HpCISSs - ok
08:28:55.0550 1292  [ E4E285A3766B4A57401FEEAF66CB07B5 ] hpqcxs08        C:\Program Files\HP Officejet 5610\Digital Imaging\bin\hpqcxs08.dll
08:28:55.0582 1292  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
08:28:55.0582 1292  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
08:28:55.0613 1292  [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc        C:\Program Files\HP Officejet 5610\Digital Imaging\bin\hpqddsvc.dll
08:28:55.0644 1292  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
08:28:55.0644 1292  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
08:28:55.0722 1292  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:28:55.0769 1292  HTTP - ok
08:28:55.0800 1292  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
08:28:55.0831 1292  i2omp - ok
08:28:55.0909 1292  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:28:55.0972 1292  i8042prt - ok
08:28:56.0096 1292  [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
08:28:56.0159 1292  IAANTMON - ok
08:28:56.0237 1292  [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
08:28:56.0252 1292  iaStor - ok
08:28:56.0284 1292  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
08:28:56.0315 1292  iaStorV - ok
08:28:56.0408 1292  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:28:56.0596 1292  IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:28:56.0596 1292  IDriverT - detected UnsignedFile.Multi.Generic (1)
08:28:56.0752 1292  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:28:56.0892 1292  idsvc - ok
08:28:57.0251 1292  [ 6CE783058A792C312C73D97A47BA704D ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
08:28:58.0234 1292  igfx - ok
08:28:58.0764 1292  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
08:28:58.0842 1292  iirsp - ok
08:28:58.0982 1292  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:28:59.0123 1292  IKEEXT - ok
08:28:59.0326 1292  [ 2BD6633DB50A98534AA3262E0F9F5A14 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:28:59.0575 1292  IntcAzAudAddService - ok
08:28:59.0638 1292  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:28:59.0669 1292  intelide - ok
08:28:59.0762 1292  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:28:59.0840 1292  intelppm - ok
08:28:59.0934 1292  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:28:59.0981 1292  IPBusEnum - ok
08:29:00.0028 1292  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:29:00.0074 1292  IpFilterDriver - ok
08:29:00.0152 1292  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:29:00.0199 1292  iphlpsvc - ok
08:29:00.0199 1292  IpInIp - ok
08:29:00.0277 1292  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
08:29:00.0558 1292  IPMIDRV - ok
08:29:00.0745 1292  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
08:29:00.0792 1292  IPNAT - ok
08:29:00.0870 1292  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:29:00.0901 1292  iPod Service - ok
08:29:00.0948 1292  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:29:00.0995 1292  IRENUM - ok
08:29:01.0042 1292  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:29:01.0057 1292  isapnp - ok
08:29:01.0135 1292  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
08:29:01.0166 1292  iScsiPrt - ok
08:29:01.0182 1292  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
08:29:01.0213 1292  iteatapi - ok
08:29:01.0229 1292  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
08:29:01.0244 1292  iteraid - ok
08:29:01.0291 1292  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:29:01.0447 1292  kbdclass - ok
08:29:01.0494 1292  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:29:01.0541 1292  kbdhid - ok
08:29:01.0588 1292  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
08:29:01.0634 1292  KeyIso - ok
08:29:01.0712 1292  [ A383F2CEA0A8F4E76E71ABC869BD5748 ] KR10I           C:\Windows\system32\drivers\kr10i.sys
08:29:01.0775 1292  KR10I - ok
08:29:01.0837 1292  [ 6E9922332386C2A49936B30B2B6FD298 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
08:29:01.0884 1292  KR10N - ok
08:29:02.0040 1292  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:29:02.0118 1292  KSecDD - ok
08:29:02.0227 1292  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:29:02.0383 1292  KtmRm - ok
08:29:02.0461 1292  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:29:02.0524 1292  LanmanServer - ok
08:29:02.0617 1292  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:29:02.0680 1292  LanmanWorkstation - ok
08:29:03.0616 1292  [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:29:03.0865 1292  LiveUpdate - ok
08:29:03.0928 1292  LiveUpdate Notice Ex - ok
08:29:04.0006 1292  [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
08:29:04.0084 1292  LiveUpdate Notice Service - ok
08:29:04.0130 1292  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:29:04.0177 1292  lltdio - ok
08:29:04.0224 1292  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:29:04.0255 1292  lltdsvc - ok
08:29:04.0302 1292  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:29:04.0396 1292  lmhosts - ok
08:29:04.0442 1292  [ 515FC18CABEE0158A324B08B1C2667CF ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
08:29:04.0489 1292  LPCFilter - ok
08:29:04.0520 1292  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
08:29:04.0552 1292  LSI_FC - ok
08:29:04.0583 1292  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
08:29:04.0598 1292  LSI_SAS - ok
08:29:04.0661 1292  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
08:29:04.0676 1292  LSI_SCSI - ok
08:29:04.0739 1292  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
08:29:04.0786 1292  luafv - ok
08:29:04.0895 1292  [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus.sys
08:29:04.0942 1292  MarvinBus - ok
08:29:04.0973 1292  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:29:05.0035 1292  Mcx2Svc - ok
08:29:05.0316 1292  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
08:29:05.0394 1292  MDM - ok
08:29:05.0488 1292  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
08:29:05.0519 1292  megasas - ok
08:29:05.0566 1292  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
08:29:05.0628 1292  MMCSS - ok
08:29:05.0659 1292  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
08:29:05.0690 1292  Modem - ok
08:29:05.0753 1292  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:29:05.0815 1292  monitor - ok
08:29:05.0846 1292  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:29:05.0878 1292  mouclass - ok
08:29:05.0909 1292  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:29:05.0987 1292  mouhid - ok
08:29:06.0034 1292  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
08:29:06.0143 1292  MountMgr - ok
08:29:06.0236 1292  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:29:06.0252 1292  MozillaMaintenance - ok
08:29:06.0299 1292  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:29:06.0330 1292  mpio - ok
08:29:06.0392 1292  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:29:06.0455 1292  mpsdrv - ok
08:29:06.0533 1292  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:29:06.0580 1292  MpsSvc - ok
08:29:06.0673 1292  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
08:29:06.0689 1292  Mraid35x - ok
08:29:06.0782 1292  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:29:06.0814 1292  MRxDAV - ok
08:29:06.0860 1292  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:29:06.0892 1292  mrxsmb - ok
08:29:06.0954 1292  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:29:06.0985 1292  mrxsmb10 - ok
08:29:07.0016 1292  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:29:07.0048 1292  mrxsmb20 - ok
08:29:07.0094 1292  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:29:07.0110 1292  msahci - ok
08:29:07.0141 1292  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:29:07.0157 1292  msdsm - ok
08:29:07.0188 1292  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
08:29:07.0250 1292  MSDTC - ok
08:29:07.0313 1292  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:29:07.0391 1292  Msfs - ok
08:29:07.0484 1292  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:29:07.0516 1292  msisadrv - ok
08:29:07.0562 1292  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:29:07.0781 1292  MSiSCSI - ok
08:29:07.0781 1292  msiserver - ok
08:29:07.0828 1292  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:29:07.0952 1292  MSKSSRV - ok
08:29:08.0015 1292  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:29:08.0062 1292  MSPCLOCK - ok
08:29:08.0062 1292  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:29:08.0108 1292  MSPQM - ok
08:29:08.0155 1292  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:29:08.0249 1292  MsRPC - ok
08:29:08.0296 1292  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
08:29:08.0311 1292  mssmbios - ok
08:29:08.0327 1292  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:29:08.0389 1292  MSTEE - ok
08:29:08.0436 1292  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
08:29:08.0467 1292  Mup - ok
08:29:08.0514 1292  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
08:29:08.0545 1292  napagent - ok
08:29:08.0654 1292  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:29:08.0701 1292  NativeWifiP - ok
08:29:08.0764 1292  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:29:08.0904 1292  NDIS - ok
08:29:08.0966 1292  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:29:08.0998 1292  NdisTapi - ok
08:29:09.0060 1292  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:29:09.0138 1292  Ndisuio - ok
08:29:09.0216 1292  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:29:09.0263 1292  NdisWan - ok
08:29:09.0341 1292  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:29:09.0434 1292  NDProxy - ok
08:29:09.0544 1292  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:29:09.0590 1292  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:29:09.0590 1292  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:29:09.0653 1292  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:29:09.0700 1292  NetBIOS - ok
08:29:09.0809 1292  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
08:29:09.0996 1292  netbt - ok
08:29:10.0012 1292  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
08:29:10.0074 1292  Netlogon - ok
08:29:10.0199 1292  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
08:29:10.0246 1292  Netman - ok
08:29:10.0308 1292  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
08:29:10.0355 1292  netprofm - ok
08:29:10.0402 1292  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:29:10.0433 1292  NetTcpPortSharing - ok
08:29:10.0511 1292  [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
08:29:10.0838 1292  NETw4v32 - ok
08:29:10.0901 1292  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
08:29:10.0932 1292  nfrd960 - ok
08:29:10.0994 1292  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:29:11.0057 1292  NlaSvc - ok
08:29:11.0135 1292  [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
08:29:11.0166 1292  NMIndexingService - ok
08:29:11.0228 1292  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:29:11.0275 1292  Npfs - ok
08:29:11.0322 1292  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
08:29:11.0369 1292  nsi - ok
08:29:11.0416 1292  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:29:11.0494 1292  nsiproxy - ok
08:29:11.0821 1292  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:29:11.0899 1292  Ntfs - ok
08:29:11.0962 1292  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
08:29:12.0040 1292  ntrigdigi - ok
08:29:12.0086 1292  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
08:29:12.0118 1292  Null - ok
08:29:12.0133 1292  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:29:12.0149 1292  nvraid - ok
08:29:12.0164 1292  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:29:12.0180 1292  nvstor - ok
08:29:12.0242 1292  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:29:12.0258 1292  nv_agp - ok
08:29:12.0274 1292  NwlnkFlt - ok
08:29:12.0305 1292  NwlnkFwd - ok
08:29:12.0383 1292  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:29:12.0414 1292  odserv - ok
08:29:12.0445 1292  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
08:29:12.0492 1292  ohci1394 - ok
08:29:12.0554 1292  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:29:12.0570 1292  ose - ok
08:29:12.0788 1292  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
08:29:12.0929 1292  p2pimsvc - ok
08:29:12.0944 1292  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:29:13.0085 1292  p2psvc - ok
08:29:13.0116 1292  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
08:29:13.0210 1292  Parport - ok
08:29:13.0256 1292  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:29:13.0272 1292  partmgr - ok
08:29:13.0319 1292  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
08:29:13.0397 1292  Parvdm - ok
08:29:13.0444 1292  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:29:13.0490 1292  PcaSvc - ok
08:29:13.0600 1292  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
08:29:13.0694 1292  pci - ok
08:29:13.0725 1292  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:29:13.0757 1292  pciide - ok
08:29:13.0850 1292  [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI         C:\Windows\system32\drivers\pclepci.sys
08:29:13.0881 1292  PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
08:29:13.0881 1292  PCLEPCI - detected UnsignedFile.Multi.Generic (1)
08:29:13.0959 1292  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:29:14.0006 1292  pcmcia - ok
08:29:14.0084 1292  [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
08:29:14.0162 1292  pcouffin - ok
08:29:14.0240 1292  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:29:14.0365 1292  PEAUTH - ok
08:29:14.0505 1292  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
08:29:14.0599 1292  pla - ok
08:29:14.0678 1292  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:29:14.0725 1292  PlugPlay - ok
08:29:14.0772 1292  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:29:14.0818 1292  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:29:14.0818 1292  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:29:14.0850 1292  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
08:29:14.0912 1292  PNRPAutoReg - ok
08:29:14.0928 1292  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
08:29:15.0021 1292  PNRPsvc - ok
08:29:15.0084 1292  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:29:15.0193 1292  PolicyAgent - ok
08:29:15.0271 1292  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:29:15.0318 1292  PptpMiniport - ok
08:29:15.0333 1292  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
08:29:15.0396 1292  Processor - ok
08:29:15.0442 1292  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:29:15.0489 1292  ProfSvc - ok
08:29:15.0567 1292  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:29:15.0614 1292  ProtectedStorage - ok
08:29:15.0661 1292  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
08:29:15.0692 1292  PSched - ok
08:29:15.0755 1292  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
08:29:15.0802 1292  PxHelp20 - ok
08:29:16.0052 1292  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
08:29:16.0130 1292  ql2300 - ok
08:29:16.0145 1292  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
08:29:16.0161 1292  ql40xx - ok
08:29:16.0255 1292  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
08:29:16.0364 1292  QWAVE - ok
08:29:16.0489 1292  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:29:16.0567 1292  QWAVEdrv - ok
08:29:16.0613 1292  [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
08:29:16.0676 1292  RapiMgr - ok
08:29:16.0755 1292  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:29:16.0817 1292  RasAcd - ok
08:29:16.0895 1292  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
08:29:16.0958 1292  RasAuto - ok
08:29:17.0004 1292  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:29:17.0051 1292  Rasl2tp - ok
08:29:17.0129 1292  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
08:29:17.0176 1292  RasMan - ok
08:29:17.0223 1292  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:29:17.0270 1292  RasPppoe - ok
08:29:17.0301 1292  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:29:17.0348 1292  RasSstp - ok
08:29:17.0441 1292  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:29:17.0488 1292  rdbss - ok
08:29:17.0550 1292  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:29:17.0582 1292  RDPCDD - ok
08:29:17.0660 1292  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
08:29:17.0722 1292  rdpdr - ok
08:29:17.0753 1292  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:29:17.0816 1292  RDPENCDD - ok
08:29:17.0894 1292  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:29:17.0940 1292  RDPWD - ok
08:29:18.0018 1292  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:29:18.0065 1292  RemoteAccess - ok
08:29:18.0128 1292  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:29:18.0159 1292  RemoteRegistry - ok
08:29:18.0190 1292  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
08:29:18.0237 1292  RpcLocator - ok
08:29:18.0330 1292  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
08:29:18.0377 1292  RpcSs - ok
08:29:18.0440 1292  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:29:18.0471 1292  rspndr - ok
08:29:18.0549 1292  [ 8AC16411B25E29124F6D421ADD58FBE6 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
08:29:18.0658 1292  RTL8169 - ok
08:29:18.0689 1292  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
08:29:18.0705 1292  SamSs - ok
08:29:18.0783 1292  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:29:18.0798 1292  sbp2port - ok
08:29:18.0876 1292  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:29:18.0923 1292  SCardSvr - ok
08:29:19.0064 1292  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
08:29:19.0157 1292  Schedule - ok
08:29:19.0220 1292  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:29:19.0251 1292  SCPolicySvc - ok
08:29:19.0298 1292  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
08:29:19.0344 1292  sdbus - ok
08:29:19.0391 1292  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:29:19.0422 1292  SDRSVC - ok
08:29:19.0469 1292  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:29:19.0547 1292  secdrv - ok
08:29:19.0610 1292  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
08:29:19.0656 1292  seclogon - ok
08:29:19.0734 1292  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
08:29:19.0797 1292  SENS - ok
08:29:19.0828 1292  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
08:29:19.0890 1292  Serenum - ok
08:29:19.0937 1292  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
08:29:20.0000 1292  Serial - ok
08:29:20.0046 1292  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
08:29:20.0093 1292  sermouse - ok
08:29:20.0171 1292  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:29:20.0234 1292  SessionEnv - ok
08:29:20.0265 1292  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
08:29:20.0312 1292  sffdisk - ok
08:29:20.0343 1292  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:29:20.0405 1292  sffp_mmc - ok
08:29:20.0452 1292  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
08:29:20.0514 1292  sffp_sd - ok
08:29:20.0546 1292  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
08:29:20.0608 1292  sfloppy - ok
08:29:20.0624 1292  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:29:20.0686 1292  SharedAccess - ok
08:29:20.0780 1292  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:29:20.0858 1292  ShellHWDetection - ok
08:29:20.0873 1292  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
08:29:20.0889 1292  sisagp - ok
08:29:20.0904 1292  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
08:29:20.0920 1292  SiSRaid2 - ok
08:29:20.0936 1292  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
08:29:20.0951 1292  SiSRaid4 - ok
08:29:21.0170 1292  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
08:29:21.0653 1292  slsvc - ok
08:29:21.0716 1292  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
08:29:21.0747 1292  SLUINotify - ok
08:29:21.0809 1292  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:29:21.0872 1292  Smb - ok
08:29:21.0918 1292  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:29:21.0981 1292  SNMPTRAP - ok
08:29:22.0028 1292  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
08:29:22.0043 1292  spldr - ok
08:29:22.0106 1292  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
08:29:22.0184 1292  Spooler - ok
08:29:22.0246 1292  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:29:22.0262 1292  srv - ok
08:29:22.0324 1292  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:29:22.0371 1292  srv2 - ok
08:29:22.0386 1292  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:29:22.0433 1292  srvnet - ok
08:29:22.0480 1292  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:29:22.0558 1292  SSDPSRV - ok
08:29:22.0620 1292  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:29:22.0698 1292  SstpSvc - ok
08:29:22.0870 1292  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
08:29:22.0979 1292  stisvc - ok
08:29:23.0026 1292  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
08:29:23.0042 1292  swenum - ok
08:29:23.0120 1292  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
08:29:23.0182 1292  swprv - ok
08:29:23.0244 1292  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
08:29:23.0260 1292  Symc8xx - ok
08:29:23.0291 1292  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
08:29:23.0307 1292  Sym_hi - ok
08:29:23.0338 1292  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
08:29:23.0369 1292  Sym_u3 - ok
08:29:23.0478 1292  [ 760E4F5A1E754BBE4A1BD2A0B54F6AA6 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
08:29:23.0510 1292  SynTP - ok
08:29:23.0666 1292  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
08:29:23.0728 1292  SysMain - ok
08:29:23.0759 1292  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:29:23.0790 1292  TabletInputService - ok
08:29:23.0884 1292  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:29:23.0931 1292  TapiSrv - ok
08:29:24.0009 1292  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
08:29:24.0071 1292  TBS - ok
08:29:24.0274 1292  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:29:24.0446 1292  Tcpip - ok
08:29:24.0602 1292  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
08:29:24.0726 1292  Tcpip6 - ok
08:29:24.0804 1292  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:29:24.0867 1292  tcpipreg - ok
08:29:24.0945 1292  [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
08:29:24.0992 1292  tdcmdpst - ok
08:29:25.0054 1292  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:29:25.0116 1292  TDPIPE - ok
08:29:25.0163 1292  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:29:25.0194 1292  TDTCP - ok
08:29:25.0241 1292  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:29:25.0272 1292  tdx - ok
08:29:25.0304 1292  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
08:29:25.0319 1292  TermDD - ok
08:29:25.0350 1292  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
08:29:25.0475 1292  TermService - ok
08:29:25.0506 1292  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
08:29:25.0569 1292  Themes - ok
08:29:25.0600 1292  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
08:29:25.0662 1292  THREADORDER - ok
08:29:25.0709 1292  [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21          C:\Windows\system32\drivers\tifm21.sys
08:29:25.0787 1292  tifm21 - ok
08:29:25.0928 1292  [ B00200564D2FCD9D5DA76E5FF1C27B20 ] TNaviSrv        C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
08:29:25.0959 1292  TNaviSrv ( UnsignedFile.Multi.Generic ) - warning
08:29:25.0959 1292  TNaviSrv - detected UnsignedFile.Multi.Generic (1)
08:29:26.0006 1292  [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
08:29:26.0006 1292  TODDSrv ( UnsignedFile.Multi.Generic ) - warning
08:29:26.0006 1292  TODDSrv - detected UnsignedFile.Multi.Generic (1)
08:29:26.0099 1292  [ AF41337C08D1C240AF14BA4CAB02BF02 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:29:26.0177 1292  TosCoSrv - ok
08:29:26.0364 1292  [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
08:29:26.0396 1292  TOSHIBA Bluetooth Service - ok
08:29:26.0411 1292  Tosrfcom - ok
08:29:26.0474 1292  [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
08:29:26.0536 1292  tosrfec - ok
08:29:26.0583 1292  [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
08:29:26.0614 1292  tos_sps32 - ok
08:29:26.0614 1292  TpChoice - ok
08:29:26.0676 1292  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
08:29:26.0754 1292  TrkWks - ok
08:29:26.0832 1292  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:29:26.0896 1292  TrustedInstaller - ok
08:29:26.0958 1292  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:29:27.0005 1292  tssecsrv - ok
08:29:27.0052 1292  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
08:29:27.0099 1292  tunmp - ok
08:29:27.0192 1292  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:29:27.0255 1292  tunnel - ok
08:29:27.0301 1292  [ 521C5F39829875ADF5466DD94C6282C7 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
08:29:27.0333 1292  TVALZ - ok
08:29:27.0379 1292  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
08:29:27.0395 1292  uagp35 - ok
08:29:27.0504 1292  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:29:27.0582 1292  udfs - ok
08:29:27.0645 1292  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:29:27.0691 1292  UI0Detect - ok
08:29:27.0707 1292  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:29:27.0738 1292  uliagpkx - ok
08:29:27.0754 1292  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
08:29:27.0785 1292  uliahci - ok
08:29:27.0801 1292  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
08:29:27.0816 1292  UlSata - ok
08:29:27.0848 1292  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
08:29:27.0880 1292  ulsata2 - ok
08:29:27.0942 1292  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:29:27.0989 1292  umbus - ok
08:29:28.0036 1292  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
08:29:28.0098 1292  upnphost - ok
08:29:28.0301 1292  [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9 ] UPnPService     C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
08:29:28.0332 1292  UPnPService ( UnsignedFile.Multi.Generic ) - warning
08:29:28.0332 1292  UPnPService - detected UnsignedFile.Multi.Generic (1)
08:29:28.0410 1292  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
08:29:28.0441 1292  USBAAPL - ok
08:29:28.0488 1292  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:29:28.0519 1292  usbccgp - ok
08:29:28.0535 1292  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:29:28.0613 1292  usbcir - ok
08:29:28.0675 1292  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:29:28.0706 1292  usbehci - ok
08:29:28.0722 1292  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:29:28.0784 1292  usbhub - ok
08:29:28.0816 1292  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:29:28.0878 1292  usbohci - ok
08:29:28.0926 1292  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:29:28.0988 1292  usbprint - ok
08:29:29.0051 1292  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:29:29.0113 1292  usbscan - ok
08:29:29.0191 1292  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:29:29.0269 1292  USBSTOR - ok
08:29:29.0331 1292  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:29:29.0378 1292  usbuhci - ok
08:29:29.0472 1292  [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
08:29:29.0550 1292  usbvideo - ok
08:29:29.0643 1292  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
08:29:29.0721 1292  UxSms - ok
08:29:29.0815 1292  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
08:29:29.0910 1292  vds - ok
08:29:30.0003 1292  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:29:30.0081 1292  vga - ok
08:29:30.0144 1292  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:29:30.0222 1292  VgaSave - ok
08:29:30.0253 1292  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
08:29:30.0284 1292  viaagp - ok
08:29:30.0331 1292  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
08:29:30.0424 1292  ViaC7 - ok
08:29:30.0471 1292  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
08:29:30.0487 1292  viaide - ok
08:29:30.0518 1292  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:29:30.0534 1292  volmgr - ok
08:29:30.0596 1292  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:29:30.0612 1292  volmgrx - ok
08:29:30.0658 1292  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:29:30.0705 1292  volsnap - ok
08:29:30.0752 1292  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
08:29:30.0783 1292  vsmraid - ok
08:29:31.0003 1292  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
08:29:31.0081 1292  VSS - ok
08:29:31.0174 1292  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
08:29:31.0252 1292  W32Time - ok
08:29:31.0377 1292  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
08:29:31.0502 1292  WacomPen - ok
08:29:31.0564 1292  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
08:29:31.0611 1292  Wanarp - ok
08:29:31.0611 1292  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:29:31.0642 1292  Wanarpv6 - ok
08:29:31.0736 1292  [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
08:29:31.0845 1292  WcesComm - ok
08:29:31.0940 1292  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:29:32.0080 1292  wcncsvc - ok
08:29:32.0189 1292  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:29:32.0220 1292  WcsPlugInService - ok
08:29:32.0283 1292  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
08:29:32.0298 1292  Wd - ok
08:29:32.0486 1292  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:29:32.0579 1292  Wdf01000 - ok
08:29:32.0626 1292  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:29:32.0688 1292  WdiServiceHost - ok
08:29:32.0688 1292  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:29:32.0735 1292  WdiSystemHost - ok
08:29:32.0782 1292  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
08:29:32.0844 1292  WebClient - ok
08:29:32.0969 1292  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:29:33.0078 1292  Wecsvc - ok
08:29:33.0141 1292  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:29:33.0188 1292  wercplsupport - ok
08:29:33.0281 1292  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:29:33.0344 1292  WerSvc - ok
08:29:33.0468 1292  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
08:29:33.0500 1292  WinDefend - ok
08:29:33.0515 1292  WinHttpAutoProxySvc - ok
08:29:33.0593 1292  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:29:33.0640 1292  Winmgmt - ok
08:29:33.0812 1292  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
08:29:34.0014 1292  WinRM - ok
08:29:34.0077 1292  [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
08:29:34.0108 1292  winusb - ok
08:29:34.0186 1292  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:29:34.0342 1292  Wlansvc - ok
08:29:34.0373 1292  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:29:34.0451 1292  WmiAcpi - ok
08:29:34.0545 1292  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:29:34.0560 1292  wmiApSrv - ok
08:29:34.0716 1292  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
08:29:34.0794 1292  WMPNetworkSvc - ok
08:29:34.0841 1292  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:29:34.0904 1292  WPCSvc - ok
08:29:34.0950 1292  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:29:34.0997 1292  WPDBusEnum - ok
08:29:35.0044 1292  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
08:29:35.0091 1292  WpdUsb - ok
08:29:35.0340 1292  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:29:35.0387 1292  WPFFontCache_v0400 - ok
08:29:35.0496 1292  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:29:35.0559 1292  ws2ifsl - ok
08:29:35.0590 1292  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
08:29:35.0621 1292  wscsvc - ok
08:29:35.0637 1292  WSearch - ok
08:29:35.0886 1292  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
08:29:36.0838 1292  wuauserv - ok
08:29:36.0869 1292  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:29:36.0900 1292  WudfPf - ok
08:29:36.0947 1292  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:29:37.0010 1292  WUDFRd - ok
08:29:37.0056 1292  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:29:37.0088 1292  wudfsvc - ok
08:29:37.0119 1292  ================ Scan global ===============================
08:29:37.0197 1292  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
08:29:37.0322 1292  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:29:37.0368 1292  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:29:37.0462 1292  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
08:29:37.0509 1292  [Global] - ok
08:29:37.0509 1292  ================ Scan MBR ==================================
08:29:37.0524 1292  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:29:40.0629 1292  \Device\Harddisk0\DR0 - ok
08:29:41.0081 1292  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
08:29:41.0237 1292  \Device\Harddisk1\DR1 - ok
08:29:41.0237 1292  ================ Scan VBR ==================================
08:29:41.0268 1292  [ 5E8E15815C0C4F1A043B260876F1EEED ] \Device\Harddisk0\DR0\Partition1
08:29:41.0284 1292  \Device\Harddisk0\DR0\Partition1 - ok
08:29:41.0300 1292  [ 5A2976E8455853D8D8AC8D796984AA9A ] \Device\Harddisk0\DR0\Partition2
08:29:41.0331 1292  \Device\Harddisk0\DR0\Partition2 - ok
08:29:41.0331 1292  [ 94190975192351A81062DFF9000F08E8 ] \Device\Harddisk1\DR1\Partition1
08:29:41.0331 1292  \Device\Harddisk1\DR1\Partition1 - ok
08:29:41.0331 1292  ============================================================
08:29:41.0331 1292  Scan finished
08:29:41.0331 1292  ============================================================
08:29:41.0346 5100  Detected object count: 10
08:29:41.0346 5100  Actual detected object count: 10
08:29:55.0137 5100  CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0137 5100  CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0137 5100  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0137 5100  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0137 5100  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0137 5100  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0137 5100  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0137 5100  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  TNaviSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:29:55.0152 5100  UPnPService ( UnsignedFile.Multi.Generic ) - skipped by user
08:29:55.0152 5100  UPnPService ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________
Alt 10.01.2013, 15:45   #4
markusg
/// Malware-holic
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


Passt.
Kannst ja noch Malwarebytes laufen lassen:
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.01.2013, 17:57   #5
Gisela
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


hier die log datei, sieht gut aus oder?
Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.10.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Esther :: ESTHER-NOTEBOOK [Administrator]

10.01.2013 16:18:57
mbam-log-2013-01-10 (16-18-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|I:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 386640
Laufzeit: 1 Stunde(n), 36 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Alt 10.01.2013, 18:42   #6
markusg
/// Malware-holic
 
TDSS rootkit auf sauberen Laptop übertragen? - Standard

TDSS rootkit auf sauberen Laptop übertragen?


Ok
sichern wir das Gerät noch ab:

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
--> TDSS rootkit auf sauberen Laptop übertragen?

Antwort

Themen zu TDSS rootkit auf sauberen Laptop übertragen?
antivirenprogramm, avast, bereits, bild, bildschirm, desktop, free, gemeldet, hochladen, infizierte, infizierten, laptop, laufe, problem, programm, rootkit, tdss, thema, usb-stick, version, vista, weißer, windows, windows xp, übertragen


« PC-Säuberungsaktion | Google Suchergebnisse führen auf Werbeseiten, sowie dauerhafte Deaktivierung Windows Sicherheitscenter »

Ähnliche Themen: TDSS rootkit auf sauberen Laptop übertragen?


  1. Rootkit, Bootkit, Rootkit.win32.tdss.ld4 - ich weiss nicht weiter..
    Log-Analyse und Auswertung - 18.03.2013 (1)
  2. SkyNetBDA_AMD64 (Rootkit.TDSS)
    Log-Analyse und Auswertung - 19.07.2012 (6)
  3. Problem mit Rootkit BOO/TDss.O
    Log-Analyse und Auswertung - 06.05.2012 (8)
  4. Rootkit Patched TDSS GEn entfernt?
    Log-Analyse und Auswertung - 11.04.2011 (21)
  5. Starforce? Rootkit Rootkit.TDSS! Bluescreens und Mbr laufend beschädigt!
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (9)
  6. rootkit.win32.tdss.d
    Plagegeister aller Art und deren Bekämpfung - 30.04.2010 (2)
  7. rootkit.win32.tdss.d
    Plagegeister aller Art und deren Bekämpfung - 21.04.2010 (1)
  8. Rootkit.Win32.TDSS.d
    Plagegeister aller Art und deren Bekämpfung - 15.04.2010 (28)
  9. TDSS-Rootkit entfernen - wie?
    Plagegeister aller Art und deren Bekämpfung - 07.03.2010 (9)
  10. Anleitung Rootkit.TDSS entfernen
    Anleitungen, FAQs & Links - 19.01.2010 (0)
  11. Rootkit TDSS entfernen
    Plagegeister aller Art und deren Bekämpfung - 29.09.2009 (54)
  12. Rootkit.TDSS kbiwkmbk...
    Plagegeister aller Art und deren Bekämpfung - 21.09.2009 (13)
  13. Virus Rootkit.Win32.TDSS.a
    Plagegeister aller Art und deren Bekämpfung - 08.07.2009 (10)
  14. Rootkit.Win32.TDSS.a
    Plagegeister aller Art und deren Bekämpfung - 16.05.2009 (15)
  15. Rootkit RKIT/TDss.G.22 Backdoorprogramm BDS/TDSS.adb und Trojaner TR/Proxy.GHY
    Log-Analyse und Auswertung - 21.12.2008 (28)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TDSS rootkit auf sauberen Laptop übertragen? - hallo nochmal, wie bereits in meinem Thema "Windows XP fährt hoch, zeigt erst Desktop Bild, dann weißer Bildschirm" angesprochen, habe ich den komprimierten Movedfiles-ordner des OTLPE Programm logs von dem - TDSS rootkit auf sauberen Laptop übertragen?...
Archiv
Du betrachtest: TDSS rootkit auf sauberen Laptop übertragen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129