Win 7 Firewall lässt sich nicht mehr aktivieren (Fehlercode Error 0x8007042c)

Alexander12 · 11.01.2013, 16:22

Habe heute gemerkt, dass sich Windows Firewall nicht aktivieren lässt. Fehlercode 0x8007042c

markusg · 11.01.2013, 16:45

Hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Alexander12 · 11.01.2013, 17:07

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.01.2013 16:57:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\alex\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,23 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 42,48% Memory free
4,45 Gb Paging File | 2,63 Gb Available in Paging File | 58,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,98 Gb Total Space | 396,67 Gb Free Space | 85,13% Space Free | Partition Type: NTFS
Drive E: | 464,73 Gb Total Space | 454,04 Gb Free Space | 97,70% Space Free | Partition Type: HFS
 
Computer Name: WIN7 | User Name: alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.11 16:53:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.20 18:37:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.07.16 15:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.07.16 15:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\tv_w32.exe
PRC - [2012.07.09 19:17:57 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2011.09.06 12:32:20 | 000,140,456 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2011.06.29 06:49:30 | 000,100,224 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe
PRC - [2011.06.29 06:49:28 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe
PRC - [2011.06.13 17:37:16 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.06.13 17:37:15 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.06.13 17:34:24 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.06.13 17:34:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.28 04:15:48 | 116,342,784 | ---- | M] (Oracle Corporation) -- c:\Oracle\product\11.2.0\dbhome_1\BIN\oracle.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.18 11:58:00 | 000,512,000 | ---- | M] (Oracle Corporation) -- C:\Oracle\product\11.2.0\dbhome_1\BIN\TNSLSNR.EXE
PRC - [2010.04.14 14:08:12 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe
PRC - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.10 21:06:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.06 00:45:44 | 000,129,536 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\System32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011.09.06 12:32:20 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011.06.29 06:49:30 | 000,100,224 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2011.06.29 06:49:28 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2011.06.13 17:37:16 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.06.13 17:37:15 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.06.13 17:34:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.01.28 04:15:48 | 116,342,784 | ---- | M] (Oracle Corporation) [Auto | Running] -- c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE -- (OracleServiceACS)
SRV - [2010.11.27 17:49:10 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe -- (OracleJobSchedulerACS)
SRV - [2010.11.27 17:01:26 | 000,159,744 | ---- | M] () [On_Demand | Stopped] -- c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe -- (OracleVssWriterACS)
SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.19 04:38:16 | 000,069,632 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- c:\Oracle\product\11.2.0\dbhome_1\bin\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2010.11.19 03:51:38 | 000,012,800 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- c:\Oracle\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe -- (OracleOraDb11g_home1ClrAgent)
SRV - [2010.11.18 11:58:00 | 000,512,000 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\ORACLE\PRODUCT\11.2.0\DBHOME_1\BIN\TNSLSNR.exe -- (OracleOraDb11g_home1TNSListener)
SRV - [2010.04.14 14:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeccoms.exe -- (lxec_device)
SRV - [2010.04.14 14:08:05 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1D1DB472-CF4F-4B95-8E96-7DB666CDF885}\MpKslba5a688c.sys -- (MpKslba5a688c)
DRV - [2013.01.11 16:56:05 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\iontrec.sys -- (aacf)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.15 11:52:54 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2011.06.13 17:37:15 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011.06.13 17:37:12 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter)
DRV - [2011.06.13 17:36:30 | 002,109,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011.06.13 17:35:58 | 000,049,664 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS)
DRV - [2011.06.13 17:35:58 | 000,006,784 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT)
DRV - [2011.06.13 17:34:25 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.06.13 17:34:25 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.06.03 12:18:28 | 000,034,304 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applebmt.sys -- (applebmt)
DRV - [2011.05.26 20:13:25 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2011.05.13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.03.25 02:32:04 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2011.03.25 02:31:52 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2011.03.25 02:31:33 | 000,018,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.12.15 23:37:14 | 000,038,016 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\a38ccid.sys -- (A38CCID)
DRV - [2009.07.14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 8E 0E C5 3C 79 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D4B9499-86D9-47CB-8A23-C58FD1E780E2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CardOS API.lnk - C:\Programme\Siemens\CardOS API\bin\siecacst.exe - (Siemens IT Solutions and Services GmbH)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Apple_KbdMgr - hkey= - key= - C:\Programme\Boot Camp\Bootcamp.exe (Apple Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: CanonSolutionMenuEx - hkey= - key= - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
MsConfig - StartUpReg: IJNetworkScannerSelectorEX - hkey= - key= - C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: lxecmon.exe - hkey= - key= - C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
MsConfig - StartUpReg: MSC - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SonyAgent - hkey= - key= -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.11 16:53:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2013.01.11 15:57:08 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Malwarebytes
[2013.01.11 15:57:01 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.11 15:56:52 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Programs
[2013.01.09 12:15:50 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Abelssoft
[2013.01.09 12:15:45 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Abelssoft
[2013.01.09 12:15:43 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Abelssoft
[2013.01.09 12:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WashAndGo
[2013.01.09 12:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\WashAndGo
[2013.01.08 13:30:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX
[2013.01.08 13:19:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.01.08 13:08:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2013.01.08 13:00:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2013.01.08 13:00:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2013.01.08 13:00:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2013.01.08 12:59:59 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Canon
[2013.01.08 12:59:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.01.08 12:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013.01.08 12:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2013.01.08 12:58:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX
[2013.01.08 12:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series Benutzerregistrierung
[2013.01.08 12:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013.01.08 12:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013.01.08 12:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.01.08 12:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series Manual
[2013.01.08 12:48:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.01.08 12:48:26 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013.01.08 12:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series
[2013.01.08 12:47:26 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.01.08 12:47:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING
[2013.01.08 12:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.01.08 08:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\SmartDraw 2013
[2012.12.31 12:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.11 16:56:05 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\iontrec.sys
[2013.01.11 16:54:56 | 1593,058,304 | ---- | M] () -- C:\Users\alex\Documents\archive.pst
[2013.01.11 16:53:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2013.01.11 16:13:11 | 000,029,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 16:13:11 | 000,029,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 16:08:11 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.01.11 16:07:06 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\AbelssoftPreloader.job
[2013.01.11 16:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.11 16:06:52 | 1793,642,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.11 15:57:01 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.11 15:31:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.11 14:43:09 | 000,000,100 | ---- | M] () -- C:\Windows\TeamSoftUpdates.ini
[2013.01.11 14:32:18 | 000,408,696 | ---- | M] () -- C:\Windows\System32\fntcache.dat
[2013.01.09 15:51:47 | 000,557,613 | ---- | M] () -- C:\Users\alex\Desktop\Versicherungsschaden 09.01.2013.PDF
[2013.01.09 12:15:25 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\WashAndGo.lnk
[2013.01.08 12:52:52 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.01.08 12:49:34 | 000,002,306 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX510 series Online-Handbuch.lnk
[2012.12.31 12:35:39 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.27 17:10:17 | 000,753,432 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.27 17:10:17 | 000,708,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.27 17:10:17 | 000,169,436 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.27 17:10:17 | 000,142,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2013.01.11 16:56:05 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\iontrec.sys
[2013.01.11 15:57:01 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.11 14:32:18 | 000,408,696 | ---- | C] () -- C:\Windows\System32\fntcache.dat
[2013.01.09 15:51:47 | 000,557,613 | ---- | C] () -- C:\Users\alex\Desktop\Versicherungsschaden 09.01.2013.PDF
[2013.01.09 12:15:45 | 000,000,264 | ---- | C] () -- C:\Windows\tasks\AbelssoftPreloader.job
[2013.01.09 12:15:25 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\WashAndGo.lnk
[2013.01.08 12:58:33 | 000,069,376 | ---- | C] () -- C:\Windows\System32\CNC175CD.TBL
[2013.01.08 12:52:52 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.01.08 12:49:34 | 000,002,306 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX510 series Online-Handbuch.lnk
[2012.12.31 12:35:39 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.10 16:08:52 | 000,000,068 | ---- | C] () -- C:\Windows\ORAODBC.INI
[2012.08.13 16:32:38 | 000,000,100 | ---- | C] () -- C:\Windows\TeamSoftUpdates.ini
[2012.08.13 16:32:38 | 000,000,087 | ---- | C] () -- C:\Windows\Setting.Ini
[2012.07.11 17:02:26 | 000,000,142 | ---- | C] () -- C:\Windows\Solid32.ini
[2012.07.09 20:23:21 | 001,558,432 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2012.07.09 20:22:39 | 000,310,272 | ---- | C] () -- C:\Windows\System32\UPDIO2.dll
[2012.07.09 20:22:39 | 000,024,064 | ---- | C] () -- C:\Windows\System32\spd__l.dll
[2012.07.09 20:22:38 | 000,254,464 | ---- | C] () -- C:\Windows\System32\SUPDRun.exe
[2012.07.09 20:22:38 | 000,151,552 | ---- | C] () -- C:\Windows\System32\spd__ci.exe
[2012.07.09 19:00:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxecvs.dll
[2012.07.09 19:00:20 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeccoin.dll
[2012.07.09 19:00:19 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeccui.dll
[2012.07.09 19:00:19 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeccuir.dll
[2012.07.09 19:00:19 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxecgcfg.dll
[2012.07.09 18:59:56 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxecserv.dll
[2012.07.09 18:59:56 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxecusb1.dll
[2012.07.09 18:59:56 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeccomc.dll
[2012.07.09 18:59:56 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxechbn3.dll
[2012.07.09 18:59:56 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxecpmui.dll
[2012.07.09 18:59:56 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeccoms.exe
[2012.07.09 18:59:56 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeclmpm.dll
[2012.07.09 18:59:56 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeccfg.exe
[2012.07.09 18:59:56 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeccomm.dll
[2012.07.09 18:59:56 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxecinpa.dll
[2012.07.09 18:59:56 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEChcp.dll
[2012.07.09 18:59:56 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeciesc.dll
[2012.07.09 18:59:56 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXECinst.dll
[2012.07.09 18:59:56 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxecih.exe
[2012.07.09 18:59:56 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxecins.dll
[2012.07.09 18:59:56 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxecinsb.dll
[2012.07.09 18:59:56 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeccu.dll
[2012.07.09 18:59:56 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxecgrd.dll
[2012.07.09 18:59:56 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lxecinsr.dll
[2012.07.09 18:59:56 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeccub.dll
[2012.07.09 18:59:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxecjswr.dll
[2012.07.09 18:59:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeccur.dll
[2012.07.09 18:59:51 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXECsm.dll
[2012.07.09 18:59:51 | 000,024,064 | ---- | C] () -- C:\Windows\System32\LXECsmr.dll
[2012.07.09 12:07:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.09 12:05:52 | 000,014,184 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.07.09 12:02:54 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.07.09 12:02:54 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.06.29 06:49:28 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe
[2011.04.12 02:30:05 | 000,753,432 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 02:30:05 | 000,169,436 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.01.09 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Abelssoft
[2012.07.11 13:31:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Canneverbe Limited
[2013.01.08 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Canon
[2012.08.31 13:46:51 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Jumping Bytes
[2013.01.11 14:26:17 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\TeamViewer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.11.16 15:40:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.01.11 14:51:06 | 000,000,000 | ---D | M] -- C:\ACS
[2012.07.09 10:54:46 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.07.10 14:27:39 | 000,000,000 | ---D | M] -- C:\comtec
[2013.01.11 14:32:25 | 000,000,000 | ---D | M] -- C:\Daten Alex
[2012.07.10 14:34:07 | 000,000,000 | R--D | M] -- C:\Documents
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.09 12:02:45 | 000,000,000 | ---D | M] -- C:\Intel
[2012.07.09 18:59:08 | 000,000,000 | ---D | M] -- C:\Lexmark
[2012.07.09 12:11:12 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.10.10 16:09:46 | 000,000,000 | ---D | M] -- C:\Oracle
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.01.11 15:57:01 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.01.11 15:57:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.01.11 16:58:22 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.07.11 18:35:24 | 000,000,000 | ---D | M] -- C:\temp
[2012.07.09 11:58:26 | 000,000,000 | R--D | M] -- C:\Users
[2013.01.11 16:05:29 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 22:29:06 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 05:53:46 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.07.09 12:24:58 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2013.01.09 12:15:45 | 000,000,264 | ---- | C] () -- C:\Windows\Tasks\AbelssoftPreloader.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008.03.10 23:18:32 | 000,020,480 | ---- | M] () MD5=BDFB91F1DBA635F49ED9E1C76A4E348E -- C:\Oracle\product\11.2.0\dbhome_1\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.01.11 17:01:03 | 003,407,872 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT
[2013.01.11 17:01:03 | 000,262,144 | -HS- | M] () -- C:\Users\alex\ntuser.dat.LOG1
[2012.07.09 11:58:27 | 000,000,000 | -HS- | M] () -- C:\Users\alex\ntuser.dat.LOG2
[2012.07.09 12:06:44 | 000,065,536 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.07.09 12:06:44 | 000,524,288 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.07.09 12:06:44 | 000,524,288 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.07.09 11:58:27 | 000,000,020 | -HS- | M] () -- C:\Users\alex\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >

--- --- ---

markusg · 11.01.2013, 17:08

Öffne bitte malwarebytes, Logdateien, poste bisher erstellte Scan reports

Alexander12 · 11.01.2013, 17:08

Vielen Dank, unten angeführt die Berichte
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.01.2013 16:57:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\alex\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,23 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 42,48% Memory free
4,45 Gb Paging File | 2,63 Gb Available in Paging File | 58,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,98 Gb Total Space | 396,67 Gb Free Space | 85,13% Space Free | Partition Type: NTFS
Drive E: | 464,73 Gb Total Space | 454,04 Gb Free Space | 97,70% Space Free | Partition Type: HFS
 
Computer Name: WIN7 | User Name: alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.11 16:53:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.20 18:37:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.07.16 15:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.07.16 15:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\tv_w32.exe
PRC - [2012.07.09 19:17:57 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2011.09.06 12:32:20 | 000,140,456 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2011.06.29 06:49:30 | 000,100,224 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe
PRC - [2011.06.29 06:49:28 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe
PRC - [2011.06.13 17:37:16 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.06.13 17:37:15 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.06.13 17:34:24 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.06.13 17:34:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.28 04:15:48 | 116,342,784 | ---- | M] (Oracle Corporation) -- c:\Oracle\product\11.2.0\dbhome_1\BIN\oracle.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.18 11:58:00 | 000,512,000 | ---- | M] (Oracle Corporation) -- C:\Oracle\product\11.2.0\dbhome_1\BIN\TNSLSNR.EXE
PRC - [2010.04.14 14:08:12 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe
PRC - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.10 21:06:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.06 00:45:44 | 000,129,536 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\System32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011.09.06 12:32:20 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011.06.29 06:49:30 | 000,100,224 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2011.06.29 06:49:28 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2011.06.13 17:37:16 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.06.13 17:37:15 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.06.13 17:34:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.01.28 04:15:48 | 116,342,784 | ---- | M] (Oracle Corporation) [Auto | Running] -- c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE -- (OracleServiceACS)
SRV - [2010.11.27 17:49:10 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe -- (OracleJobSchedulerACS)
SRV - [2010.11.27 17:01:26 | 000,159,744 | ---- | M] () [On_Demand | Stopped] -- c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe -- (OracleVssWriterACS)
SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.19 04:38:16 | 000,069,632 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- c:\Oracle\product\11.2.0\dbhome_1\bin\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2010.11.19 03:51:38 | 000,012,800 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- c:\Oracle\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe -- (OracleOraDb11g_home1ClrAgent)
SRV - [2010.11.18 11:58:00 | 000,512,000 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\ORACLE\PRODUCT\11.2.0\DBHOME_1\BIN\TNSLSNR.exe -- (OracleOraDb11g_home1TNSListener)
SRV - [2010.04.14 14:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeccoms.exe -- (lxec_device)
SRV - [2010.04.14 14:08:05 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1D1DB472-CF4F-4B95-8E96-7DB666CDF885}\MpKslba5a688c.sys -- (MpKslba5a688c)
DRV - [2013.01.11 16:56:05 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\iontrec.sys -- (aacf)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.15 11:52:54 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2011.06.13 17:37:15 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011.06.13 17:37:12 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter)
DRV - [2011.06.13 17:36:30 | 002,109,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011.06.13 17:35:58 | 000,049,664 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS)
DRV - [2011.06.13 17:35:58 | 000,006,784 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT)
DRV - [2011.06.13 17:34:25 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.06.13 17:34:25 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.06.03 12:18:28 | 000,034,304 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applebmt.sys -- (applebmt)
DRV - [2011.05.26 20:13:25 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2011.05.13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.03.25 02:32:04 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2011.03.25 02:31:52 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2011.03.25 02:31:33 | 000,018,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.12.15 23:37:14 | 000,038,016 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\a38ccid.sys -- (A38CCID)
DRV - [2009.07.14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 8E 0E C5 3C 79 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D4B9499-86D9-47CB-8A23-C58FD1E780E2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CardOS API.lnk - C:\Programme\Siemens\CardOS API\bin\siecacst.exe - (Siemens IT Solutions and Services GmbH)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Apple_KbdMgr - hkey= - key= - C:\Programme\Boot Camp\Bootcamp.exe (Apple Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: CanonSolutionMenuEx - hkey= - key= - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
MsConfig - StartUpReg: IJNetworkScannerSelectorEX - hkey= - key= - C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: lxecmon.exe - hkey= - key= - C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
MsConfig - StartUpReg: MSC - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SonyAgent - hkey= - key= -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.11 16:53:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2013.01.11 15:57:08 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Malwarebytes
[2013.01.11 15:57:01 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.11 15:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.11 15:56:52 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Programs
[2013.01.09 12:15:50 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Abelssoft
[2013.01.09 12:15:45 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Abelssoft
[2013.01.09 12:15:43 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Abelssoft
[2013.01.09 12:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WashAndGo
[2013.01.09 12:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\WashAndGo
[2013.01.08 13:30:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX
[2013.01.08 13:19:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.01.08 13:08:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2013.01.08 13:00:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2013.01.08 13:00:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2013.01.08 13:00:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2013.01.08 12:59:59 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Canon
[2013.01.08 12:59:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.01.08 12:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013.01.08 12:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2013.01.08 12:58:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX
[2013.01.08 12:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series Benutzerregistrierung
[2013.01.08 12:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013.01.08 12:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013.01.08 12:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.01.08 12:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series Manual
[2013.01.08 12:48:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.01.08 12:48:26 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013.01.08 12:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX510 series
[2013.01.08 12:47:26 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.01.08 12:47:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING
[2013.01.08 12:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.01.08 08:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\SmartDraw 2013
[2012.12.31 12:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.31 12:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.11 16:56:05 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\iontrec.sys
[2013.01.11 16:54:56 | 1593,058,304 | ---- | M] () -- C:\Users\alex\Documents\archive.pst
[2013.01.11 16:53:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2013.01.11 16:13:11 | 000,029,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 16:13:11 | 000,029,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 16:08:11 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.01.11 16:07:06 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\AbelssoftPreloader.job
[2013.01.11 16:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.11 16:06:52 | 1793,642,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.11 15:57:01 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.11 15:31:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.11 14:43:09 | 000,000,100 | ---- | M] () -- C:\Windows\TeamSoftUpdates.ini
[2013.01.11 14:32:18 | 000,408,696 | ---- | M] () -- C:\Windows\System32\fntcache.dat
[2013.01.09 15:51:47 | 000,557,613 | ---- | M] () -- C:\Users\alex\Desktop\Versicherungsschaden 09.01.2013.PDF
[2013.01.09 12:15:25 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\WashAndGo.lnk
[2013.01.08 12:52:52 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.01.08 12:49:34 | 000,002,306 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX510 series Online-Handbuch.lnk
[2012.12.31 12:35:39 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.27 17:10:17 | 000,753,432 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.27 17:10:17 | 000,708,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.27 17:10:17 | 000,169,436 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.27 17:10:17 | 000,142,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2013.01.11 16:56:05 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\iontrec.sys
[2013.01.11 15:57:01 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.11 14:32:18 | 000,408,696 | ---- | C] () -- C:\Windows\System32\fntcache.dat
[2013.01.09 15:51:47 | 000,557,613 | ---- | C] () -- C:\Users\alex\Desktop\Versicherungsschaden 09.01.2013.PDF
[2013.01.09 12:15:45 | 000,000,264 | ---- | C] () -- C:\Windows\tasks\AbelssoftPreloader.job
[2013.01.09 12:15:25 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\WashAndGo.lnk
[2013.01.08 12:58:33 | 000,069,376 | ---- | C] () -- C:\Windows\System32\CNC175CD.TBL
[2013.01.08 12:52:52 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.01.08 12:49:34 | 000,002,306 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX510 series Online-Handbuch.lnk
[2012.12.31 12:35:39 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.10 16:08:52 | 000,000,068 | ---- | C] () -- C:\Windows\ORAODBC.INI
[2012.08.13 16:32:38 | 000,000,100 | ---- | C] () -- C:\Windows\TeamSoftUpdates.ini
[2012.08.13 16:32:38 | 000,000,087 | ---- | C] () -- C:\Windows\Setting.Ini
[2012.07.11 17:02:26 | 000,000,142 | ---- | C] () -- C:\Windows\Solid32.ini
[2012.07.09 20:23:21 | 001,558,432 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2012.07.09 20:22:39 | 000,310,272 | ---- | C] () -- C:\Windows\System32\UPDIO2.dll
[2012.07.09 20:22:39 | 000,024,064 | ---- | C] () -- C:\Windows\System32\spd__l.dll
[2012.07.09 20:22:38 | 000,254,464 | ---- | C] () -- C:\Windows\System32\SUPDRun.exe
[2012.07.09 20:22:38 | 000,151,552 | ---- | C] () -- C:\Windows\System32\spd__ci.exe
[2012.07.09 19:00:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxecvs.dll
[2012.07.09 19:00:20 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeccoin.dll
[2012.07.09 19:00:19 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeccui.dll
[2012.07.09 19:00:19 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeccuir.dll
[2012.07.09 19:00:19 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxecgcfg.dll
[2012.07.09 18:59:56 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxecserv.dll
[2012.07.09 18:59:56 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxecusb1.dll
[2012.07.09 18:59:56 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeccomc.dll
[2012.07.09 18:59:56 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxechbn3.dll
[2012.07.09 18:59:56 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxecpmui.dll
[2012.07.09 18:59:56 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeccoms.exe
[2012.07.09 18:59:56 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeclmpm.dll
[2012.07.09 18:59:56 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeccfg.exe
[2012.07.09 18:59:56 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeccomm.dll
[2012.07.09 18:59:56 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxecinpa.dll
[2012.07.09 18:59:56 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEChcp.dll
[2012.07.09 18:59:56 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeciesc.dll
[2012.07.09 18:59:56 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXECinst.dll
[2012.07.09 18:59:56 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxecih.exe
[2012.07.09 18:59:56 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxecins.dll
[2012.07.09 18:59:56 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxecinsb.dll
[2012.07.09 18:59:56 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeccu.dll
[2012.07.09 18:59:56 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxecgrd.dll
[2012.07.09 18:59:56 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lxecinsr.dll
[2012.07.09 18:59:56 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeccub.dll
[2012.07.09 18:59:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxecjswr.dll
[2012.07.09 18:59:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeccur.dll
[2012.07.09 18:59:51 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXECsm.dll
[2012.07.09 18:59:51 | 000,024,064 | ---- | C] () -- C:\Windows\System32\LXECsmr.dll
[2012.07.09 12:07:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.09 12:05:52 | 000,014,184 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.07.09 12:02:54 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.07.09 12:02:54 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.06.29 06:49:28 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe
[2011.04.12 02:30:05 | 000,753,432 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 02:30:05 | 000,169,436 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.01.09 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Abelssoft
[2012.07.11 13:31:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Canneverbe Limited
[2013.01.08 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Canon
[2012.08.31 13:46:51 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Jumping Bytes
[2013.01.11 14:26:17 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\TeamViewer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.11.16 15:40:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.01.11 14:51:06 | 000,000,000 | ---D | M] -- C:\ACS
[2012.07.09 10:54:46 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.07.10 14:27:39 | 000,000,000 | ---D | M] -- C:\comtec
[2013.01.11 14:32:25 | 000,000,000 | ---D | M] -- C:\Daten Alex
[2012.07.10 14:34:07 | 000,000,000 | R--D | M] -- C:\Documents
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.09 12:02:45 | 000,000,000 | ---D | M] -- C:\Intel
[2012.07.09 18:59:08 | 000,000,000 | ---D | M] -- C:\Lexmark
[2012.07.09 12:11:12 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.10.10 16:09:46 | 000,000,000 | ---D | M] -- C:\Oracle
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.01.11 15:57:01 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.01.11 15:57:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.09 11:58:21 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.01.11 16:58:22 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.07.11 18:35:24 | 000,000,000 | ---D | M] -- C:\temp
[2012.07.09 11:58:26 | 000,000,000 | R--D | M] -- C:\Users
[2013.01.11 16:05:29 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 22:29:06 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 05:53:46 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.07.09 12:24:58 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2013.01.09 12:15:45 | 000,000,264 | ---- | C] () -- C:\Windows\Tasks\AbelssoftPreloader.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008.03.10 23:18:32 | 000,020,480 | ---- | M] () MD5=BDFB91F1DBA635F49ED9E1C76A4E348E -- C:\Oracle\product\11.2.0\dbhome_1\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.01.11 17:01:03 | 003,407,872 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT
[2013.01.11 17:01:03 | 000,262,144 | -HS- | M] () -- C:\Users\alex\ntuser.dat.LOG1
[2012.07.09 11:58:27 | 000,000,000 | -HS- | M] () -- C:\Users\alex\ntuser.dat.LOG2
[2012.07.09 12:06:44 | 000,065,536 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.07.09 12:06:44 | 000,524,288 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.07.09 12:06:44 | 000,524,288 | -HS- | M] () -- C:\Users\alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.07.09 11:58:27 | 000,000,020 | -HS- | M] () -- C:\Users\alex\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >

--- --- ---
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 11.01.2013 16:57:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\alex\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,23 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 42,48% Memory free
4,45 Gb Paging File | 2,63 Gb Available in Paging File | 58,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,98 Gb Total Space | 396,67 Gb Free Space | 85,13% Space Free | Partition Type: NTFS
Drive E: | 464,73 Gb Total Space | 454,04 Gb Free Space | 97,70% Space Free | Partition Type: HFS
 
Computer Name: WIN7 | User Name: alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallDisableNotify" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series" = Canon MX510 series MP Drivers
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8E814717-DE49-4A4A-BD12-39102F9C9FD0}" = CardOS API
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BEFFC7A9-68A9-49B2-81C9-18FD1C097006}" = GeCo
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{E8F8AF38-7FFA-407A-8E4B-4722AE20FA30}" = Boot Camp-Dienste
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"07170A155D5587C8782EABA10E94E4127A86F6E4" = Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.8.3.10)
"110E24F054DE5F4F72985BC1F3A53F61985BD4CC" = Windows-Treiberpaket - Broadcom (BCM43XX) Net  (04/06/2011 5.100.198.22)
"111E266FDD1556398EFC13BE47678F96E8497682" = Windows-Treiberpaket - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1)
"157C5C3D3E97D5439AD0C6268A489EF68FB7AD4F" = Windows-Treiberpaket - Intel (e1yexpress) Net  (04/07/2010 10.1.9.0)
"1D68F7A8B8397256B162B831457A6775BD17F3F4" = Windows-Treiberpaket - Marvell (yukonwlh) Net  (03/23/2007 10.12.7.3)
"20CF1F4786CB13A83CD2EC358929609A9B7A205C" = Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1)
"28AB5A817BE0B4C6952E913DEB9CA907C7871C74" = Windows-Treiberpaket - Broadcom (b57nd60x) Net  (12/02/2010 14.4.2.2)
"2E2B6DCC02509BB8D2629A009DE8B5C3055B6779" = Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0)
"31BC243044B2C02B454ECDA8F5B44427F3754DD0" = Windows-Treiberpaket - Apple Inc. Bluetooth  (03/01/2010 3.0.0.5)
"43B83D262B11C05DBFE8BEB0E2CBD5A9EA1E7F9C" = Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (12/03/2010 6.6001.1.30)
"44E2556E81BCB991055DD976642491906DD3B8A0" = Windows-Treiberpaket - Apple Inc. Apple Multitouch (05/05/2011 4.0.0.1)
"4A92273B670E1AF46863F93542352C780755E201" = Windows-Treiberpaket - Atheros Communications Inc. (athr) Net  (11/13/2010 9.2.0.113)
"4B114013DDC5858DB929CE55F363AB88CDE1F78C" = Windows-Treiberpaket - Apple Inc. Apple Keyboard (05/05/2011 4.0.0.1)
"4D00971668041EDAD7097C5827D1739F03B9E5D7" = Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0)
"5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows-Treiberpaket - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)
"7E77301EAEB38AFBF074A5EEACED05B618975B6C" = Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (01/17/2011 3.2.0.0)
"82BE89CA9B7493FA05D2D4D32B415CF07EA08B47" = Windows-Treiberpaket - Intel System  (07/20/2007 1.2.76.0)
"8BB769A00E5FB4E3C5C45B4B60C20B4322C430BD" = Windows-Treiberpaket - Intel (e1rexpress) Net  (01/07/2010 11.4.16.0)
"9324ED54E32F5399037F87E076CA01C6CEB92830" = Windows-Treiberpaket - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0)
"9646DB3A0BD532DCF0A6750140F84D0089FF608E" = Windows-Treiberpaket - Intel (e1express) Net  (03/26/2010 9.13.41.0)
"A0DAD483951AB3046050D68A2A1D8CEB4A7C61EE" = Windows-Treiberpaket - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1)
"A6FE31FDFB79BAF53F0D80728677EBE7FB6581BE" = Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (10/05/2010 3.2.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"B9491C5C199D7236FCDCB76367922461FADC80C7" = Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (05/05/2011 4.0.0.1)
"BCFD182AEFFCC167E74298C1563F0C84CEE4D92C" = Windows-Treiberpaket - Intel (e1qexpress) Net  (12/04/2009 11.4.7.0)
"Bit4Id - miniLector" = Bit4Id - miniLector
"C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C" = Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0)
"Canon MX510 series Benutzerregistrierung" = Canon MX510 series Benutzerregistrierung
"Canon MX510 series On-screen Manual" = Canon MX510 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"D885E9963D372B22E9F3CD04F0AF501F1FCCF220" = Windows-Treiberpaket - Intel (e1kexpress) Net  (04/12/2010 11.6.92.0)
"DumpDBox_is1" = DumpDBox V1.2
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"F46F6C2CF86ECDFF2CE25B508923B04E2F23F1CE" = Windows-Treiberpaket - Apple Inc. Apple System Device (04/05/2011 3.2.0.8)
"F4FD74182DF87939B302E81C3D80CA0D38D287AB" = Windows-Treiberpaket - Broadcom Corporation (bScsiSDx) SDHost  (01/18/2011 1.0.0.220)
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MP Navigator EX 5.1" = Canon MP Navigator EX 5.1
"Office14.SingleImage" = Microsoft Office Professional 2010
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Speed Dial Utility" = Canon Kurzwahlprogramm
"TeamViewer 7" = TeamViewer 7
"WashAndGo_is1" = WashAndGo
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.01.2013 09:38:17 | Computer Name = win7 | Source = Application Hang | ID = 1002
Description = Programm RxBus.exe, Version 2.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1244    Startzeit:
 01cdf000ab166ff4    Endzeit: 6    Anwendungspfad: C:\ACS\RxBus\Programs\RxBus.exe    Berichts-ID:
 1d30d445-5bf4-11e2-a810-7cc3a158ad4f  
 
Error - 11.01.2013 09:47:19 | Computer Name = win7 | Source = Application Hang | ID = 1002
Description = Programm RxBus.exe, Version 2.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1604    Startzeit:
 01cdf001b237c5e9    Endzeit: 10    Anwendungspfad: C:\ACS\RxBus\Programs\RxBus.exe    Berichts-ID:
 66e427c2-5bf5-11e2-a810-7cc3a158ad4f  
 
Error - 11.01.2013 09:47:25 | Computer Name = win7 | Source = Application Hang | ID = 1002
Description = Programm RxBus.exe, Version 2.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 11a8    Startzeit:
 01cdf001f66b448e    Endzeit: 46    Anwendungspfad: C:\ACS\RxBus\Programs\RxBus.exe    Berichts-ID:
 555bd4ba-5bf5-11e2-a810-7cc3a158ad4f  
 
Error - 11.01.2013 09:59:01 | Computer Name = win7 | Source = Application Hang | ID = 1002
Description = Programm DatenpflegeGO.exe, Version 0.0.0.0 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 13f4    Startzeit: 01cdf002ab5fc94b    Endzeit: 6    Anwendungspfad: C:\ACS\DatenpflegeGO.exe

Berichts-ID:
 02c7a7e4-5bf7-11e2-a810-7cc3a158ad4f  
 
Error - 11.01.2013 10:00:40 | Computer Name = win7 | Source = Application Hang | ID = 1002
Description = Programm RxBus.exe, Version 2.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1568    Startzeit:
 01cdf0024269816a    Endzeit: 8    Anwendungspfad: C:\ACS\RxBus\Programs\RxBus.exe    Berichts-ID:
 43c17342-5bf7-11e2-a810-7cc3a158ad4f  
 
Error - 11.01.2013 10:04:03 | Computer Name = win7 | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.01.2013 10:28:35 | Computer Name = win7 | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.01.2013 10:34:24 | Computer Name = win7 | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.01.2013 10:43:59 | Computer Name = win7 | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.01.2013 11:08:40 | Computer Name = win7 | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 11.01.2013 11:07:03 | Computer Name = win7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%5
 
Error - 11.01.2013 11:07:04 | Computer Name = win7 | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 11.01.2013 11:07:04 | Computer Name = win7 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 11.01.2013 11:07:12 | Computer Name = win7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPsec-Richtlinien-Agent" ist vom Dienst "Basisfiltermodul"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%5
 
Error - 11.01.2013 11:07:53 | Computer Name = win7 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
 Fehler beendet:   %%-2147024891
 
Error - 11.01.2013 11:07:53 | Computer Name = win7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%-2147024891
 
Error - 11.01.2013 11:08:05 | Computer Name = win7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%5
 
Error - 11.01.2013 11:08:05 | Computer Name = win7 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
  %%5
 
Error - 11.01.2013 11:29:40 | Computer Name = win7 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
  %%5
 
Error - 11.01.2013 11:29:40 | Computer Name = win7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%5
 
 
< End of report >

--- --- ---

Malwarebytes Anti-Malware (Test) 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.01.11.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
alex :: WIN7 [Administrator]

Schutz: Aktiviert

11.01.2013 16:01:02
mbam-log-2013-01-11 (16-01-02).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201524
Laufzeit: 3 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 5
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-18\$39257af24d86dc9ede929b28783d8109\n.) Gut: (fastprox.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-21-2953961855-975070450-3776814239-1000\$39257af24d86dc9ede929b28783d8109\n.) Gut: (shell32.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 11
C:\Users\alex\AppData\Local\Temp\a43vtzgbdgv.exe (Trojan.LameShield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\alex\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Trojan.GarbRan) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\temp90.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\ccapp.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\download.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\em_exec.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\rename.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\unhide.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\uptime.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\jqs.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\ntvdm.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes Anti-Malware (Test) 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.01.11.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
alex :: WIN7 [Administrator]

Schutz: Aktiviert

11.01.2013 16:10:41
mbam-log-2013-01-11 (16-10-41).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200634
Laufzeit: 45 Minute(n), 13 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 41
C:\Program Files\Adobe\Reader 10.0\Reader\ntvdm.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\ielowutil.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\iexplore.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\khalmnpr.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\pctspk.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\play.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\run.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\uptime.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Adobe\Reader 10.0\Reader\vsmon.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\alg.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\defwatch.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\ielowutil.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\klwtblfs.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\lucoms.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\open.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\qttask.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\rename.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\update.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Internet Services\zumodrive.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\convert.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\decompile.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\em_exec.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\firefox.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\java.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\launch.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\pdvddxsrv.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\point32.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\rename.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\setup.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Common Files\Apple\Mobile Device Support\wmpnscfg.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\ati2evxx.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\batch.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\fix.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\ielowutil.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\klwtblfs.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\nprotect.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\nvxdsync.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\rundll32.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\setup.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\unpack.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\IDT\Apple_v50\WDM\winlogon.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

2013/01/11 15:57:16 +0100 WIN7 alex MESSAGE Starting protection
2013/01/11 15:57:16 +0100 WIN7 alex MESSAGE Protection started successfully
2013/01/11 15:57:16 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 15:57:16 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:00:34 +0100 WIN7 alex MESSAGE Starting database refresh
2013/01/11 16:00:36 +0100 WIN7 alex MESSAGE Database refreshed successfully
2013/01/11 16:04:56 +0100 WIN7 alex MESSAGE Executing scheduled update: Daily
2013/01/11 16:04:59 +0100 WIN7 alex MESSAGE Database already up-to-date
2013/01/11 16:07:06 +0100 WIN7 alex MESSAGE Starting protection
2013/01/11 16:07:06 +0100 WIN7 alex MESSAGE Protection started successfully
2013/01/11 16:07:06 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:07:06 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:09:59 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:09:59 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:00 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:00 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:01 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:01 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:02 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:02 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:02 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:02 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:02 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:02 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:03 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:03 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/11 16:10:04 +0100 WIN7 alex MESSAGE Starting IP protection
2013/01/11 16:10:04 +0100 WIN7 alex ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

markusg · 11.01.2013, 20:00

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Alexander12 · 11.01.2013, 20:43

Habe den Report per e-mail geschickt, da meine Internetverbindung für den download von Zip 7 extrem lang benötigt.

Gruß Alexander12

markusg · 11.01.2013, 20:49

häng das log bitte hier an. teile es falls nötig

Alexander12 · 11.01.2013, 20:58

20:11:10.0261 5340 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:11:11.0041 5340 ============================================================
20:11:11.0041 5340 Current date / time: 2013/01/11 20:11:11.0041
20:11:11.0041 5340 SystemInfo:
20:11:11.0041 5340
20:11:11.0041 5340 OS Version: 6.1.7601 ServicePack: 1.0
20:11:11.0041 5340 Product type: Workstation
20:11:11.0041 5340 ComputerName: WIN7
20:11:11.0041 5340 UserName: alex
20:11:11.0041 5340 Windows directory: C:\Windows
20:11:11.0041 5340 System windows directory: C:\Windows
20:11:11.0041 5340 Processor architecture: Intel x86
20:11:11.0041 5340 Number of processors: 4
20:11:11.0041 5340 Page size: 0x1000
20:11:11.0041 5340 Boot type: Normal boot
20:11:11.0041 5340 ============================================================
20:11:12.0383 5340 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:11:12.0414 5340 ============================================================
20:11:12.0414 5340 \Device\Harddisk0\DR0:
20:11:12.0414 5340 GPT partitions:
20:11:12.0414 5340 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {035846C9-B779-448D-87C2-4A20D5AE10CF}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
20:11:12.0430 5340 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {48465300-0000-11AA-AA11-00306543ECAC}, UniqueGUID: {FC27E73C-C8D1-4BB2-8C81-E65FE4FB37FF}, Name: Untitled, StartLBA 0x64028, BlocksNum 0x3A175BC0
20:11:12.0430 5340 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {426F6F74-0000-11AA-AA11-00306543ECAC}, UniqueGUID: {6F279083-0F6A-4C89-A255-42C595CBCA44}, Name: Recovery HD, StartLBA 0x3A1D9BE8, BlocksNum 0x135F20
20:11:12.0430 5340 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {39BC885A-5C10-49CD-8EB1-1B97C10911A8}, Name: BOOTCAMP, StartLBA 0x3A310000, BlocksNum 0x3A3F6800
20:11:12.0430 5340 MBR partitions:
20:11:12.0430 5340 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3A310000, BlocksNum 0x3A3F6800
20:11:12.0430 5340 ============================================================
20:11:12.0445 5340 C: <-> \Device\Harddisk0\DR0\Partition5
20:11:12.0445 5340 ============================================================
20:11:12.0445 5340 Initialize success
20:11:12.0445 5340 ============================================================
20:12:14.0721 4660 ============================================================
20:12:14.0721 4660 Scan started
20:12:14.0721 4660 Mode: Manual; SigCheck; TDLFS;
20:12:14.0721 4660 ============================================================
20:12:15.0875 4660 ================ Scan system memory ========================
20:12:15.0875 4660 System memory - ok
20:12:15.0875 4660 ================ Scan services =============================
20:12:16.0062 4660 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:12:16.0187 4660 1394ohci - ok
20:12:16.0234 4660 [ 0EB7B2562620DAE45231C19ADDB749A6 ] A38CCID C:\Windows\system32\DRIVERS\a38ccid.sys
20:12:16.0265 4660 A38CCID - ok
20:12:16.0296 4660 [ E6D35F3AA51A65EB35C1F2340154A25E ] aacf C:\Windows\system32\drivers\iontrec.sys
20:12:16.0312 4660 aacf ( UnsignedFile.Multi.Generic ) - warning
20:12:16.0312 4660 aacf - detected UnsignedFile.Multi.Generic (1)
20:12:16.0343 4660 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:12:16.0359 4660 ACPI - ok
20:12:16.0390 4660 [ 79D6B28027C398B728CE7CD0570248B0 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
20:12:16.0421 4660 acpials - ok
20:12:16.0437 4660 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:12:16.0468 4660 AcpiPmi - ok
20:12:16.0562 4660 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:12:16.0562 4660 AdobeARMservice - ok
20:12:16.0593 4660 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:12:16.0624 4660 adp94xx - ok
20:12:16.0624 4660 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:12:16.0640 4660 adpahci - ok
20:12:16.0655 4660 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:12:16.0655 4660 adpu320 - ok
20:12:16.0686 4660 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:12:16.0780 4660 AeLookupSvc - ok
20:12:16.0827 4660 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:12:16.0889 4660 AFD - ok
20:12:16.0905 4660 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:12:16.0920 4660 agp440 - ok
20:12:16.0936 4660 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:12:16.0952 4660 aic78xx - ok
20:12:16.0967 4660 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:12:17.0030 4660 ALG - ok
20:12:17.0045 4660 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:12:17.0061 4660 aliide - ok
20:12:17.0092 4660 [ FB7FDA167F89694B8AF18A4636D0C19C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:12:17.0139 4660 AMD External Events Utility - ok
20:12:17.0154 4660 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:12:17.0170 4660 amdagp - ok
20:12:17.0186 4660 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:12:17.0186 4660 amdide - ok
20:12:17.0201 4660 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:12:17.0217 4660 AmdK8 - ok
20:12:17.0357 4660 [ 409D070998DE0C740372531174D22C91 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:12:17.0529 4660 amdkmdag - ok
20:12:17.0544 4660 [ 377CD7845A5C428112ADD976867A2819 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:12:17.0560 4660 amdkmdap - ok
20:12:17.0576 4660 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:12:17.0591 4660 AmdPPM - ok
20:12:17.0622 4660 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:12:17.0622 4660 amdsata - ok
20:12:17.0638 4660 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:12:17.0654 4660 amdsbs - ok
20:12:17.0669 4660 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:12:17.0669 4660 amdxata - ok
20:12:17.0700 4660 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:12:17.0763 4660 androidusb - ok
20:12:17.0778 4660 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:12:17.0810 4660 AppID - ok
20:12:17.0841 4660 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:12:17.0872 4660 AppIDSvc - ok
20:12:17.0903 4660 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:12:17.0934 4660 Appinfo - ok
20:12:18.0012 4660 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:12:18.0012 4660 Apple Mobile Device - ok
20:12:18.0059 4660 [ F81B2BAFAC16CD53E17E079EB2282D94 ] applebmt C:\Windows\system32\DRIVERS\applebmt.sys
20:12:18.0075 4660 applebmt - ok
20:12:18.0090 4660 [ 3B80A371525170C3CB6EA11614B30FE6 ] AppleBtBc C:\Windows\system32\DRIVERS\AppleBtBc.sys
20:12:18.0122 4660 AppleBtBc - ok
20:12:18.0137 4660 [ 2419E0CE7AE87F471CCE3E5768B285A4 ] AppleHFS C:\Windows\system32\drivers\AppleHFS.sys
20:12:18.0153 4660 AppleHFS ( UnsignedFile.Multi.Generic ) - warning
20:12:18.0153 4660 AppleHFS - detected UnsignedFile.Multi.Generic (1)
20:12:18.0168 4660 [ 9E7A162AE3AC1BF033BF20C379FBE3F4 ] AppleMNT C:\Windows\system32\drivers\AppleMNT.sys
20:12:18.0184 4660 AppleMNT ( UnsignedFile.Multi.Generic ) - warning
20:12:18.0184 4660 AppleMNT - detected UnsignedFile.Multi.Generic (1)
20:12:18.0200 4660 [ 90331505FF7F6C0D5CFA7C34BDA4E673 ] AppleOSSMgr C:\Windows\system32\AppleOSSMgr.exe
20:12:18.0215 4660 AppleOSSMgr - ok
20:12:18.0215 4660 [ 1F54B7E4283C8F76347805FD78B9128F ] AppleTimeSrv C:\Windows\system32\AppleTimeSrv.exe
20:12:18.0231 4660 AppleTimeSrv - ok
20:12:18.0262 4660 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:12:18.0293 4660 AppMgmt - ok
20:12:18.0324 4660 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:12:18.0340 4660 arc - ok
20:12:18.0356 4660 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:12:18.0371 4660 arcsas - ok
20:12:18.0434 4660 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:12:18.0434 4660 aspnet_state - ok
20:12:18.0449 4660 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:12:18.0496 4660 AsyncMac - ok
20:12:18.0512 4660 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:12:18.0512 4660 atapi - ok
20:12:18.0558 4660 [ F8CFE8471BD445F2B437281F2AF01780 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:12:18.0652 4660 athr - ok
20:12:18.0683 4660 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:12:18.0746 4660 AudioEndpointBuilder - ok
20:12:18.0746 4660 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:12:18.0761 4660 Audiosrv - ok
20:12:18.0777 4660 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:12:18.0824 4660 AxInstSV - ok
20:12:18.0839 4660 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:12:18.0870 4660 b06bdrv - ok
20:12:18.0902 4660 [ BF34695B9E74CD7D72CB945A6AF874B7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:12:18.0917 4660 b57nd60x - ok
20:12:18.0948 4660 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:12:19.0058 4660 BDESVC - ok
20:12:19.0073 4660 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:12:19.0104 4660 Beep - ok
20:12:19.0136 4660 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:12:19.0198 4660 BFE - ok
20:12:19.0260 4660 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:12:19.0307 4660 BITS - ok
20:12:19.0307 4660 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:12:19.0338 4660 blbdrive - ok
20:12:19.0385 4660 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:12:19.0416 4660 Bonjour Service - ok
20:12:19.0432 4660 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:12:19.0463 4660 bowser - ok
20:12:19.0463 4660 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:12:19.0494 4660 BrFiltLo - ok
20:12:19.0494 4660 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:12:19.0526 4660 BrFiltUp - ok
20:12:19.0557 4660 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:12:19.0572 4660 Browser - ok
20:12:19.0666 4660 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:12:19.0682 4660 Brserid - ok
20:12:19.0697 4660 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:12:19.0713 4660 BrSerWdm - ok
20:12:19.0728 4660 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:12:19.0744 4660 BrUsbMdm - ok
20:12:19.0744 4660 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:12:19.0760 4660 BrUsbSer - ok
20:12:19.0791 4660 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:12:19.0822 4660 BthEnum - ok
20:12:19.0822 4660 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:12:19.0853 4660 BTHMODEM - ok
20:12:19.0869 4660 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:12:19.0884 4660 BthPan - ok
20:12:19.0900 4660 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:12:19.0931 4660 BTHPORT - ok
20:12:19.0962 4660 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:12:20.0009 4660 bthserv - ok
20:12:20.0025 4660 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:12:20.0025 4660 BTHUSB - ok
20:12:20.0040 4660 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:12:20.0072 4660 cdfs - ok
20:12:20.0103 4660 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:12:20.0103 4660 cdrom - ok
20:12:20.0134 4660 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:12:20.0150 4660 CertPropSvc - ok
20:12:20.0165 4660 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:12:20.0165 4660 circlass - ok
20:12:20.0181 4660 [ 4A53428F7C383EFBCFAAFDCB434E2AF4 ] CirrusFilter C:\Windows\system32\DRIVERS\CS420x86.sys
20:12:20.0212 4660 CirrusFilter - ok
20:12:20.0228 4660 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:12:20.0243 4660 CLFS - ok
20:12:20.0290 4660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:12:20.0306 4660 clr_optimization_v2.0.50727_32 - ok
20:12:20.0321 4660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:12:20.0337 4660 clr_optimization_v4.0.30319_32 - ok
20:12:20.0352 4660 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:12:20.0368 4660 CmBatt - ok
20:12:20.0384 4660 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:12:20.0384 4660 cmdide - ok
20:12:20.0415 4660 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:12:20.0446 4660 CNG - ok
20:12:20.0446 4660 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:12:20.0462 4660 Compbatt - ok
20:12:20.0477 4660 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:12:20.0493 4660 CompositeBus - ok
20:12:20.0493 4660 COMSysApp - ok
20:12:20.0508 4660 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:12:20.0524 4660 crcdisk - ok
20:12:20.0571 4660 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:12:20.0602 4660 CryptSvc - ok
20:12:20.0633 4660 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:12:20.0664 4660 CSC - ok
20:12:20.0680 4660 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:12:20.0711 4660 CscService - ok
20:12:20.0742 4660 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:12:20.0789 4660 DcomLaunch - ok
20:12:20.0805 4660 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:12:20.0852 4660 defragsvc - ok
20:12:20.0867 4660 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:12:20.0914 4660 DfsC - ok
20:12:20.0930 4660 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:12:20.0961 4660 Dhcp - ok
20:12:20.0992 4660 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:12:21.0023 4660 discache - ok
20:12:21.0054 4660 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:12:21.0054 4660 Disk - ok
20:12:21.0086 4660 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:12:21.0101 4660 dmvsc - ok
20:12:21.0132 4660 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:12:21.0179 4660 Dnscache - ok
20:12:21.0195 4660 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:12:21.0226 4660 dot3svc - ok
20:12:21.0242 4660 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:12:21.0288 4660 DPS - ok
20:12:21.0320 4660 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:12:21.0335 4660 drmkaud - ok
20:12:21.0351 4660 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:12:21.0382 4660 DXGKrnl - ok
20:12:21.0398 4660 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:12:21.0413 4660 EapHost - ok
20:12:21.0491 4660 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:12:21.0569 4660 ebdrv - ok
20:12:21.0585 4660 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:12:21.0632 4660 EFS - ok
20:12:21.0678 4660 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:12:21.0725 4660 ehRecvr - ok
20:12:21.0741 4660 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:12:21.0756 4660 ehSched - ok
20:12:21.0772 4660 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:12:21.0803 4660 elxstor - ok
20:12:21.0803 4660 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:12:21.0819 4660 ErrDev - ok
20:12:21.0850 4660 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:12:21.0897 4660 EventSystem - ok
20:12:21.0897 4660 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:12:21.0928 4660 exfat - ok
20:12:21.0959 4660 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:12:21.0975 4660 fastfat - ok
20:12:21.0990 4660 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:12:22.0022 4660 Fax - ok
20:12:22.0037 4660 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:12:22.0053 4660 fdc - ok
20:12:22.0131 4660 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:12:22.0162 4660 fdPHost - ok
20:12:22.0162 4660 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:12:22.0193 4660 FDResPub - ok
20:12:22.0209 4660 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:12:22.0209 4660 FileInfo - ok
20:12:22.0224 4660 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:12:22.0240 4660 Filetrace - ok
20:12:22.0240 4660 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:12:22.0240 4660 flpydisk - ok
20:12:22.0256 4660 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:12:22.0256 4660 FltMgr - ok
20:12:22.0302 4660 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:12:22.0349 4660 FontCache - ok
20:12:22.0380 4660 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:12:22.0396 4660 FontCache3.0.0.0 - ok
20:12:22.0396 4660 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:12:22.0412 4660 FsDepends - ok
20:12:22.0443 4660 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:12:22.0458 4660 Fs_Rec - ok
20:12:22.0458 4660 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:12:22.0474 4660 fvevol - ok
20:12:22.0490 4660 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:12:22.0505 4660 gagp30kx - ok
20:12:22.0521 4660 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:12:22.0521 4660 GEARAspiWDM - ok
20:12:22.0536 4660 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:12:22.0568 4660 gpsvc - ok
20:12:22.0583 4660 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:12:22.0599 4660 hcw85cir - ok
20:12:22.0630 4660 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:12:22.0661 4660 HdAudAddService - ok
20:12:22.0677 4660 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:12:22.0692 4660 HDAudBus - ok
20:12:22.0708 4660 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:12:22.0739 4660 HidBatt - ok
20:12:22.0755 4660 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:12:22.0770 4660 HidBth - ok
20:12:22.0786 4660 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:12:22.0802 4660 HidIr - ok
20:12:22.0817 4660 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:12:22.0848 4660 hidserv - ok
20:12:22.0864 4660 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:12:22.0895 4660 HidUsb - ok
20:12:22.0911 4660 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:12:22.0942 4660 hkmsvc - ok
20:12:22.0958 4660 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:12:23.0004 4660 HomeGroupListener - ok
20:12:23.0036 4660 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:12:23.0051 4660 HomeGroupProvider - ok
20:12:23.0067 4660 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:12:23.0082 4660 HpSAMD - ok
20:12:23.0098 4660 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:12:23.0145 4660 HTTP - ok
20:12:23.0145 4660 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:12:23.0160 4660 hwpolicy - ok
20:12:23.0160 4660 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:12:23.0176 4660 i8042prt - ok
20:12:23.0207 4660 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:12:23.0223 4660 iaStorV - ok
20:12:23.0254 4660 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:12:23.0285 4660 idsvc - ok
20:12:23.0301 4660 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:12:23.0316 4660 iirsp - ok
20:12:23.0394 4660 [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:12:23.0394 4660 IJPLMSVC - ok
20:12:23.0426 4660 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:12:23.0488 4660 IKEEXT - ok
20:12:23.0488 4660 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:12:23.0504 4660 intelide - ok
20:12:23.0519 4660 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:12:23.0519 4660 intelppm - ok
20:12:23.0535 4660 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:12:23.0582 4660 IPBusEnum - ok
20:12:23.0597 4660 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:12:23.0628 4660 IpFilterDriver - ok
20:12:23.0628 4660 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:12:23.0628 4660 IPMIDRV - ok
20:12:23.0644 4660 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:12:23.0660 4660 IPNAT - ok
20:12:23.0706 4660 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:12:23.0722 4660 iPod Service - ok
20:12:23.0722 4660 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:12:23.0753 4660 IRENUM - ok
20:12:23.0784 4660 [ DD4C1A21ABD0C41184D3F529421E4650 ] IRRemoteFlt C:\Windows\system32\DRIVERS\IRFilter.sys
20:12:23.0800 4660 IRRemoteFlt - ok
20:12:23.0831 4660 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:12:23.0847 4660 isapnp - ok
20:12:23.0847 4660 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:12:23.0862 4660 iScsiPrt - ok
20:12:23.0878 4660 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:12:23.0878 4660 kbdclass - ok
20:12:23.0909 4660 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:12:23.0925 4660 kbdhid - ok
20:12:23.0940 4660 [ F98ECF8A1135B9C56A6D51EC08D4651A ] KeyAgent C:\Windows\system32\drivers\KeyAgent.sys
20:12:23.0956 4660 KeyAgent ( UnsignedFile.Multi.Generic ) - warning
20:12:23.0956 4660 KeyAgent - detected UnsignedFile.Multi.Generic (1)
20:12:23.0956 4660 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:12:23.0972 4660 KeyIso - ok
20:12:24.0003 4660 [ 298D7B6B8B7985C272A7E7158119A416 ] KeyMagic C:\Windows\system32\DRIVERS\KeyMagic.sys
20:12:24.0034 4660 KeyMagic - ok
20:12:24.0050 4660 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:12:24.0065 4660 KSecDD - ok
20:12:24.0081 4660 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:12:24.0096 4660 KSecPkg - ok
20:12:24.0112 4660 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:12:24.0159 4660 KtmRm - ok
20:12:24.0174 4660 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:12:24.0206 4660 LanmanServer - ok
20:12:24.0221 4660 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:12:24.0237 4660 LanmanWorkstation - ok
20:12:24.0268 4660 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:12:24.0299 4660 lltdio - ok
20:12:24.0330 4660 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:12:24.0346 4660 lltdsvc - ok
20:12:24.0346 4660 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:12:24.0377 4660 lmhosts - ok
20:12:24.0408 4660 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:12:24.0424 4660 LMS - ok
20:12:24.0455 4660 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:12:24.0471 4660 LSI_FC - ok
20:12:24.0471 4660 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:12:24.0486 4660 LSI_SAS - ok
20:12:24.0502 4660 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:12:24.0518 4660 LSI_SAS2 - ok
20:12:24.0518 4660 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:12:24.0533 4660 LSI_SCSI - ok
20:12:24.0549 4660 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:12:24.0580 4660 luafv - ok
20:12:24.0642 4660 [ 6311F8863D898CE60C048779F9D86E74 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
20:12:24.0674 4660 lxecCATSCustConnectService - ok
20:12:24.0689 4660 lxec_device - ok
20:12:24.0705 4660 [ 6AAC2E751258B28982D77A56EBC97479 ] MacHALDriver C:\Windows\system32\drivers\MacHALDriver.sys
20:12:24.0720 4660 MacHALDriver ( UnsignedFile.Multi.Generic ) - warning
20:12:24.0720 4660 MacHALDriver - detected UnsignedFile.Multi.Generic (1)
20:12:24.0736 4660 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:12:24.0752 4660 MBAMProtector - ok
20:12:24.0783 4660 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:12:24.0798 4660 MBAMScheduler - ok
20:12:24.0830 4660 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:12:24.0861 4660 MBAMService - ok
20:12:24.0892 4660 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:12:24.0908 4660 Mcx2Svc - ok
20:12:24.0908 4660 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:12:24.0923 4660 megasas - ok
20:12:24.0939 4660 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:12:24.0954 4660 MegaSR - ok
20:12:24.0970 4660 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
20:12:25.0001 4660 MEI - ok
20:12:25.0032 4660 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:12:25.0064 4660 MMCSS - ok
20:12:25.0079 4660 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:12:25.0095 4660 Modem - ok
20:12:25.0110 4660 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:12:25.0126 4660 monitor - ok
20:12:25.0204 4660 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:12:25.0220 4660 mouclass - ok
20:12:25.0235 4660 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:12:25.0266 4660 mouhid - ok
20:12:25.0282 4660 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:12:25.0298 4660 mountmgr - ok
20:12:25.0298 4660 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:12:25.0313 4660 mpio - ok
20:12:25.0360 4660 MpKslba5a688c - ok
20:12:25.0376 4660 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:12:25.0407 4660 mpsdrv - ok
20:12:25.0422 4660 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:12:25.0454 4660 MpsSvc - ok
20:12:25.0454 4660 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:12:25.0469 4660 MRxDAV - ok
20:12:25.0500 4660 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:12:25.0547 4660 mrxsmb - ok
20:12:25.0563 4660 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:12:25.0578 4660 mrxsmb10 - ok
20:12:25.0578 4660 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:12:25.0594 4660 mrxsmb20 - ok
20:12:25.0610 4660 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:12:25.0625 4660 msahci - ok
20:12:25.0641 4660 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:12:25.0656 4660 msdsm - ok
20:12:25.0672 4660 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:12:25.0703 4660 MSDTC - ok
20:12:25.0734 4660 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:12:25.0766 4660 Msfs - ok
20:12:25.0766 4660 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:12:25.0781 4660 mshidkmdf - ok
20:12:25.0797 4660 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:12:25.0797 4660 msisadrv - ok
20:12:25.0812 4660 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:12:25.0844 4660 MSiSCSI - ok
20:12:25.0844 4660 msiserver - ok
20:12:25.0859 4660 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:12:25.0875 4660 MSKSSRV - ok
20:12:25.0890 4660 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:12:25.0906 4660 MSPCLOCK - ok
20:12:25.0922 4660 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:12:25.0953 4660 MSPQM - ok
20:12:25.0968 4660 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:12:25.0968 4660 MsRPC - ok
20:12:25.0968 4660 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:12:25.0984 4660 mssmbios - ok
20:12:26.0062 4660 MSSQL$SQLEXPRESS - ok
20:12:26.0093 4660 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:12:26.0109 4660 MSSQLServerADHelper - ok
20:12:26.0124 4660 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:12:26.0140 4660 MSTEE - ok
20:12:26.0156 4660 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:12:26.0171 4660 MTConfig - ok
20:12:26.0187 4660 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:12:26.0187 4660 Mup - ok
20:12:26.0202 4660 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:12:26.0234 4660 napagent - ok
20:12:26.0280 4660 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:12:26.0327 4660 NativeWifiP - ok
20:12:26.0358 4660 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:12:26.0390 4660 NDIS - ok
20:12:26.0390 4660 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:12:26.0421 4660 NdisCap - ok
20:12:26.0436 4660 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:12:26.0452 4660 NdisTapi - ok
20:12:26.0468 4660 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:12:26.0499 4660 Ndisuio - ok
20:12:26.0514 4660 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:12:26.0530 4660 NdisWan - ok
20:12:26.0546 4660 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:12:26.0561 4660 NDProxy - ok
20:12:26.0561 4660 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:12:26.0577 4660 NetBIOS - ok
20:12:26.0592 4660 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:12:26.0608 4660 NetBT - ok
20:12:26.0608 4660 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:12:26.0624 4660 Netlogon - ok
20:12:26.0655 4660 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:12:26.0686 4660 Netman - ok
20:12:26.0717 4660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:12:26.0733 4660 NetMsmqActivator - ok
20:12:26.0748 4660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:12:26.0748 4660 NetPipeActivator - ok
20:12:26.0780 4660 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:12:26.0842 4660 netprofm - ok
20:12:26.0842 4660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:12:26.0858 4660 NetTcpActivator - ok
20:12:26.0858 4660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:12:26.0858 4660 NetTcpPortSharing - ok
20:12:26.0873 4660 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:12:26.0889 4660 nfrd960 - ok
20:12:26.0920 4660 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:12:26.0936 4660 NlaSvc - ok
20:12:26.0936 4660 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:12:26.0951 4660 Npfs - ok
20:12:26.0982 4660 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:12:26.0998 4660 nsi - ok
20:12:26.0998 4660 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:12:27.0029 4660 nsiproxy - ok
20:12:27.0076 4660 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:12:27.0107 4660 Ntfs - ok
20:12:27.0123 4660 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:12:27.0138 4660 Null - ok
20:12:27.0154 4660 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:12:27.0154 4660 nvraid - ok
20:12:27.0201 4660 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:12:27.0216 4660 nvstor - ok
20:12:27.0232 4660 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:12:27.0248 4660 nv_agp - ok
20:12:27.0248 4660 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:12:27.0263 4660 ohci1394 - ok
20:12:27.0326 4660 OracleJobSchedulerACS - ok
20:12:27.0341 4660 OracleMTSRecoveryService - ok
20:12:27.0357 4660 OracleOraDb11g_home1ClrAgent - ok
20:12:27.0372 4660 OracleOraDb11g_home1TNSListener - ok
20:12:27.0372 4660 OracleServiceACS - ok
20:12:27.0388 4660 OracleVssWriterACS - ok
20:12:27.0419 4660 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:12:27.0435 4660 ose - ok
20:12:27.0544 4660 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:12:27.0669 4660 osppsvc - ok
20:12:27.0700 4660 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:12:27.0731 4660 p2pimsvc - ok
20:12:27.0747 4660 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:12:27.0778 4660 p2psvc - ok
20:12:27.0794 4660 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:12:27.0809 4660 Parport - ok
20:12:27.0825 4660 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:12:27.0825 4660 partmgr - ok
20:12:27.0840 4660 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:12:27.0840 4660 Parvdm - ok
20:12:27.0856 4660 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:12:27.0872 4660 PcaSvc - ok
20:12:27.0887 4660 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:12:27.0903 4660 pci - ok
20:12:27.0918 4660 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:12:27.0934 4660 pciide - ok
20:12:27.0950 4660 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:12:27.0950 4660 pcmcia - ok
20:12:27.0965 4660 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:12:27.0981 4660 pcw - ok
20:12:27.0996 4660 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:12:28.0043 4660 PEAUTH - ok
20:12:28.0059 4660 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:12:28.0106 4660 PeerDistSvc - ok
20:12:28.0137 4660 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:12:28.0184 4660 pla - ok
20:12:28.0308 4660 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:12:28.0340 4660 PlugPlay - ok
20:12:28.0355 4660 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:12:28.0386 4660 PNRPAutoReg - ok
20:12:28.0402 4660 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:12:28.0418 4660 PNRPsvc - ok
20:12:28.0449 4660 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:12:28.0496 4660 PolicyAgent - ok
20:12:28.0511 4660 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:12:28.0542 4660 Power - ok
20:12:28.0558 4660 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:12:28.0589 4660 PptpMiniport - ok
20:12:28.0605 4660 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:12:28.0620 4660 Processor - ok
20:12:28.0636 4660 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:12:28.0667 4660 ProfSvc - ok
20:12:28.0667 4660 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:12:28.0667 4660 ProtectedStorage - ok
20:12:28.0698 4660 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:12:28.0714 4660 Psched - ok
20:12:28.0745 4660 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:12:28.0792 4660 ql2300 - ok
20:12:28.0808 4660 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:12:28.0808 4660 ql40xx - ok
20:12:28.0839 4660 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:12:28.0854 4660 QWAVE - ok
20:12:28.0854 4660 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:12:28.0870 4660 QWAVEdrv - ok
20:12:28.0886 4660 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:12:28.0901 4660 RasAcd - ok
20:12:28.0917 4660 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:12:28.0917 4660 RasAgileVpn - ok
20:12:28.0932 4660 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:12:28.0948 4660 RasAuto - ok
20:12:28.0964 4660 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:12:28.0979 4660 Rasl2tp - ok
20:12:28.0995 4660 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:12:29.0010 4660 RasMan - ok
20:12:29.0010 4660 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:12:29.0026 4660 RasPppoe - ok
20:12:29.0042 4660 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:12:29.0073 4660 RasSstp - ok
20:12:29.0088 4660 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:12:29.0120 4660 rdbss - ok
20:12:29.0135 4660 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:12:29.0151 4660 rdpbus - ok
20:12:29.0166 4660 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:12:29.0182 4660 RDPCDD - ok
20:12:29.0198 4660 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:12:29.0229 4660 RDPDR - ok
20:12:29.0244 4660 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:12:29.0260 4660 RDPENCDD - ok
20:12:29.0276 4660 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:12:29.0307 4660 RDPREFMP - ok
20:12:29.0338 4660 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:12:29.0369 4660 RdpVideoMiniport - ok
20:12:29.0416 4660 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:12:29.0432 4660 RDPWD - ok
20:12:29.0447 4660 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:12:29.0463 4660 rdyboost - ok
20:12:29.0478 4660 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:12:29.0510 4660 RemoteAccess - ok
20:12:29.0541 4660 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:12:29.0572 4660 RemoteRegistry - ok
20:12:29.0603 4660 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:12:29.0634 4660 RFCOMM - ok
20:12:29.0650 4660 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:12:29.0681 4660 RpcEptMapper - ok
20:12:29.0697 4660 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:12:29.0712 4660 RpcLocator - ok
20:12:29.0728 4660 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:12:29.0744 4660 RpcSs - ok
20:12:29.0759 4660 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:12:29.0790 4660 rspndr - ok
20:12:29.0806 4660 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:12:29.0806 4660 s3cap - ok
20:12:29.0822 4660 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:12:29.0837 4660 SamSs - ok
20:12:29.0868 4660 [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
20:12:29.0884 4660 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - warning
20:12:29.0884 4660 Samsung UPD Service2 - detected UnsignedFile.Multi.Generic (1)
20:12:29.0900 4660 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:12:29.0915 4660 sbp2port - ok
20:12:29.0931 4660 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:12:29.0946 4660 SCardSvr - ok
20:12:29.0962 4660 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:12:29.0993 4660 scfilter - ok
20:12:30.0009 4660 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:12:30.0040 4660 Schedule - ok
20:12:30.0056 4660 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:12:30.0071 4660 SCPolicySvc - ok
20:12:30.0087 4660 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:12:30.0118 4660 SDRSVC - ok
20:12:30.0118 4660 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:12:30.0134 4660 secdrv - ok
20:12:30.0149 4660 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:12:30.0165 4660 seclogon - ok
20:12:30.0165 4660 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:12:30.0196 4660 SENS - ok
20:12:30.0212 4660 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:12:30.0227 4660 SensrSvc - ok
20:12:30.0243 4660 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:12:30.0258 4660 Serenum - ok
20:12:30.0274 4660 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:12:30.0290 4660 Serial - ok
20:12:30.0321 4660 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:12:30.0336 4660 sermouse - ok
20:12:30.0352 4660 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:12:30.0383 4660 SessionEnv - ok
20:12:30.0399 4660 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:12:30.0414 4660 sffdisk - ok
20:12:30.0414 4660 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:12:30.0430 4660 sffp_mmc - ok
20:12:30.0446 4660 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:12:30.0461 4660 sffp_sd - ok
20:12:30.0461 4660 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:12:30.0477 4660 sfloppy - ok
20:12:30.0492 4660 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:12:30.0524 4660 ShellHWDetection - ok
20:12:30.0539 4660 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:12:30.0539 4660 sisagp - ok
20:12:30.0539 4660 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:12:30.0555 4660 SiSRaid2 - ok
20:12:30.0555 4660 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:12:30.0555 4660 SiSRaid4 - ok
20:12:30.0664 4660 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:12:30.0758 4660 Skype C2C Service - ok
20:12:30.0773 4660 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:12:30.0789 4660 SkypeUpdate - ok
20:12:30.0820 4660 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:12:30.0851 4660 Smb - ok
20:12:30.0882 4660 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:12:30.0882 4660 SNMPTRAP - ok
20:12:30.0898 4660 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:12:30.0898 4660 spldr - ok
20:12:30.0945 4660 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:12:30.0976 4660 Spooler - ok
20:12:31.0038 4660 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:12:31.0148 4660 sppsvc - ok
20:12:31.0163 4660 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:12:31.0194 4660 sppuinotify - ok
20:12:31.0226 4660 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:12:31.0241 4660 SQLBrowser - ok
20:12:31.0350 4660 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:12:31.0350 4660 SQLWriter - ok
20:12:31.0397 4660 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:12:31.0428 4660 srv - ok
20:12:31.0460 4660 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:12:31.0475 4660 srv2 - ok
20:12:31.0491 4660 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:12:31.0506 4660 srvnet - ok
20:12:31.0553 4660 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:12:31.0584 4660 ssadbus - ok
20:12:31.0616 4660 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:12:31.0647 4660 ssadmdfl - ok
20:12:31.0678 4660 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:12:31.0694 4660 ssadmdm - ok
20:12:31.0694 4660 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:12:31.0725 4660 ssadserd - ok
20:12:31.0740 4660 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:12:31.0756 4660 SSDPSRV - ok
20:12:31.0772 4660 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:12:31.0787 4660 SstpSvc - ok
20:12:31.0818 4660 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:12:31.0818 4660 stexstor - ok
20:12:31.0865 4660 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:12:31.0881 4660 StiSvc - ok
20:12:31.0896 4660 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:12:31.0912 4660 storflt - ok
20:12:31.0928 4660 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:12:31.0943 4660 storvsc - ok
20:12:31.0959 4660 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:12:31.0959 4660 swenum - ok
20:12:31.0974 4660 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:12:32.0006 4660 swprv - ok
20:12:32.0021 4660 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:12:32.0021 4660 Synth3dVsc - ok
20:12:32.0052 4660 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:12:32.0115 4660 SysMain - ok
20:12:32.0115 4660 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:12:32.0146 4660 TabletInputService - ok
20:12:32.0177 4660 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:12:32.0224 4660 TapiSrv - ok
20:12:32.0240 4660 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:12:32.0255 4660 TBS - ok
20:12:32.0302 4660 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:12:32.0364 4660 Tcpip - ok
20:12:32.0396 4660 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:12:32.0427 4660 TCPIP6 - ok
20:12:32.0442 4660 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:12:32.0458 4660 tcpipreg - ok
20:12:32.0458 4660 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:12:32.0489 4660 TDPIPE - ok
20:12:32.0505 4660 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:12:32.0520 4660 TDTCP - ok
20:12:32.0520 4660 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:12:32.0536 4660 tdx - ok
20:12:32.0645 4660 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:12:32.0708 4660 TeamViewer7 - ok
20:12:32.0723 4660 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:12:32.0739 4660 TermDD - ok
20:12:32.0754 4660 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:12:32.0786 4660 terminpt - ok
20:12:32.0801 4660 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:12:32.0848 4660 TermService - ok
20:12:32.0848 4660 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:12:32.0879 4660 Themes - ok
20:12:32.0895 4660 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:12:32.0926 4660 THREADORDER - ok
20:12:32.0926 4660 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:12:32.0957 4660 TrkWks - ok
20:12:33.0004 4660 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:12:33.0035 4660 TrustedInstaller - ok
20:12:33.0035 4660 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:12:33.0051 4660 tssecsrv - ok
20:12:33.0066 4660 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:12:33.0098 4660 TsUsbFlt - ok
20:12:33.0113 4660 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:12:33.0113 4660 TsUsbGD - ok
20:12:33.0129 4660 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:12:33.0160 4660 tsusbhub - ok
20:12:33.0176 4660 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:12:33.0191 4660 tunnel - ok
20:12:33.0207 4660 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:12:33.0222 4660 uagp35 - ok
20:12:33.0238 4660 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:12:33.0254 4660 udfs - ok
20:12:33.0269 4660 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:12:33.0285 4660 UI0Detect - ok
20:12:33.0316 4660 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:12:33.0332 4660 uliagpkx - ok
20:12:33.0332 4660 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:12:33.0347 4660 umbus - ok
20:12:33.0363 4660 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:12:33.0363 4660 UmPass - ok
20:12:33.0394 4660 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:12:33.0410 4660 UmRdpService - ok
20:12:33.0503 4660 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:12:33.0597 4660 UNS - ok
20:12:33.0612 4660 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:12:33.0644 4660 upnphost - ok
20:12:33.0690 4660 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:12:33.0690 4660 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:12:33.0690 4660 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:12:33.0722 4660 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:12:33.0737 4660 usbccgp - ok
20:12:33.0768 4660 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:12:33.0784 4660 usbcir - ok
20:12:33.0815 4660 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:12:33.0831 4660 usbehci - ok
20:12:33.0846 4660 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:12:33.0893 4660 usbhub - ok
20:12:33.0909 4660 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:12:33.0909 4660 usbohci - ok
20:12:33.0924 4660 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:12:33.0956 4660 usbprint - ok
20:12:33.0971 4660 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:12:33.0987 4660 usbscan - ok
20:12:34.0034 4660 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:12:34.0049 4660 usbser - ok
20:12:34.0065 4660 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:12:34.0080 4660 USBSTOR - ok
20:12:34.0080 4660 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:12:34.0112 4660 usbuhci - ok
20:12:34.0143 4660 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:12:34.0174 4660 usbvideo - ok
20:12:34.0190 4660 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:12:34.0221 4660 UxSms - ok
20:12:34.0236 4660 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:12:34.0252 4660 VaultSvc - ok
20:12:34.0268 4660 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:12:34.0268 4660 vdrvroot - ok
20:12:34.0299 4660 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:12:34.0330 4660 vds - ok
20:12:34.0424 4660 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:12:34.0455 4660 vga - ok
20:12:34.0470 4660 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:12:34.0502 4660 VgaSave - ok
20:12:34.0502 4660 VGPU - ok
20:12:34.0517 4660 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:12:34.0533 4660 vhdmp - ok
20:12:34.0548 4660 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:12:34.0564 4660 viaagp - ok
20:12:34.0564 4660 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:12:34.0580 4660 ViaC7 - ok
20:12:34.0595 4660 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:12:34.0595 4660 viaide - ok
20:12:34.0626 4660 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:12:34.0642 4660 vmbus - ok
20:12:34.0658 4660 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:12:34.0658 4660 VMBusHID - ok
20:12:34.0673 4660 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:12:34.0689 4660 volmgr - ok
20:12:34.0704 4660 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:12:34.0704 4660 volmgrx - ok
20:12:34.0720 4660 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:12:34.0736 4660 volsnap - ok
20:12:34.0751 4660 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:12:34.0751 4660 vsmraid - ok
20:12:34.0782 4660 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:12:34.0814 4660 VSS - ok
20:12:34.0829 4660 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:12:34.0845 4660 vwifibus - ok
20:12:34.0860 4660 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:12:34.0876 4660 vwififlt - ok
20:12:34.0907 4660 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:12:34.0923 4660 W32Time - ok
20:12:34.0923 4660 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:12:34.0954 4660 WacomPen - ok
20:12:34.0970 4660 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:12:34.0985 4660 WANARP - ok
20:12:35.0001 4660 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:12:35.0001 4660 Wanarpv6 - ok
20:12:35.0048 4660 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:12:35.0094 4660 WatAdminSvc - ok
20:12:35.0110 4660 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:12:35.0172 4660 wbengine - ok
20:12:35.0188 4660 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:12:35.0204 4660 WbioSrvc - ok
20:12:35.0219 4660 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:12:35.0235 4660 wcncsvc - ok
20:12:35.0235 4660 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:12:35.0266 4660 WcsPlugInService - ok
20:12:35.0282 4660 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:12:35.0282 4660 Wd - ok
20:12:35.0328 4660 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:12:35.0344 4660 Wdf01000 - ok
20:12:35.0360 4660 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:12:35.0406 4660 WdiServiceHost - ok
20:12:35.0422 4660 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:12:35.0438 4660 WdiSystemHost - ok
20:12:35.0453 4660 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:12:35.0484 4660 WebClient - ok
20:12:35.0500 4660 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:12:35.0531 4660 Wecsvc - ok
20:12:35.0531 4660 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:12:35.0547 4660 wercplsupport - ok
20:12:35.0578 4660 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:12:35.0609 4660 WerSvc - ok
20:12:35.0609 4660 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:12:35.0625 4660 WfpLwf - ok
20:12:35.0625 4660 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:12:35.0625 4660 WIMMount - ok
20:12:35.0625 4660 WinHttpAutoProxySvc - ok
20:12:35.0672 4660 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:12:35.0687 4660 Winmgmt - ok
20:12:35.0718 4660 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:12:35.0765 4660 WinRM - ok
20:12:35.0828 4660 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:12:35.0843 4660 WinUsb - ok
20:12:35.0859 4660 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:12:35.0921 4660 Wlansvc - ok
20:12:35.0921 4660 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:12:35.0937 4660 WmiAcpi - ok
20:12:35.0952 4660 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:12:35.0968 4660 wmiApSrv - ok
20:12:36.0030 4660 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:12:36.0093 4660 WMPNetworkSvc - ok
20:12:36.0093 4660 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:12:36.0124 4660 WPCSvc - ok
20:12:36.0124 4660 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:12:36.0171 4660 WPDBusEnum - ok
20:12:36.0186 4660 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:12:36.0233 4660 ws2ifsl - ok
20:12:36.0233 4660 WSearch - ok
20:12:36.0280 4660 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:12:36.0358 4660 wuauserv - ok
20:12:36.0389 4660 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:12:36.0420 4660 WudfPf - ok
20:12:36.0436 4660 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:12:36.0467 4660 WUDFRd - ok
20:12:36.0483 4660 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:12:36.0498 4660 wudfsvc - ok
20:12:36.0514 4660 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:12:36.0545 4660 WwanSvc - ok
20:12:36.0561 4660 ================ Scan global ===============================
20:12:36.0576 4660 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:12:36.0608 4660 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:12:36.0608 4660 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:12:36.0639 4660 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:12:36.0654 4660 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:12:36.0654 4660 [Global] - ok
20:12:36.0654 4660 ================ Scan MBR ==================================
20:12:36.0686 4660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:12:37.0013 4660 \Device\Harddisk0\DR0 - ok
20:12:37.0013 4660 ================ Scan VBR ==================================
20:12:37.0013 4660 [ 1187B0E5A237DB43F55AEADF2A246704 ] \Device\Harddisk0\DR0\Partition1
20:12:37.0013 4660 \Device\Harddisk0\DR0\Partition1 - ok
20:12:37.0013 4660 [ FB4378FB012F0A7B704505CA45F3341E ] \Device\Harddisk0\DR0\Partition2
20:12:37.0013 4660 \Device\Harddisk0\DR0\Partition2 - ok
20:12:37.0029 4660 [ CF4393CFA77508A24334B47F3346D809 ] \Device\Harddisk0\DR0\Partition3
20:12:37.0029 4660 \Device\Harddisk0\DR0\Partition3 - ok
20:12:37.0029 4660 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition4
20:12:37.0029 4660 \Device\Harddisk0\DR0\Partition4 - ok
20:12:37.0029 4660 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition5
20:12:37.0029 4660 \Device\Harddisk0\DR0\Partition5 - ok
20:12:37.0029 4660 ============================================================
20:12:37.0029 4660 Scan finished
20:12:37.0029 4660 ============================================================
20:12:37.0044 5724 Detected object count: 7
20:12:37.0044 5724 Actual detected object count: 7
20:13:35.0264 5724 aacf ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 aacf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 AppleHFS ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 AppleHFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 AppleMNT ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 AppleMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 KeyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 KeyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 MacHALDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 MacHALDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:35.0264 5724 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:13:35.0264 5724 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:44.0530 5844 ============================================================
20:13:44.0530 5844 Scan started
20:13:44.0530 5844 Mode: Manual; SigCheck; TDLFS;
20:13:44.0530 5844 ============================================================
20:13:44.0780 5844 ================ Scan system memory ========================
20:13:44.0780 5844 System memory - ok
20:13:44.0780 5844 ================ Scan services =============================
20:13:44.0889 5844 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:13:44.0920 5844 1394ohci - ok
20:13:44.0951 5844 [ 0EB7B2562620DAE45231C19ADDB749A6 ] A38CCID C:\Windows\system32\DRIVERS\a38ccid.sys
20:13:44.0951 5844 A38CCID - ok
20:13:44.0982 5844 [ E6D35F3AA51A65EB35C1F2340154A25E ] aacf C:\Windows\system32\drivers\iontrec.sys
20:13:44.0982 5844 aacf ( UnsignedFile.Multi.Generic ) - warning
20:13:44.0982 5844 aacf - detected UnsignedFile.Multi.Generic (1)
20:13:45.0060 5844 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:13:45.0076 5844 ACPI - ok
20:13:45.0092 5844 [ 79D6B28027C398B728CE7CD0570248B0 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
20:13:45.0107 5844 acpials - ok
20:13:45.0123 5844 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:13:45.0138 5844 AcpiPmi - ok
20:13:45.0185 5844 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:13:45.0201 5844 AdobeARMservice - ok
20:13:45.0216 5844 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:13:45.0232 5844 adp94xx - ok
20:13:45.0248 5844 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:13:45.0263 5844 adpahci - ok
20:13:45.0279 5844 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:13:45.0294 5844 adpu320 - ok
20:13:45.0326 5844 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:13:45.0357 5844 AeLookupSvc - ok
20:13:45.0388 5844 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:13:45.0404 5844 AFD - ok
20:13:45.0404 5844 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:13:45.0419 5844 agp440 - ok
20:13:45.0435 5844 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:13:45.0435 5844 aic78xx - ok
20:13:45.0450 5844 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:13:45.0450 5844 ALG - ok
20:13:45.0466 5844 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:13:45.0466 5844 aliide - ok
20:13:45.0497 5844 [ FB7FDA167F89694B8AF18A4636D0C19C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:13:45.0513 5844 AMD External Events Utility - ok
20:13:45.0528 5844 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:13:45.0528 5844 amdagp - ok
20:13:45.0544 5844 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:13:45.0560 5844 amdide - ok
20:13:45.0560 5844 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:13:45.0560 5844 AmdK8 - ok
20:13:45.0684 5844 [ 409D070998DE0C740372531174D22C91 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:13:45.0731 5844 amdkmdag - ok
20:13:45.0747 5844 [ 377CD7845A5C428112ADD976867A2819 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:13:45.0747 5844 amdkmdap - ok
20:13:45.0762 5844 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:13:45.0762 5844 AmdPPM - ok
20:13:45.0794 5844 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:13:45.0809 5844 amdsata - ok
20:13:45.0809 5844 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:13:45.0825 5844 amdsbs - ok
20:13:45.0840 5844 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:13:45.0840 5844 amdxata - ok
20:13:45.0872 5844 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:13:45.0887 5844 androidusb - ok
20:13:45.0887 5844 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:13:45.0903 5844 AppID - ok
20:13:45.0903 5844 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:13:45.0918 5844 AppIDSvc - ok
20:13:45.0918 5844 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:13:45.0934 5844 Appinfo - ok
20:13:45.0996 5844 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:13:46.0012 5844 Apple Mobile Device - ok
20:13:46.0012 5844 [ F81B2BAFAC16CD53E17E079EB2282D94 ] applebmt C:\Windows\system32\DRIVERS\applebmt.sys
20:13:46.0028 5844 applebmt - ok
20:13:46.0028 5844 [ 3B80A371525170C3CB6EA11614B30FE6 ] AppleBtBc C:\Windows\system32\DRIVERS\AppleBtBc.sys
20:13:46.0043 5844 AppleBtBc - ok
20:13:46.0043 5844 [ 2419E0CE7AE87F471CCE3E5768B285A4 ] AppleHFS C:\Windows\system32\drivers\AppleHFS.sys
20:13:46.0043 5844 AppleHFS ( UnsignedFile.Multi.Generic ) - warning
20:13:46.0043 5844 AppleHFS - detected UnsignedFile.Multi.Generic (1)
20:13:46.0059 5844 [ 9E7A162AE3AC1BF033BF20C379FBE3F4 ] AppleMNT C:\Windows\system32\drivers\AppleMNT.sys
20:13:46.0059 5844 AppleMNT ( UnsignedFile.Multi.Generic ) - warning
20:13:46.0059 5844 AppleMNT - detected UnsignedFile.Multi.Generic (1)
20:13:46.0074 5844 [ 90331505FF7F6C0D5CFA7C34BDA4E673 ] AppleOSSMgr C:\Windows\system32\AppleOSSMgr.exe
20:13:46.0074 5844 AppleOSSMgr - ok
20:13:46.0090 5844 [ 1F54B7E4283C8F76347805FD78B9128F ] AppleTimeSrv C:\Windows\system32\AppleTimeSrv.exe
20:13:46.0106 5844 AppleTimeSrv - ok
20:13:46.0121 5844 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:13:46.0137 5844 AppMgmt - ok
20:13:46.0152 5844 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:13:46.0152 5844 arc - ok
20:13:46.0168 5844 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:13:46.0184 5844 arcsas - ok
20:13:46.0246 5844 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:13:46.0262 5844 aspnet_state - ok
20:13:46.0277 5844 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:13:46.0308 5844 AsyncMac - ok
20:13:46.0308 5844 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:13:46.0308 5844 atapi - ok
20:13:46.0386 5844 [ F8CFE8471BD445F2B437281F2AF01780 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:13:46.0418 5844 athr - ok
20:13:46.0433 5844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:13:46.0464 5844 AudioEndpointBuilder - ok
20:13:46.0464 5844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:13:46.0480 5844 Audiosrv - ok
20:13:46.0496 5844 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:13:46.0511 5844 AxInstSV - ok
20:13:46.0527 5844 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:13:46.0542 5844 b06bdrv - ok
20:13:46.0558 5844 [ BF34695B9E74CD7D72CB945A6AF874B7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:13:46.0558 5844 b57nd60x - ok
20:13:46.0574 5844 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:13:46.0589 5844 BDESVC - ok
20:13:46.0589 5844 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:13:46.0605 5844 Beep - ok
20:13:46.0620 5844 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:13:46.0636 5844 BFE - ok
20:13:46.0667 5844 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:13:46.0683 5844 BITS - ok
20:13:46.0698 5844 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:13:46.0698 5844 blbdrive - ok
20:13:46.0745 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:13:46.0761 5844 Bonjour Service - ok
20:13:46.0776 5844 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:13:46.0792 5844 bowser - ok
20:13:46.0808 5844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:13:46.0823 5844 BrFiltLo - ok
20:13:46.0823 5844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:13:46.0823 5844 BrFiltUp - ok
20:13:46.0854 5844 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:13:46.0870 5844 Browser - ok
20:13:46.0886 5844 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:13:46.0901 5844 Brserid - ok
20:13:46.0901 5844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:13:46.0917 5844 BrSerWdm - ok
20:13:46.0917 5844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:13:46.0932 5844 BrUsbMdm - ok
20:13:46.0932 5844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:13:46.0932 5844 BrUsbSer - ok
20:13:46.0948 5844 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:13:46.0964 5844 BthEnum - ok
20:13:46.0979 5844 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:13:46.0995 5844 BTHMODEM - ok
20:13:47.0010 5844 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:13:47.0026 5844 BthPan - ok
20:13:47.0042 5844 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:13:47.0042 5844 BTHPORT - ok
20:13:47.0057 5844 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:13:47.0073 5844 bthserv - ok
20:13:47.0073 5844 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:13:47.0088 5844 BTHUSB - ok
20:13:47.0088 5844 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:13:47.0104 5844 cdfs - ok
20:13:47.0120 5844 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:13:47.0135 5844 cdrom - ok
20:13:47.0151 5844 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:13:47.0166 5844 CertPropSvc - ok
20:13:47.0182 5844 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:13:47.0182 5844 circlass - ok
20:13:47.0198 5844 [ 4A53428F7C383EFBCFAAFDCB434E2AF4 ] CirrusFilter C:\Windows\system32\DRIVERS\CS420x86.sys
20:13:47.0229 5844 CirrusFilter - ok
20:13:47.0229 5844 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:13:47.0244 5844 CLFS - ok
20:13:47.0291 5844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:13:47.0291 5844 clr_optimization_v2.0.50727_32 - ok
20:13:47.0322 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:13:47.0322 5844 clr_optimization_v4.0.30319_32 - ok
20:13:47.0338 5844 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:13:47.0338 5844 CmBatt - ok
20:13:47.0354 5844 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:13:47.0354 5844 cmdide - ok
20:13:47.0369 5844 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:13:47.0385 5844 CNG - ok
20:13:47.0400 5844 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:13:47.0400 5844 Compbatt - ok
20:13:47.0416 5844 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:13:47.0432 5844 CompositeBus - ok
20:13:47.0432 5844 COMSysApp - ok
20:13:47.0447 5844 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:13:47.0447 5844 crcdisk - ok
20:13:47.0478 5844 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:13:47.0494 5844 CryptSvc - ok
20:13:47.0525 5844 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:13:47.0556 5844 CSC - ok
20:13:47.0572 5844 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:13:47.0603 5844 CscService - ok
20:13:47.0619 5844 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:13:47.0650 5844 DcomLaunch - ok
20:13:47.0666 5844 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:13:47.0681 5844 defragsvc - ok
20:13:47.0697 5844 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:13:47.0712 5844 DfsC - ok
20:13:47.0712 5844 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:13:47.0728 5844 Dhcp - ok
20:13:47.0744 5844 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:13:47.0759 5844 discache - ok
20:13:47.0759 5844 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:13:47.0775 5844 Disk - ok
20:13:47.0790 5844 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:13:47.0790 5844 dmvsc - ok
20:13:47.0822 5844 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:13:47.0837 5844 Dnscache - ok
20:13:47.0853 5844 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:13:47.0884 5844 dot3svc - ok
20:13:47.0884 5844 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:13:47.0900 5844 DPS - ok
20:13:47.0915 5844 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:13:47.0915 5844 drmkaud - ok
20:13:47.0931 5844 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:13:47.0946 5844 DXGKrnl - ok
20:13:47.0978 5844 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:13:47.0993 5844 EapHost - ok
20:13:48.0056 5844 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:13:48.0196 5844 ebdrv - ok
20:13:48.0212 5844 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:13:48.0227 5844 EFS - ok
20:13:48.0274 5844 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:13:48.0290 5844 ehRecvr - ok
20:13:48.0305 5844 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:13:48.0321 5844 ehSched - ok
20:13:48.0336 5844 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:13:48.0368 5844 elxstor - ok
20:13:48.0368 5844 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:13:48.0383 5844 ErrDev - ok
20:13:48.0414 5844 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:13:48.0430 5844 EventSystem - ok
20:13:48.0446 5844 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:13:48.0461 5844 exfat - ok
20:13:48.0477 5844 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:13:48.0492 5844 fastfat - ok
20:13:48.0524 5844 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:13:48.0539 5844 Fax - ok
20:13:48.0539 5844 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:13:48.0555 5844 fdc - ok
20:13:48.0570 5844 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:13:48.0586 5844 fdPHost - ok
20:13:48.0602 5844 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:13:48.0617 5844 FDResPub - ok
20:13:48.0648 5844 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:13:48.0648 5844 FileInfo - ok
20:13:48.0664 5844 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:13:48.0695 5844 Filetrace - ok
20:13:48.0695 5844 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:13:48.0711 5844 flpydisk - ok
20:13:48.0711 5844 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:13:48.0726 5844 FltMgr - ok
20:13:48.0773 5844 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:13:48.0804 5844 FontCache - ok
20:13:48.0836 5844 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:13:48.0836 5844 FontCache3.0.0.0 - ok
20:13:48.0851 5844 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:13:48.0867 5844 FsDepends - ok
20:13:48.0898 5844 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:13:48.0898 5844 Fs_Rec - ok
20:13:48.0914 5844 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:13:48.0914 5844 fvevol - ok
20:13:48.0929 5844 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:13:48.0929 5844 gagp30kx - ok
20:13:48.0945 5844 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:13:48.0945 5844 GEARAspiWDM - ok
20:13:48.0960 5844 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:13:48.0976 5844 gpsvc - ok
20:13:48.0992 5844 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:13:48.0992 5844 hcw85cir - ok
20:13:49.0023 5844 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:13:49.0038 5844 HdAudAddService - ok
20:13:49.0054 5844 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:13:49.0070 5844 HDAudBus - ok
20:13:49.0070 5844 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:13:49.0085 5844 HidBatt - ok
20:13:49.0101 5844 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:13:49.0116 5844 HidBth - ok
20:13:49.0116 5844 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:13:49.0132 5844 HidIr - ok
20:13:49.0148 5844 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:13:49.0148 5844 hidserv - ok
20:13:49.0163 5844 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:13:49.0163 5844 HidUsb - ok
20:13:49.0179 5844 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:13:49.0194 5844 hkmsvc - ok
20:13:49.0210 5844 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:13:49.0226 5844 HomeGroupListener - ok
20:13:49.0241 5844 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:13:49.0257 5844 HomeGroupProvider - ok
20:13:49.0257 5844 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:13:49.0272 5844 HpSAMD - ok
20:13:49.0288 5844 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:13:49.0304 5844 HTTP - ok
20:13:49.0319 5844 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:13:49.0319 5844 hwpolicy - ok
20:13:49.0335 5844 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:13:49.0335 5844 i8042prt - ok
20:13:49.0382 5844 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:13:49.0382 5844 iaStorV - ok
20:13:49.0444 5844 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:13:49.0460 5844 idsvc - ok
20:13:49.0475 5844 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:13:49.0475 5844 iirsp - ok
20:13:49.0538 5844 [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:13:49.0553 5844 IJPLMSVC - ok
20:13:49.0569 5844 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:13:49.0616 5844 IKEEXT - ok
20:13:49.0631 5844 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:13:49.0631 5844 intelide - ok
20:13:49.0631 5844 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:13:49.0647 5844 intelppm - ok
20:13:49.0662 5844 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:13:49.0678 5844 IPBusEnum - ok
20:13:49.0678 5844 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:13:49.0694 5844 IpFilterDriver - ok
20:13:49.0709 5844 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:13:49.0725 5844 IPMIDRV - ok
20:13:49.0725 5844 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:13:49.0740 5844 IPNAT - ok
20:13:49.0772 5844 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:13:49.0787 5844 iPod Service - ok
20:13:49.0787 5844 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:13:49.0787 5844 IRENUM - ok
20:13:49.0803 5844 [ DD4C1A21ABD0C41184D3F529421E4650 ] IRRemoteFlt C:\Windows\system32\DRIVERS\IRFilter.sys
20:13:49.0818 5844 IRRemoteFlt - ok
20:13:49.0834 5844 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:13:49.0834 5844 isapnp - ok
20:13:49.0850 5844 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:13:49.0865 5844 iScsiPrt - ok
20:13:49.0881 5844 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:13:49.0881 5844 kbdclass - ok
20:13:49.0881 5844 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:13:49.0896 5844 kbdhid - ok
20:13:49.0912 5844 [ F98ECF8A1135B9C56A6D51EC08D4651A ] KeyAgent C:\Windows\system32\drivers\KeyAgent.sys
20:13:49.0928 5844 KeyAgent ( UnsignedFile.Multi.Generic ) - warning
20:13:49.0928 5844 KeyAgent - detected UnsignedFile.Multi.Generic (1)
20:13:49.0928 5844 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:13:49.0943 5844 KeyIso - ok
20:13:49.0959 5844 [ 298D7B6B8B7985C272A7E7158119A416 ] KeyMagic C:\Windows\system32\DRIVERS\KeyMagic.sys
20:13:49.0974 5844 KeyMagic - ok
20:13:50.0006 5844 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:13:50.0021 5844 KSecDD - ok
20:13:50.0021 5844 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:13:50.0037 5844 KSecPkg - ok
20:13:50.0052 5844 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:13:50.0084 5844 KtmRm - ok
20:13:50.0099 5844 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:13:50.0115 5844 LanmanServer - ok
20:13:50.0146 5844 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:13:50.0162 5844 LanmanWorkstation - ok
20:13:50.0177 5844 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:13:50.0177 5844 lltdio - ok
20:13:50.0193 5844 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:13:50.0208 5844 lltdsvc - ok
20:13:50.0224 5844 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:13:50.0240 5844 lmhosts - ok
20:13:50.0271 5844 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:13:50.0286 5844 LMS - ok
20:13:50.0302 5844 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:13:50.0302 5844 LSI_FC - ok
20:13:50.0302 5844 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:13:50.0318 5844 LSI_SAS - ok
20:13:50.0318 5844 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:13:50.0333 5844 LSI_SAS2 - ok
20:13:50.0333 5844 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:13:50.0349 5844 LSI_SCSI - ok
20:13:50.0349 5844 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:13:50.0364 5844 luafv - ok
20:13:50.0427 5844 [ 6311F8863D898CE60C048779F9D86E74 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
20:13:50.0442 5844 lxecCATSCustConnectService - ok
20:13:50.0442 5844 lxec_device - ok
20:13:50.0474 5844 [ 6AAC2E751258B28982D77A56EBC97479 ] MacHALDriver C:\Windows\system32\drivers\MacHALDriver.sys
20:13:50.0474 5844 MacHALDriver ( UnsignedFile.Multi.Generic ) - warning
20:13:50.0474 5844 MacHALDriver - detected UnsignedFile.Multi.Generic (1)
20:13:50.0489 5844 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:13:50.0505 5844 MBAMProtector - ok
20:13:50.0536 5844 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:13:50.0552 5844 MBAMScheduler - ok
20:13:50.0583 5844 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:13:50.0598 5844 MBAMService - ok
20:13:50.0630 5844 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:13:50.0630 5844 Mcx2Svc - ok
20:13:50.0645 5844 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:13:50.0645 5844 megasas - ok
20:13:50.0661 5844 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:13:50.0661 5844 MegaSR - ok
20:13:50.0676 5844 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
20:13:50.0692 5844 MEI - ok
20:13:50.0708 5844 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:13:50.0723 5844 MMCSS - ok
20:13:50.0739 5844 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:13:50.0754 5844 Modem - ok
20:13:50.0770 5844 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:13:50.0786 5844 monitor - ok
20:13:50.0786 5844 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:13:50.0801 5844 mouclass - ok
20:13:50.0801 5844 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:13:50.0817 5844 mouhid - ok
20:13:50.0817 5844 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:13:50.0832 5844 mountmgr - ok
20:13:50.0832 5844 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:13:50.0832 5844 mpio - ok
20:13:50.0895 5844 MpKslba5a688c - ok
20:13:50.0895 5844 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:13:50.0926 5844 mpsdrv - ok
20:13:50.0942 5844 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:13:50.0957 5844 MpsSvc - ok
20:13:50.0957 5844 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:13:50.0973 5844 MRxDAV - ok

Alexander12 · 11.01.2013, 21:01

20:13:51.0004 5844 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:13:51.0020 5844 mrxsmb - ok
20:13:51.0035 5844 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:13:51.0051 5844 mrxsmb10 - ok
20:13:51.0051 5844 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:13:51.0066 5844 mrxsmb20 - ok
20:13:51.0082 5844 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:13:51.0098 5844 msahci - ok
20:13:51.0098 5844 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:13:51.0113 5844 msdsm - ok
20:13:51.0207 5844 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:13:51.0222 5844 MSDTC - ok
20:13:51.0238 5844 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:13:51.0269 5844 Msfs - ok
20:13:51.0285 5844 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:13:51.0300 5844 mshidkmdf - ok
20:13:51.0300 5844 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:13:51.0316 5844 msisadrv - ok
20:13:51.0332 5844 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:13:51.0347 5844 MSiSCSI - ok
20:13:51.0347 5844 msiserver - ok
20:13:51.0363 5844 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:13:51.0378 5844 MSKSSRV - ok
20:13:51.0378 5844 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:13:51.0394 5844 MSPCLOCK - ok
20:13:51.0410 5844 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:13:51.0425 5844 MSPQM - ok
20:13:51.0441 5844 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:13:51.0456 5844 MsRPC - ok
20:13:51.0456 5844 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:13:51.0456 5844 mssmbios - ok
20:13:51.0534 5844 MSSQL$SQLEXPRESS - ok
20:13:51.0550 5844 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:13:51.0566 5844 MSSQLServerADHelper - ok
20:13:51.0581 5844 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:13:51.0597 5844 MSTEE - ok
20:13:51.0612 5844 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:13:51.0628 5844 MTConfig - ok
20:13:51.0628 5844 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:13:51.0644 5844 Mup - ok
20:13:51.0675 5844 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:13:51.0690 5844 napagent - ok
20:13:51.0706 5844 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:13:51.0706 5844 NativeWifiP - ok
20:13:51.0753 5844 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:13:51.0768 5844 NDIS - ok
20:13:51.0784 5844 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:13:51.0784 5844 NdisCap - ok
20:13:51.0800 5844 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:13:51.0815 5844 NdisTapi - ok
20:13:51.0831 5844 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:13:51.0831 5844 Ndisuio - ok
20:13:51.0846 5844 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:13:51.0862 5844 NdisWan - ok
20:13:51.0862 5844 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:13:51.0878 5844 NDProxy - ok
20:13:51.0893 5844 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:13:51.0909 5844 NetBIOS - ok
20:13:51.0909 5844 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:13:51.0940 5844 NetBT - ok
20:13:51.0956 5844 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:13:51.0956 5844 Netlogon - ok
20:13:51.0987 5844 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:13:52.0002 5844 Netman - ok
20:13:52.0018 5844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:13:52.0034 5844 NetMsmqActivator - ok
20:13:52.0034 5844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:13:52.0049 5844 NetPipeActivator - ok
20:13:52.0065 5844 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:13:52.0080 5844 netprofm - ok
20:13:52.0080 5844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:13:52.0096 5844 NetTcpActivator - ok
20:13:52.0096 5844 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:13:52.0096 5844 NetTcpPortSharing - ok
20:13:52.0112 5844 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:13:52.0112 5844 nfrd960 - ok
20:13:52.0158 5844 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:13:52.0174 5844 NlaSvc - ok
20:13:52.0190 5844 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:13:52.0221 5844 Npfs - ok
20:13:52.0236 5844 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:13:52.0252 5844 nsi - ok
20:13:52.0268 5844 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:13:52.0283 5844 nsiproxy - ok
20:13:52.0330 5844 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:13:52.0346 5844 Ntfs - ok
20:13:52.0346 5844 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:13:52.0361 5844 Null - ok
20:13:52.0377 5844 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:13:52.0377 5844 nvraid - ok
20:13:52.0408 5844 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:13:52.0424 5844 nvstor - ok
20:13:52.0439 5844 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:13:52.0455 5844 nv_agp - ok
20:13:52.0455 5844 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:13:52.0470 5844 ohci1394 - ok
20:13:52.0564 5844 OracleJobSchedulerACS - ok
20:13:52.0564 5844 OracleMTSRecoveryService - ok
20:13:52.0580 5844 OracleOraDb11g_home1ClrAgent - ok
20:13:52.0580 5844 OracleOraDb11g_home1TNSListener - ok
20:13:52.0580 5844 OracleServiceACS - ok
20:13:52.0595 5844 OracleVssWriterACS - ok
20:13:52.0626 5844 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:13:52.0626 5844 ose - ok
20:13:52.0736 5844 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:13:52.0845 5844 osppsvc - ok
20:13:52.0876 5844 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:13:52.0892 5844 p2pimsvc - ok
20:13:52.0892 5844 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:13:52.0907 5844 p2psvc - ok
20:13:52.0907 5844 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:13:52.0923 5844 Parport - ok
20:13:52.0938 5844 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:13:52.0954 5844 partmgr - ok
20:13:52.0954 5844 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:13:52.0954 5844 Parvdm - ok
20:13:52.0970 5844 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:13:52.0985 5844 PcaSvc - ok
20:13:52.0985 5844 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:13:53.0001 5844 pci - ok
20:13:53.0001 5844 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:13:53.0001 5844 pciide - ok
20:13:53.0032 5844 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:13:53.0032 5844 pcmcia - ok
20:13:53.0048 5844 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:13:53.0048 5844 pcw - ok
20:13:53.0063 5844 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:13:53.0079 5844 PEAUTH - ok
20:13:53.0110 5844 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:13:53.0157 5844 PeerDistSvc - ok
20:13:53.0204 5844 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:13:53.0266 5844 pla - ok
20:13:53.0297 5844 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:13:53.0313 5844 PlugPlay - ok
20:13:53.0313 5844 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:13:53.0328 5844 PNRPAutoReg - ok
20:13:53.0328 5844 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:13:53.0344 5844 PNRPsvc - ok
20:13:53.0360 5844 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:13:53.0391 5844 PolicyAgent - ok
20:13:53.0406 5844 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:13:53.0422 5844 Power - ok
20:13:53.0422 5844 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:13:53.0438 5844 PptpMiniport - ok
20:13:53.0453 5844 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:13:53.0469 5844 Processor - ok
20:13:53.0484 5844 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:13:53.0500 5844 ProfSvc - ok
20:13:53.0516 5844 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:13:53.0516 5844 ProtectedStorage - ok
20:13:53.0531 5844 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:13:53.0547 5844 Psched - ok
20:13:53.0578 5844 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:13:53.0609 5844 ql2300 - ok
20:13:53.0625 5844 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:13:53.0640 5844 ql40xx - ok
20:13:53.0656 5844 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:13:53.0672 5844 QWAVE - ok
20:13:53.0672 5844 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:13:53.0687 5844 QWAVEdrv - ok
20:13:53.0703 5844 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:13:53.0718 5844 RasAcd - ok
20:13:53.0734 5844 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:13:53.0734 5844 RasAgileVpn - ok
20:13:53.0750 5844 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:13:53.0765 5844 RasAuto - ok
20:13:53.0781 5844 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:13:53.0796 5844 Rasl2tp - ok
20:13:53.0812 5844 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:13:53.0828 5844 RasMan - ok
20:13:53.0828 5844 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:13:53.0843 5844 RasPppoe - ok
20:13:53.0859 5844 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:13:53.0874 5844 RasSstp - ok
20:13:53.0874 5844 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:13:53.0890 5844 rdbss - ok
20:13:53.0906 5844 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:13:53.0921 5844 rdpbus - ok
20:13:53.0921 5844 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:13:53.0937 5844 RDPCDD - ok
20:13:53.0952 5844 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:13:53.0952 5844 RDPDR - ok
20:13:53.0968 5844 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:13:53.0984 5844 RDPENCDD - ok
20:13:53.0984 5844 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:13:53.0999 5844 RDPREFMP - ok
20:13:54.0046 5844 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:13:54.0077 5844 RdpVideoMiniport - ok
20:13:54.0108 5844 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:13:54.0124 5844 RDPWD - ok
20:13:54.0140 5844 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:13:54.0155 5844 rdyboost - ok
20:13:54.0171 5844 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:13:54.0202 5844 RemoteAccess - ok
20:13:54.0280 5844 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:13:54.0311 5844 RemoteRegistry - ok
20:13:54.0342 5844 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:13:54.0358 5844 RFCOMM - ok
20:13:54.0358 5844 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:13:54.0374 5844 RpcEptMapper - ok
20:13:54.0405 5844 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:13:54.0405 5844 RpcLocator - ok
20:13:54.0420 5844 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:13:54.0436 5844 RpcSs - ok
20:13:54.0452 5844 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:13:54.0452 5844 rspndr - ok
20:13:54.0483 5844 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:13:54.0483 5844 s3cap - ok
20:13:54.0498 5844 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:13:54.0514 5844 SamSs - ok
20:13:54.0545 5844 [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
20:13:54.0545 5844 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - warning
20:13:54.0545 5844 Samsung UPD Service2 - detected UnsignedFile.Multi.Generic (1)
20:13:54.0561 5844 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:13:54.0561 5844 sbp2port - ok
20:13:54.0576 5844 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:13:54.0608 5844 SCardSvr - ok
20:13:54.0623 5844 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:13:54.0639 5844 scfilter - ok
20:13:54.0654 5844 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:13:54.0670 5844 Schedule - ok
20:13:54.0701 5844 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:13:54.0701 5844 SCPolicySvc - ok
20:13:54.0717 5844 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:13:54.0732 5844 SDRSVC - ok
20:13:54.0732 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:13:54.0748 5844 secdrv - ok
20:13:54.0764 5844 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:13:54.0779 5844 seclogon - ok
20:13:54.0779 5844 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:13:54.0795 5844 SENS - ok
20:13:54.0810 5844 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:13:54.0810 5844 SensrSvc - ok
20:13:54.0826 5844 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:13:54.0842 5844 Serenum - ok
20:13:54.0857 5844 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:13:54.0857 5844 Serial - ok
20:13:54.0873 5844 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:13:54.0873 5844 sermouse - ok
20:13:54.0888 5844 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:13:54.0904 5844 SessionEnv - ok
20:13:54.0920 5844 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:13:54.0920 5844 sffdisk - ok
20:13:54.0935 5844 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:13:54.0935 5844 sffp_mmc - ok
20:13:54.0951 5844 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:13:54.0951 5844 sffp_sd - ok
20:13:54.0951 5844 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:13:54.0966 5844 sfloppy - ok
20:13:54.0982 5844 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:13:54.0998 5844 ShellHWDetection - ok
20:13:54.0998 5844 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:13:54.0998 5844 sisagp - ok
20:13:55.0013 5844 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:13:55.0029 5844 SiSRaid2 - ok
20:13:55.0044 5844 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:13:55.0044 5844 SiSRaid4 - ok
20:13:55.0138 5844 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:13:55.0185 5844 Skype C2C Service - ok
20:13:55.0232 5844 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:13:55.0232 5844 SkypeUpdate - ok
20:13:55.0247 5844 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:13:55.0263 5844 Smb - ok
20:13:55.0278 5844 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:13:55.0278 5844 SNMPTRAP - ok
20:13:55.0294 5844 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:13:55.0294 5844 spldr - ok
20:13:55.0325 5844 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:13:55.0341 5844 Spooler - ok
20:13:55.0419 5844 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:13:55.0512 5844 sppsvc - ok
20:13:55.0544 5844 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:13:55.0559 5844 sppuinotify - ok
20:13:55.0590 5844 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:13:55.0606 5844 SQLBrowser - ok
20:13:55.0653 5844 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:13:55.0653 5844 SQLWriter - ok
20:13:55.0700 5844 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:13:55.0731 5844 srv - ok
20:13:55.0746 5844 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:13:55.0762 5844 srv2 - ok
20:13:55.0778 5844 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:13:55.0793 5844 srvnet - ok
20:13:55.0824 5844 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:13:55.0856 5844 ssadbus - ok
20:13:55.0871 5844 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:13:55.0902 5844 ssadmdfl - ok
20:13:55.0918 5844 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:13:55.0934 5844 ssadmdm - ok
20:13:55.0949 5844 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:13:55.0980 5844 ssadserd - ok
20:13:55.0996 5844 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:13:56.0043 5844 SSDPSRV - ok
20:13:56.0058 5844 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:13:56.0058 5844 SstpSvc - ok
20:13:56.0090 5844 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:13:56.0090 5844 stexstor - ok
20:13:56.0121 5844 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:13:56.0136 5844 StiSvc - ok
20:13:56.0168 5844 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:13:56.0168 5844 storflt - ok
20:13:56.0183 5844 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:13:56.0183 5844 storvsc - ok
20:13:56.0199 5844 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:13:56.0214 5844 swenum - ok
20:13:56.0230 5844 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:13:56.0246 5844 swprv - ok
20:13:56.0261 5844 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:13:56.0261 5844 Synth3dVsc - ok
20:13:56.0292 5844 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:13:56.0324 5844 SysMain - ok
20:13:56.0339 5844 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:13:56.0355 5844 TabletInputService - ok
20:13:56.0355 5844 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:13:56.0370 5844 TapiSrv - ok
20:13:56.0386 5844 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:13:56.0402 5844 TBS - ok
20:13:56.0448 5844 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:13:56.0480 5844 Tcpip - ok
20:13:56.0511 5844 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:13:56.0526 5844 TCPIP6 - ok
20:13:56.0526 5844 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:13:56.0542 5844 tcpipreg - ok
20:13:56.0542 5844 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:13:56.0558 5844 TDPIPE - ok
20:13:56.0589 5844 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:13:56.0589 5844 TDTCP - ok
20:13:56.0604 5844 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:13:56.0636 5844 tdx - ok
20:13:56.0698 5844 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:13:56.0776 5844 TeamViewer7 - ok
20:13:56.0792 5844 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:13:56.0807 5844 TermDD - ok
20:13:56.0807 5844 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:13:56.0823 5844 terminpt - ok
20:13:56.0838 5844 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:13:56.0854 5844 TermService - ok
20:13:56.0870 5844 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:13:56.0885 5844 Themes - ok
20:13:56.0885 5844 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:13:56.0901 5844 THREADORDER - ok
20:13:56.0916 5844 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:13:56.0932 5844 TrkWks - ok
20:13:56.0979 5844 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:13:56.0994 5844 TrustedInstaller - ok
20:13:56.0994 5844 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:13:57.0010 5844 tssecsrv - ok
20:13:57.0010 5844 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:13:57.0026 5844 TsUsbFlt - ok
20:13:57.0026 5844 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:13:57.0041 5844 TsUsbGD - ok
20:13:57.0057 5844 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:13:57.0057 5844 tsusbhub - ok
20:13:57.0072 5844 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:13:57.0088 5844 tunnel - ok
20:13:57.0104 5844 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:13:57.0104 5844 uagp35 - ok
20:13:57.0119 5844 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:13:57.0135 5844 udfs - ok
20:13:57.0150 5844 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:13:57.0150 5844 UI0Detect - ok
20:13:57.0166 5844 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:13:57.0182 5844 uliagpkx - ok
20:13:57.0197 5844 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:13:57.0197 5844 umbus - ok
20:13:57.0213 5844 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:13:57.0213 5844 UmPass - ok
20:13:57.0244 5844 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:13:57.0244 5844 UmRdpService - ok
20:13:57.0400 5844 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:13:57.0447 5844 UNS - ok
20:13:57.0462 5844 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:13:57.0494 5844 upnphost - ok
20:13:57.0509 5844 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:13:57.0525 5844 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:13:57.0525 5844 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:13:57.0540 5844 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:13:57.0572 5844 usbccgp - ok
20:13:57.0587 5844 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:13:57.0603 5844 usbcir - ok
20:13:57.0634 5844 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:13:57.0650 5844 usbehci - ok
20:13:57.0665 5844 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:13:57.0681 5844 usbhub - ok
20:13:57.0681 5844 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:13:57.0696 5844 usbohci - ok
20:13:57.0712 5844 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:13:57.0728 5844 usbprint - ok
20:13:57.0743 5844 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:13:57.0759 5844 usbscan - ok
20:13:57.0790 5844 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:13:57.0806 5844 usbser - ok
20:13:57.0806 5844 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:13:57.0821 5844 USBSTOR - ok
20:13:57.0837 5844 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:13:57.0837 5844 usbuhci - ok
20:13:57.0852 5844 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:13:57.0868 5844 usbvideo - ok
20:13:57.0868 5844 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:13:57.0884 5844 UxSms - ok
20:13:57.0899 5844 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:13:57.0899 5844 VaultSvc - ok
20:13:57.0915 5844 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:13:57.0915 5844 vdrvroot - ok
20:13:57.0930 5844 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:13:57.0946 5844 vds - ok
20:13:57.0962 5844 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:13:57.0977 5844 vga - ok
20:13:57.0977 5844 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:13:57.0993 5844 VgaSave - ok
20:13:57.0993 5844 VGPU - ok
20:13:58.0008 5844 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:13:58.0024 5844 vhdmp - ok
20:13:58.0024 5844 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:13:58.0024 5844 viaagp - ok
20:13:58.0024 5844 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:13:58.0040 5844 ViaC7 - ok
20:13:58.0055 5844 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:13:58.0055 5844 viaide - ok
20:13:58.0086 5844 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:13:58.0086 5844 vmbus - ok
20:13:58.0102 5844 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:13:58.0118 5844 VMBusHID - ok
20:13:58.0133 5844 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:13:58.0133 5844 volmgr - ok
20:13:58.0149 5844 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:13:58.0164 5844 volmgrx - ok
20:13:58.0164 5844 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:13:58.0180 5844 volsnap - ok
20:13:58.0196 5844 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:13:58.0196 5844 vsmraid - ok
20:13:58.0227 5844 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:13:58.0258 5844 VSS - ok
20:13:58.0274 5844 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:13:58.0274 5844 vwifibus - ok
20:13:58.0274 5844 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:13:58.0289 5844 vwififlt - ok
20:13:58.0305 5844 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:13:58.0336 5844 W32Time - ok
20:13:58.0336 5844 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:13:58.0352 5844 WacomPen - ok
20:13:58.0367 5844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:13:58.0367 5844 WANARP - ok
20:13:58.0383 5844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:13:58.0398 5844 Wanarpv6 - ok
20:13:58.0445 5844 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:13:58.0492 5844 WatAdminSvc - ok
20:13:58.0508 5844 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:13:58.0539 5844 wbengine - ok
20:13:58.0554 5844 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:13:58.0570 5844 WbioSrvc - ok
20:13:58.0570 5844 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:13:58.0586 5844 wcncsvc - ok
20:13:58.0601 5844 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:13:58.0601 5844 WcsPlugInService - ok
20:13:58.0617 5844 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:13:58.0617 5844 Wd - ok
20:13:58.0664 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:13:58.0679 5844 Wdf01000 - ok
20:13:58.0695 5844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:13:58.0695 5844 WdiServiceHost - ok
20:13:58.0695 5844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:13:58.0711 5844 WdiSystemHost - ok
20:13:58.0726 5844 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:13:58.0726 5844 WebClient - ok
20:13:58.0742 5844 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:13:58.0757 5844 Wecsvc - ok
20:13:58.0757 5844 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:13:58.0773 5844 wercplsupport - ok
20:13:58.0789 5844 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:13:58.0804 5844 WerSvc - ok
20:13:58.0804 5844 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:13:58.0820 5844 WfpLwf - ok
20:13:58.0820 5844 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:13:58.0835 5844 WIMMount - ok
20:13:58.0835 5844 WinHttpAutoProxySvc - ok
20:13:58.0867 5844 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:13:58.0882 5844 Winmgmt - ok
20:13:58.0913 5844 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:13:58.0945 5844 WinRM - ok
20:13:58.0976 5844 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:13:58.0991 5844 WinUsb - ok
20:13:59.0007 5844 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:13:59.0023 5844 Wlansvc - ok
20:13:59.0038 5844 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:13:59.0038 5844 WmiAcpi - ok
20:13:59.0054 5844 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:13:59.0069 5844 wmiApSrv - ok
20:13:59.0116 5844 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:13:59.0147 5844 WMPNetworkSvc - ok
20:13:59.0147 5844 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:13:59.0147 5844 WPCSvc - ok
20:13:59.0163 5844 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:13:59.0163 5844 WPDBusEnum - ok
20:13:59.0163 5844 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:13:59.0179 5844 ws2ifsl - ok
20:13:59.0179 5844 WSearch - ok
20:13:59.0225 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:13:59.0272 5844 wuauserv - ok
20:13:59.0303 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:13:59.0319 5844 WudfPf - ok
20:13:59.0319 5844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:13:59.0335 5844 WUDFRd - ok
20:13:59.0335 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:13:59.0350 5844 wudfsvc - ok
20:13:59.0350 5844 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:13:59.0366 5844 WwanSvc - ok
20:13:59.0366 5844 ================ Scan global ===============================
20:13:59.0397 5844 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:13:59.0428 5844 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:13:59.0428 5844 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:13:59.0459 5844 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:13:59.0459 5844 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:13:59.0475 5844 [Global] - ok
20:13:59.0475 5844 ================ Scan MBR ==================================
20:13:59.0491 5844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:13:59.0818 5844 \Device\Harddisk0\DR0 - ok
20:13:59.0834 5844 ================ Scan VBR ==================================
20:13:59.0834 5844 [ 1187B0E5A237DB43F55AEADF2A246704 ] \Device\Harddisk0\DR0\Partition1
20:13:59.0834 5844 \Device\Harddisk0\DR0\Partition1 - ok
20:13:59.0834 5844 [ FB4378FB012F0A7B704505CA45F3341E ] \Device\Harddisk0\DR0\Partition2
20:13:59.0834 5844 \Device\Harddisk0\DR0\Partition2 - ok
20:13:59.0849 5844 [ CF4393CFA77508A24334B47F3346D809 ] \Device\Harddisk0\DR0\Partition3
20:13:59.0849 5844 \Device\Harddisk0\DR0\Partition3 - ok
20:13:59.0849 5844 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition4
20:13:59.0849 5844 \Device\Harddisk0\DR0\Partition4 - ok
20:13:59.0849 5844 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition5
20:13:59.0849 5844 \Device\Harddisk0\DR0\Partition5 - ok
20:13:59.0849 5844 ============================================================
20:13:59.0849 5844 Scan finished
20:13:59.0849 5844 ============================================================
20:13:59.0865 2872 Detected object count: 7
20:13:59.0865 2872 Actual detected object count: 7
20:16:54.0554 2872 aacf ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 aacf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 AppleHFS ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 AppleHFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 AppleMNT ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 AppleMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 KeyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 KeyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 MacHALDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 MacHALDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:16:54.0554 2872 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:54.0554 2872 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:17:51.0962 3928 ============================================================
20:17:51.0962 3928 Scan started
20:17:51.0962 3928 Mode: Manual; SigCheck; TDLFS;
20:17:51.0962 3928 ============================================================
20:17:52.0181 3928 ================ Scan system memory ========================
20:17:52.0181 3928 System memory - ok
20:17:52.0181 3928 ================ Scan services =============================
20:17:52.0290 3928 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:17:52.0305 3928 1394ohci - ok
20:17:52.0337 3928 [ 0EB7B2562620DAE45231C19ADDB749A6 ] A38CCID C:\Windows\system32\DRIVERS\a38ccid.sys
20:17:52.0352 3928 A38CCID - ok
20:17:52.0383 3928 [ E6D35F3AA51A65EB35C1F2340154A25E ] aacf C:\Windows\system32\drivers\iontrec.sys
20:17:52.0383 3928 aacf ( UnsignedFile.Multi.Generic ) - warning
20:17:52.0383 3928 aacf - detected UnsignedFile.Multi.Generic (1)
20:17:52.0399 3928 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:17:52.0415 3928 ACPI - ok
20:17:52.0430 3928 [ 79D6B28027C398B728CE7CD0570248B0 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
20:17:52.0446 3928 acpials - ok
20:17:52.0461 3928 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:17:52.0477 3928 AcpiPmi - ok
20:17:52.0524 3928 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:17:52.0524 3928 AdobeARMservice - ok
20:17:52.0555 3928 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:17:52.0571 3928 adp94xx - ok
20:17:52.0586 3928 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:17:52.0602 3928 adpahci - ok
20:17:52.0617 3928 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:17:52.0633 3928 adpu320 - ok
20:17:52.0649 3928 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:17:52.0680 3928 AeLookupSvc - ok
20:17:52.0727 3928 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:17:52.0742 3928 AFD - ok
20:17:52.0773 3928 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:17:52.0789 3928 agp440 - ok
20:17:52.0805 3928 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:17:52.0820 3928 aic78xx - ok
20:17:52.0820 3928 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:17:52.0836 3928 ALG - ok
20:17:52.0851 3928 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:17:52.0867 3928 aliide - ok
20:17:52.0883 3928 [ FB7FDA167F89694B8AF18A4636D0C19C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:17:52.0898 3928 AMD External Events Utility - ok
20:17:52.0914 3928 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:17:52.0929 3928 amdagp - ok
20:17:52.0945 3928 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:17:52.0961 3928 amdide - ok
20:17:52.0961 3928 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:17:52.0976 3928 AmdK8 - ok
20:17:53.0085 3928 [ 409D070998DE0C740372531174D22C91 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:17:53.0210 3928 amdkmdag - ok
20:17:53.0226 3928 [ 377CD7845A5C428112ADD976867A2819 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:17:53.0226 3928 amdkmdap - ok
20:17:53.0226 3928 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:17:53.0241 3928 AmdPPM - ok
20:17:53.0273 3928 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:17:53.0273 3928 amdsata - ok
20:17:53.0273 3928 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:17:53.0288 3928 amdsbs - ok
20:17:53.0304 3928 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:17:53.0304 3928 amdxata - ok
20:17:53.0335 3928 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:17:53.0351 3928 androidusb - ok
20:17:53.0366 3928 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:17:53.0397 3928 AppID - ok
20:17:53.0397 3928 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:17:53.0413 3928 AppIDSvc - ok
20:17:53.0413 3928 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:17:53.0429 3928 Appinfo - ok
20:17:53.0491 3928 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:17:53.0491 3928 Apple Mobile Device - ok
20:17:53.0507 3928 [ F81B2BAFAC16CD53E17E079EB2282D94 ] applebmt C:\Windows\system32\DRIVERS\applebmt.sys
20:17:53.0522 3928 applebmt - ok
20:17:53.0538 3928 [ 3B80A371525170C3CB6EA11614B30FE6 ] AppleBtBc C:\Windows\system32\DRIVERS\AppleBtBc.sys
20:17:53.0569 3928 AppleBtBc - ok
20:17:53.0585 3928 [ 2419E0CE7AE87F471CCE3E5768B285A4 ] AppleHFS C:\Windows\system32\drivers\AppleHFS.sys
20:17:53.0585 3928 AppleHFS ( UnsignedFile.Multi.Generic ) - warning
20:17:53.0585 3928 AppleHFS - detected UnsignedFile.Multi.Generic (1)
20:17:53.0600 3928 [ 9E7A162AE3AC1BF033BF20C379FBE3F4 ] AppleMNT C:\Windows\system32\drivers\AppleMNT.sys
20:17:53.0600 3928 AppleMNT ( UnsignedFile.Multi.Generic ) - warning
20:17:53.0600 3928 AppleMNT - detected UnsignedFile.Multi.Generic (1)
20:17:53.0616 3928 [ 90331505FF7F6C0D5CFA7C34BDA4E673 ] AppleOSSMgr C:\Windows\system32\AppleOSSMgr.exe
20:17:53.0616 3928 AppleOSSMgr - ok
20:17:53.0631 3928 [ 1F54B7E4283C8F76347805FD78B9128F ] AppleTimeSrv C:\Windows\system32\AppleTimeSrv.exe
20:17:53.0647 3928 AppleTimeSrv - ok
20:17:53.0678 3928 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:17:53.0694 3928 AppMgmt - ok
20:17:53.0709 3928 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:17:53.0725 3928 arc - ok
20:17:53.0741 3928 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:17:53.0741 3928 arcsas - ok
20:17:53.0897 3928 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:17:53.0897 3928 aspnet_state - ok
20:17:53.0912 3928 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:53.0943 3928 AsyncMac - ok
20:17:53.0943 3928 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:17:53.0959 3928 atapi - ok
20:17:53.0990 3928 [ F8CFE8471BD445F2B437281F2AF01780 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:17:54.0037 3928 athr - ok
20:17:54.0053 3928 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:17:54.0068 3928 AudioEndpointBuilder - ok
20:17:54.0068 3928 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:17:54.0099 3928 Audiosrv - ok
20:17:54.0099 3928 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:17:54.0115 3928 AxInstSV - ok
20:17:54.0131 3928 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:17:54.0131 3928 b06bdrv - ok
20:17:54.0146 3928 [ BF34695B9E74CD7D72CB945A6AF874B7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:17:54.0162 3928 b57nd60x - ok
20:17:54.0162 3928 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:17:54.0162 3928 BDESVC - ok
20:17:54.0177 3928 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:17:54.0193 3928 Beep - ok
20:17:54.0209 3928 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:17:54.0224 3928 BFE - ok
20:17:54.0255 3928 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:17:54.0271 3928 BITS - ok
20:17:54.0271 3928 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:17:54.0287 3928 blbdrive - ok
20:17:54.0318 3928 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:17:54.0333 3928 Bonjour Service - ok
20:17:54.0349 3928 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:17:54.0349 3928 bowser - ok
20:17:54.0365 3928 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:17:54.0365 3928 BrFiltLo - ok
20:17:54.0380 3928 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:17:54.0380 3928 BrFiltUp - ok
20:17:54.0411 3928 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:17:54.0427 3928 Browser - ok
20:17:54.0427 3928 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:17:54.0427 3928 Brserid - ok
20:17:54.0443 3928 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:17:54.0443 3928 BrSerWdm - ok
20:17:54.0443 3928 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:17:54.0458 3928 BrUsbMdm - ok
20:17:54.0458 3928 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:17:54.0458 3928 BrUsbSer - ok
20:17:54.0474 3928 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:17:54.0489 3928 BthEnum - ok
20:17:54.0489 3928 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:17:54.0489 3928 BTHMODEM - ok
20:17:54.0521 3928 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:17:54.0521 3928 BthPan - ok
20:17:54.0552 3928 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:17:54.0552 3928 BTHPORT - ok
20:17:54.0567 3928 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:17:54.0583 3928 bthserv - ok
20:17:54.0599 3928 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:17:54.0599 3928 BTHUSB - ok
20:17:54.0614 3928 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:17:54.0630 3928 cdfs - ok
20:17:54.0630 3928 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:17:54.0661 3928 cdrom - ok
20:17:54.0661 3928 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:17:54.0677 3928 CertPropSvc - ok
20:17:54.0692 3928 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:17:54.0708 3928 circlass - ok
20:17:54.0723 3928 [ 4A53428F7C383EFBCFAAFDCB434E2AF4 ] CirrusFilter C:\Windows\system32\DRIVERS\CS420x86.sys
20:17:54.0723 3928 CirrusFilter - ok
20:17:54.0739 3928 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:17:54.0739 3928 CLFS - ok
20:17:54.0786 3928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:17:54.0786 3928 clr_optimization_v2.0.50727_32 - ok
20:17:54.0801 3928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:17:54.0817 3928 clr_optimization_v4.0.30319_32 - ok
20:17:54.0817 3928 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:17:54.0833 3928 CmBatt - ok
20:17:54.0848 3928 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:17:54.0864 3928 cmdide - ok
20:17:54.0879 3928 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:17:54.0895 3928 CNG - ok
20:17:54.0911 3928 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:17:54.0926 3928 Compbatt - ok
20:17:54.0926 3928 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:17:54.0942 3928 CompositeBus - ok
20:17:54.0942 3928 COMSysApp - ok
20:17:54.0957 3928 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:17:54.0973 3928 crcdisk - ok
20:17:55.0004 3928 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:17:55.0020 3928 CryptSvc - ok
20:17:55.0051 3928 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:17:55.0067 3928 CSC - ok
20:17:55.0082 3928 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:17:55.0098 3928 CscService - ok
20:17:55.0129 3928 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:17:55.0145 3928 DcomLaunch - ok
20:17:55.0160 3928 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:17:55.0176 3928 defragsvc - ok
20:17:55.0191 3928 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:17:55.0207 3928 DfsC - ok
20:17:55.0223 3928 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:17:55.0238 3928 Dhcp - ok
20:17:55.0254 3928 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:17:55.0269 3928 discache - ok
20:17:55.0269 3928 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:17:55.0269 3928 Disk - ok
20:17:55.0301 3928 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:17:55.0301 3928 dmvsc - ok
20:17:55.0332 3928 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:17:55.0347 3928 Dnscache - ok
20:17:55.0347 3928 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:17:55.0379 3928 dot3svc - ok
20:17:55.0379 3928 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:17:55.0394 3928 DPS - ok
20:17:55.0410 3928 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:17:55.0425 3928 drmkaud - ok
20:17:55.0441 3928 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:17:55.0441 3928 DXGKrnl - ok
20:17:55.0472 3928 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:17:55.0488 3928 EapHost - ok
20:17:55.0535 3928 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:17:55.0566 3928 ebdrv - ok
20:17:55.0581 3928 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:17:55.0581 3928 EFS - ok
20:17:55.0644 3928 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:17:55.0659 3928 ehRecvr - ok
20:17:55.0675 3928 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:17:55.0675 3928 ehSched - ok
20:17:55.0691 3928 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:17:55.0706 3928 elxstor - ok
20:17:55.0722 3928 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:17:55.0737 3928 ErrDev - ok
20:17:55.0753 3928 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:17:55.0769 3928 EventSystem - ok
20:17:55.0769 3928 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:17:55.0784 3928 exfat - ok
20:17:55.0784 3928 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:17:55.0800 3928 fastfat - ok
20:17:55.0831 3928 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:17:55.0847 3928 Fax - ok
20:17:55.0847 3928 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:17:55.0847 3928 fdc - ok
20:17:55.0878 3928 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:17:55.0893 3928 fdPHost - ok
20:17:55.0893 3928 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:17:55.0909 3928 FDResPub - ok
20:17:55.0925 3928 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:17:55.0925 3928 FileInfo - ok
20:17:55.0940 3928 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:17:55.0956 3928 Filetrace - ok
20:17:55.0971 3928 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:17:55.0971 3928 flpydisk - ok
20:17:55.0987 3928 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:17:56.0003 3928 FltMgr - ok
20:17:56.0049 3928 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:17:56.0065 3928 FontCache - ok
20:17:56.0096 3928 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:17:56.0112 3928 FontCache3.0.0.0 - ok
20:17:56.0112 3928 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:17:56.0127 3928 FsDepends - ok
20:17:56.0159 3928 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:17:56.0174 3928 Fs_Rec - ok
20:17:56.0174 3928 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:17:56.0190 3928 fvevol - ok
20:17:56.0205 3928 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:17:56.0205 3928 gagp30kx - ok
20:17:56.0221 3928 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:17:56.0237 3928 GEARAspiWDM - ok
20:17:56.0252 3928 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:17:56.0283 3928 gpsvc - ok
20:17:56.0299 3928 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:17:56.0315 3928 hcw85cir - ok
20:17:56.0330 3928 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:17:56.0346 3928 HdAudAddService - ok
20:17:56.0361 3928 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:17:56.0377 3928 HDAudBus - ok
20:17:56.0377 3928 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:17:56.0393 3928 HidBatt - ok
20:17:56.0408 3928 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:17:56.0424 3928 HidBth - ok
20:17:56.0424 3928 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:17:56.0439 3928 HidIr - ok
20:17:56.0439 3928 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:17:56.0455 3928 hidserv - ok
20:17:56.0471 3928 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:17:56.0471 3928 HidUsb - ok
20:17:56.0486 3928 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:17:56.0502 3928 hkmsvc - ok
20:17:56.0517 3928 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:17:56.0533 3928 HomeGroupListener - ok
20:17:56.0549 3928 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:17:56.0564 3928 HomeGroupProvider - ok
20:17:56.0564 3928 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:17:56.0580 3928 HpSAMD - ok
20:17:56.0767 3928 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:17:56.0798 3928 HTTP - ok
20:17:56.0814 3928 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:17:56.0814 3928 hwpolicy - ok
20:17:56.0829 3928 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:17:56.0829 3928 i8042prt - ok
20:17:56.0861 3928 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:17:56.0876 3928 iaStorV - ok
20:17:57.0001 3928 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:17:57.0017 3928 idsvc - ok
20:17:57.0032 3928 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:17:57.0032 3928 iirsp - ok
20:17:57.0095 3928 [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:17:57.0110 3928 IJPLMSVC - ok
20:17:57.0141 3928 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:17:57.0173 3928 IKEEXT - ok
20:17:57.0188 3928 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:17:57.0188 3928 intelide - ok
20:17:57.0204 3928 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:17:57.0204 3928 intelppm - ok
20:17:57.0204 3928 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:17:57.0219 3928 IPBusEnum - ok
20:17:57.0219 3928 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:17:57.0235 3928 IpFilterDriver - ok
20:17:57.0251 3928 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:17:57.0266 3928 IPMIDRV - ok
20:17:57.0266 3928 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:17:57.0282 3928 IPNAT - ok
20:17:57.0313 3928 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:17:57.0329 3928 iPod Service - ok
20:17:57.0329 3928 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:17:57.0329 3928 IRENUM - ok
20:17:57.0344 3928 [ DD4C1A21ABD0C41184D3F529421E4650 ] IRRemoteFlt C:\Windows\system32\DRIVERS\IRFilter.sys
20:17:57.0360 3928 IRRemoteFlt - ok
20:17:57.0360 3928 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:17:57.0375 3928 isapnp - ok
20:17:57.0391 3928 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:17:57.0391 3928 iScsiPrt - ok
20:17:57.0407 3928 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:17:57.0407 3928 kbdclass - ok
20:17:57.0422 3928 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:17:57.0422 3928 kbdhid - ok
20:17:57.0453 3928 [ F98ECF8A1135B9C56A6D51EC08D4651A ] KeyAgent C:\Windows\system32\drivers\KeyAgent.sys
20:17:57.0453 3928 KeyAgent ( UnsignedFile.Multi.Generic ) - warning
20:17:57.0453 3928 KeyAgent - detected UnsignedFile.Multi.Generic (1)
20:17:57.0469 3928 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:17:57.0469 3928 KeyIso - ok
20:17:57.0500 3928 [ 298D7B6B8B7985C272A7E7158119A416 ] KeyMagic C:\Windows\system32\DRIVERS\KeyMagic.sys
20:17:57.0500 3928 KeyMagic - ok
20:17:57.0531 3928 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:17:57.0547 3928 KSecDD - ok
20:17:57.0547 3928 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:17:57.0563 3928 KSecPkg - ok
20:17:57.0594 3928 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:17:57.0625 3928 KtmRm - ok
20:17:57.0641 3928 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:17:57.0656 3928 LanmanServer - ok
20:17:57.0687 3928 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:17:57.0703 3928 LanmanWorkstation - ok
20:17:57.0719 3928 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:17:57.0719 3928 lltdio - ok
20:17:57.0734 3928 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:17:57.0750 3928 lltdsvc - ok
20:17:57.0765 3928 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:17:57.0781 3928 lmhosts - ok
20:17:57.0812 3928 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:17:57.0812 3928 LMS - ok
20:17:57.0828 3928 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:17:57.0843 3928 LSI_FC - ok
20:17:57.0843 3928 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:17:57.0843 3928 LSI_SAS - ok
20:17:57.0843 3928 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:17:57.0859 3928 LSI_SAS2 - ok
20:17:57.0859 3928 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:17:57.0859 3928 LSI_SCSI - ok
20:17:57.0875 3928 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:17:57.0890 3928 luafv - ok
20:17:57.0953 3928 [ 6311F8863D898CE60C048779F9D86E74 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
20:17:57.0968 3928 lxecCATSCustConnectService - ok
20:17:57.0968 3928 lxec_device - ok
20:17:57.0984 3928 [ 6AAC2E751258B28982D77A56EBC97479 ] MacHALDriver C:\Windows\system32\drivers\MacHALDriver.sys
20:17:57.0999 3928 MacHALDriver ( UnsignedFile.Multi.Generic ) - warning
20:17:57.0999 3928 MacHALDriver - detected UnsignedFile.Multi.Generic (1)
20:17:58.0015 3928 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:17:58.0031 3928 MBAMProtector - ok
20:17:58.0062 3928 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:17:58.0077 3928 MBAMScheduler - ok
20:17:58.0109 3928 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:17:58.0124 3928 MBAMService - ok
20:17:58.0155 3928 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:17:58.0171 3928 Mcx2Svc - ok
20:17:58.0187 3928 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:17:58.0202 3928 megasas - ok
20:17:58.0202 3928 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:17:58.0218 3928 MegaSR - ok
20:17:58.0233 3928 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
20:17:58.0233 3928 MEI - ok
20:17:58.0249 3928 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:17:58.0265 3928 MMCSS - ok
20:17:58.0280 3928 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:17:58.0296 3928 Modem - ok
20:17:58.0311 3928 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:17:58.0311 3928 monitor - ok
20:17:58.0327 3928 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:17:58.0327 3928 mouclass - ok
20:17:58.0343 3928 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:17:58.0358 3928 mouhid - ok
20:17:58.0374 3928 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:17:58.0374 3928 mountmgr - ok
20:17:58.0374 3928 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:17:58.0389 3928 mpio - ok
20:17:58.0436 3928 MpKslba5a688c - ok
20:17:58.0436 3928 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:17:58.0467 3928 mpsdrv - ok
20:17:58.0483 3928 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:17:58.0514 3928 MpsSvc - ok
20:17:58.0530 3928 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:17:58.0530 3928 MRxDAV - ok
20:17:58.0561 3928 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:17:58.0577 3928 mrxsmb - ok
20:17:58.0592 3928 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:17:58.0608 3928 mrxsmb10 - ok
20:17:58.0623 3928 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:17:58.0623 3928 mrxsmb20 - ok
20:17:58.0639 3928 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:17:58.0655 3928 msahci - ok
20:17:58.0655 3928 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:17:58.0670 3928 msdsm - ok
20:17:58.0686 3928 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:17:58.0686 3928 MSDTC - ok
20:17:58.0701 3928 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:17:58.0717 3928 Msfs - ok
20:17:58.0733 3928 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:17:58.0748 3928 mshidkmdf - ok
20:17:58.0748 3928 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:17:58.0764 3928 msisadrv - ok
20:17:58.0779 3928 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:17:58.0795 3928 MSiSCSI - ok
20:17:58.0795 3928 msiserver - ok
20:17:58.0795 3928 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:17:58.0811 3928 MSKSSRV - ok
20:17:58.0826 3928 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:17:58.0842 3928 MSPCLOCK - ok
20:17:58.0857 3928 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:17:58.0873 3928 MSPQM - ok
20:17:58.0889 3928 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:17:58.0889 3928 MsRPC - ok
20:17:58.0889 3928 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:17:58.0904 3928 mssmbios - ok
20:17:58.0967 3928 MSSQL$SQLEXPRESS - ok
20:17:58.0998 3928 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:17:59.0013 3928 MSSQLServerADHelper - ok
20:17:59.0013 3928 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:17:59.0045 3928 MSTEE - ok
20:17:59.0060 3928 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:17:59.0060 3928 MTConfig - ok
20:17:59.0076 3928 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:17:59.0091 3928 Mup - ok
20:17:59.0107 3928 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:17:59.0138 3928 napagent - ok
20:17:59.0154 3928 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:17:59.0169 3928 NativeWifiP - ok
20:17:59.0201 3928 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:17:59.0232 3928 NDIS - ok
20:17:59.0247 3928 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:17:59.0263 3928 NdisCap - ok
20:17:59.0279 3928 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:17:59.0279 3928 NdisTapi - ok
20:17:59.0294 3928 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:17:59.0310 3928 Ndisuio - ok
20:17:59.0310 3928 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:17:59.0325 3928 NdisWan - ok
20:17:59.0341 3928 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:17:59.0341 3928 NDProxy - ok
20:17:59.0357 3928 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:17:59.0372 3928 NetBIOS - ok
20:17:59.0372 3928 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:17:59.0388 3928 NetBT - ok
20:17:59.0403 3928 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:17:59.0403 3928 Netlogon - ok
20:17:59.0435 3928 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:17:59.0450 3928 Netman - ok
20:17:59.0481 3928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:17:59.0481 3928 NetMsmqActivator - ok
20:17:59.0497 3928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:17:59.0497 3928 NetPipeActivator - ok
20:17:59.0528 3928 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:17:59.0544 3928 netprofm - ok
20:17:59.0544 3928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:17:59.0544 3928 NetTcpActivator - ok
20:17:59.0559 3928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:17:59.0559 3928 NetTcpPortSharing - ok
20:17:59.0575 3928 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:17:59.0575 3928 nfrd960 - ok
20:17:59.0606 3928 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:17:59.0622 3928 NlaSvc - ok
20:17:59.0622 3928 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:17:59.0637 3928 Npfs - ok
20:17:59.0653 3928 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:17:59.0669 3928 nsi - ok
20:17:59.0684 3928 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:17:59.0700 3928 nsiproxy - ok
20:17:59.0747 3928 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:17:59.0778 3928 Ntfs - ok
20:17:59.0778 3928 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:17:59.0793 3928 Null - ok
20:17:59.0809 3928 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:17:59.0809 3928 nvraid - ok
20:17:59.0840 3928 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:17:59.0856 3928 nvstor - ok
20:17:59.0871 3928 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:17:59.0871 3928 nv_agp - ok
20:17:59.0871 3928 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:17:59.0887 3928 ohci1394 - ok
20:17:59.0934 3928 OracleJobSchedulerACS - ok
20:17:59.0934 3928 OracleMTSRecoveryService - ok
20:17:59.0934 3928 OracleOraDb11g_home1ClrAgent - ok
20:17:59.0949 3928 OracleOraDb11g_home1TNSListener - ok
20:17:59.0949 3928 OracleServiceACS - ok
20:17:59.0949 3928 OracleVssWriterACS - ok
20:18:00.0043 3928 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:18:00.0059 3928 ose - ok
20:18:00.0168 3928 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:18:00.0215 3928 osppsvc - ok
20:18:00.0230 3928 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:18:00.0230 3928 p2pimsvc - ok
20:18:00.0246 3928 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:18:00.0261 3928 p2psvc - ok
20:18:00.0261 3928 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:18:00.0277 3928 Parport - ok
20:18:00.0293 3928 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:18:00.0293 3928 partmgr - ok
20:18:00.0293 3928 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:18:00.0308 3928 Parvdm - ok
20:18:00.0308 3928 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:18:00.0324 3928 PcaSvc - ok
20:18:00.0324 3928 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:18:00.0339 3928 pci - ok
20:18:00.0339 3928 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:18:00.0355 3928 pciide - ok
20:18:00.0371 3928 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:18:00.0371 3928 pcmcia - ok
20:18:00.0386 3928 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:18:00.0386 3928 pcw - ok
20:18:00.0402 3928 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:18:00.0417 3928 PEAUTH - ok
20:18:00.0449 3928 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:18:00.0464 3928 PeerDistSvc - ok
20:18:00.0495 3928 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:18:00.0511 3928 pla - ok
20:18:00.0542 3928 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:18:00.0558 3928 PlugPlay - ok
20:18:00.0573 3928 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:18:00.0589 3928 PNRPAutoReg - ok
20:18:00.0605 3928 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:18:00.0620 3928 PNRPsvc - ok
20:18:00.0636 3928 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:18:00.0651 3928 PolicyAgent - ok
20:18:00.0667 3928 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:18:00.0683 3928 Power - ok
20:18:00.0683 3928 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:18:00.0698 3928 PptpMiniport - ok
20:18:00.0714 3928 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:18:00.0714 3928 Processor - ok
20:18:00.0745 3928 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:18:00.0761 3928 ProfSvc - ok
20:18:00.0761 3928 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:18:00.0761 3928 ProtectedStorage - ok
20:18:00.0776 3928 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:18:00.0792 3928 Psched - ok
20:18:00.0823 3928 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:18:00.0839 3928 ql2300 - ok
20:18:00.0854 3928 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:18:00.0854 3928 ql40xx - ok
20:18:00.0870 3928 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:18:00.0885 3928 QWAVE - ok
20:18:00.0901 3928 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:18:00.0901 3928 QWAVEdrv - ok
20:18:00.0917 3928 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:18:00.0932 3928 RasAcd - ok
20:18:00.0948 3928 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:18:00.0963 3928 RasAgileVpn - ok
20:18:00.0963 3928 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:18:00.0979 3928 RasAuto - ok
20:18:00.0995 3928 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:18:01.0010 3928 Rasl2tp - ok
20:18:01.0026 3928 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:18:01.0041 3928 RasMan - ok
20:18:01.0041 3928 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:18:01.0057 3928 RasPppoe - ok
20:18:01.0057 3928 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:18:01.0073 3928 RasSstp - ok
20:18:01.0088 3928 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:18:01.0104 3928 rdbss - ok
20:18:01.0119 3928 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:18:01.0119 3928 rdpbus - ok
20:18:01.0119 3928 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:18:01.0135 3928 RDPCDD - ok
20:18:01.0166 3928 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:18:01.0166 3928 RDPDR - ok
20:18:01.0182 3928 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:18:01.0197 3928 RDPENCDD - ok
20:18:01.0197 3928 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:18:01.0213 3928 RDPREFMP - ok
20:18:01.0244 3928 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:18:01.0260 3928 RdpVideoMiniport - ok
20:18:01.0291 3928 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:18:01.0307 3928 RDPWD - ok
20:18:01.0322 3928 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:18:01.0338 3928 rdyboost - ok
20:18:01.0353 3928 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:18:01.0385 3928 RemoteAccess - ok
20:18:01.0400 3928 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:18:01.0416 3928 RemoteRegistry - ok
20:18:01.0447 3928 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:18:01.0463 3928 RFCOMM - ok
20:18:01.0478 3928 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:18:01.0509 3928 RpcEptMapper - ok
20:18:01.0509 3928 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:18:01.0525 3928 RpcLocator - ok
20:18:01.0541 3928 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:18:01.0556 3928 RpcSs - ok
20:18:01.0556 3928 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:18:01.0572 3928 rspndr - ok
20:18:01.0603 3928 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:18:01.0603 3928 s3cap - ok
20:18:01.0619 3928 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:18:01.0634 3928 SamSs - ok
20:18:01.0665 3928 [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
20:18:01.0665 3928 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - warning
20:18:01.0665 3928 Samsung UPD Service2 - detected UnsignedFile.Multi.Generic (1)
20:18:01.0681 3928 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:18:01.0697 3928 sbp2port - ok
20:18:01.0712 3928 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:18:01.0743 3928 SCardSvr - ok
20:18:01.0759 3928 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:18:01.0790 3928 scfilter - ok
20:18:01.0806 3928 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:18:01.0821 3928 Schedule - ok
20:18:01.0837 3928 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:18:01.0853 3928 SCPolicySvc - ok
20:18:01.0853 3928 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:18:01.0868 3928 SDRSVC - ok
20:18:01.0868 3928 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:18:01.0884 3928 secdrv - ok
20:18:01.0899 3928 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:18:01.0915 3928 seclogon - ok
20:18:01.0915 3928 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:18:01.0931 3928 SENS - ok
20:18:01.0946 3928 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:18:01.0962 3928 SensrSvc - ok
20:18:01.0977 3928 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:18:01.0977 3928 Serenum - ok
20:18:01.0993 3928 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:18:01.0993 3928 Serial - ok
20:18:02.0009 3928 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:18:02.0009 3928 sermouse - ok
20:18:02.0024 3928 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:18:02.0040 3928 SessionEnv - ok
20:18:02.0055 3928 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:18:02.0055 3928 sffdisk - ok
20:18:02.0071 3928 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:18:02.0071 3928 sffp_mmc - ok
20:18:02.0087 3928 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:18:02.0087 3928 sffp_sd - ok
20:18:02.0087 3928 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:18:02.0102 3928 sfloppy - ok
20:18:02.0118 3928 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:18:02.0133 3928 ShellHWDetection - ok
20:18:02.0133 3928 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:18:02.0133 3928 sisagp - ok
20:18:02.0133 3928 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:18:02.0149 3928 SiSRaid2 - ok
20:18:02.0165 3928 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:18:02.0165 3928 SiSRaid4 - ok
20:18:02.0258 3928 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:18:02.0289 3928 Skype C2C Service - ok
20:18:02.0336 3928 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:18:02.0352 3928 SkypeUpdate - ok
20:18:02.0367 3928 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:18:02.0399 3928 Smb - ok
20:18:02.0399 3928 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:18:02.0414 3928 SNMPTRAP - ok
20:18:02.0414 3928 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:18:02.0414 3928 spldr - ok
20:18:02.0461 3928 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:18:02.0461 3928 Spooler - ok
20:18:02.0523 3928 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:18:02.0555 3928 sppsvc - ok
20:18:02.0570 3928 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:18:02.0586 3928 sppuinotify - ok
20:18:02.0617 3928 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:18:02.0633 3928 SQLBrowser - ok
20:18:02.0664 3928 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:18:02.0679 3928 SQLWriter - ok
20:18:02.0726 3928 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:18:02.0742 3928 srv - ok
20:18:02.0742 3928 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:18:02.0757 3928 srv2 - ok
20:18:02.0757 3928 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:18:02.0773 3928 srvnet - ok
20:18:02.0789 3928 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:18:02.0804 3928 ssadbus - ok
20:18:02.0835 3928 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:18:02.0851 3928 ssadmdfl - ok
20:18:02.0867 3928 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:18:02.0882 3928 ssadmdm - ok
20:18:02.0898 3928 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:18:02.0913 3928 ssadserd - ok
20:18:02.0929 3928 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:18:02.0960 3928 SSDPSRV - ok
20:18:02.0976 3928 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:18:02.0991 3928 SstpSvc - ok
20:18:03.0023 3928 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:18:03.0023 3928 stexstor - ok
20:18:03.0132 3928 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:18:03.0147 3928 StiSvc - ok
20:18:03.0163 3928 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:18:03.0179 3928 storflt - ok
20:18:03.0194 3928 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:18:03.0210 3928 storvsc - ok
20:18:03.0225 3928 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:18:03.0225 3928 swenum - ok
20:18:03.0241 3928 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:18:03.0257 3928 swprv - ok
20:18:03.0288 3928 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:18:03.0288 3928 Synth3dVsc - ok
20:18:03.0319 3928 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:18:03.0335 3928 SysMain - ok
20:18:03.0335 3928 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:18:03.0350 3928 TabletInputService - ok
20:18:03.0366 3928 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:18:03.0381 3928 TapiSrv - ok
20:18:03.0381 3928 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:18:03.0397 3928 TBS - ok
20:18:03.0444 3928 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:18:03.0475 3928 Tcpip - ok
20:18:03.0522 3928 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:18:03.0553 3928 TCPIP6 - ok
20:18:03.0569 3928 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:18:03.0584 3928 tcpipreg - ok
20:18:03.0600 3928 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:18:03.0615 3928 TDPIPE - ok
20:18:03.0631 3928 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:18:03.0647 3928 TDTCP - ok
20:18:03.0647 3928 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:18:03.0662 3928 tdx - ok
20:18:03.0740 3928 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:18:03.0803 3928 TeamViewer7 - ok
20:18:03.0818 3928 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:18:03.0818 3928 TermDD - ok
20:18:03.0834 3928 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:18:03.0834 3928 terminpt - ok
20:18:03.0849 3928 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:18:03.0881 3928 TermService - ok
20:18:03.0896 3928 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:18:03.0896 3928 Themes - ok
20:18:03.0912 3928 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:18:03.0927 3928 THREADORDER - ok
20:18:03.0943 3928 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:18:03.0959 3928 TrkWks - ok
20:18:03.0990 3928 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:18:04.0005 3928 TrustedInstaller - ok
20:18:04.0005 3928 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:18:04.0021 3928 tssecsrv - ok
20:18:04.0037 3928 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:18:04.0037 3928 TsUsbFlt - ok
20:18:04.0052 3928 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:18:04.0052 3928 TsUsbGD - ok
20:18:04.0068 3928 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:18:04.0068 3928 tsusbhub - ok
20:18:04.0083 3928 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:18:04.0099 3928 tunnel - ok
20:18:04.0115 3928 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:18:04.0115 3928 uagp35 - ok
20:18:04.0130 3928 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:18:04.0146 3928 udfs - ok
20:18:04.0161 3928 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:18:04.0161 3928 UI0Detect - ok
20:18:04.0177 3928 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:18:04.0177 3928 uliagpkx - ok
20:18:04.0193 3928 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:18:04.0208 3928 umbus - ok
20:18:04.0224 3928 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:18:04.0224 3928 UmPass - ok
20:18:04.0255 3928 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:18:04.0255 3928 UmRdpService - ok
20:18:04.0333 3928 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:18:04.0364 3928 UNS - ok
20:18:04.0395 3928 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:18:04.0411 3928 upnphost - ok
20:18:04.0442 3928 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:18:04.0442 3928 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:18:04.0442 3928 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:18:04.0473 3928 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:18:04.0489 3928 usbccgp - ok
20:18:04.0489 3928 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:18:04.0505 3928 usbcir - ok
20:18:04.0536 3928 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:18:04.0536 3928 usbehci - ok
20:18:04.0551 3928 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:18:04.0567 3928 usbhub - ok
20:18:04.0583 3928 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:18:04.0583 3928 usbohci - ok
20:18:04.0598 3928 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:18:04.0614 3928 usbprint - ok
20:18:04.0629 3928 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:18:04.0629 3928 usbscan - ok
20:18:04.0661 3928 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:18:04.0661 3928 usbser - ok
20:18:04.0676 3928 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:18:04.0676 3928 USBSTOR - ok
20:18:04.0692 3928 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:18:04.0692 3928 usbuhci - ok
20:18:04.0723 3928 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:18:04.0723 3928 usbvideo - ok
20:18:04.0739 3928 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll

markusg · 11.01.2013, 21:01

Hi,
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Alexander12 · 11.01.2013, 21:02

20:18:04.0770 3928 UxSms - ok
20:18:04.0785 3928 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:18:04.0801 3928 VaultSvc - ok
20:18:04.0817 3928 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:18:04.0817 3928 vdrvroot - ok
20:18:04.0848 3928 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:18:04.0879 3928 vds - ok
20:18:04.0895 3928 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:18:04.0910 3928 vga - ok
20:18:04.0926 3928 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:18:04.0957 3928 VgaSave - ok
20:18:04.0957 3928 VGPU - ok
20:18:04.0957 3928 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:18:04.0973 3928 vhdmp - ok
20:18:04.0973 3928 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:18:04.0973 3928 viaagp - ok
20:18:04.0988 3928 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:18:04.0988 3928 ViaC7 - ok
20:18:05.0004 3928 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:18:05.0004 3928 viaide - ok
20:18:05.0035 3928 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:18:05.0051 3928 vmbus - ok
20:18:05.0082 3928 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:18:05.0082 3928 VMBusHID - ok
20:18:05.0097 3928 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:18:05.0113 3928 volmgr - ok
20:18:05.0129 3928 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:18:05.0144 3928 volmgrx - ok
20:18:05.0160 3928 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:18:05.0160 3928 volsnap - ok
20:18:05.0175 3928 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:18:05.0191 3928 vsmraid - ok
20:18:05.0222 3928 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:18:05.0238 3928 VSS - ok
20:18:05.0253 3928 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:18:05.0253 3928 vwifibus - ok
20:18:05.0269 3928 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:18:05.0269 3928 vwififlt - ok
20:18:05.0285 3928 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:18:05.0300 3928 W32Time - ok
20:18:05.0316 3928 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:18:05.0316 3928 WacomPen - ok
20:18:05.0331 3928 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:18:05.0347 3928 WANARP - ok
20:18:05.0347 3928 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:18:05.0363 3928 Wanarpv6 - ok
20:18:05.0409 3928 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:18:05.0425 3928 WatAdminSvc - ok
20:18:05.0456 3928 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:18:05.0472 3928 wbengine - ok
20:18:05.0487 3928 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:18:05.0487 3928 WbioSrvc - ok
20:18:05.0503 3928 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:18:05.0519 3928 wcncsvc - ok
20:18:05.0519 3928 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:18:05.0534 3928 WcsPlugInService - ok
20:18:05.0534 3928 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:18:05.0550 3928 Wd - ok
20:18:05.0597 3928 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:18:05.0597 3928 Wdf01000 - ok
20:18:05.0612 3928 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:18:05.0628 3928 WdiServiceHost - ok
20:18:05.0628 3928 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:18:05.0628 3928 WdiSystemHost - ok
20:18:05.0643 3928 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:18:05.0659 3928 WebClient - ok
20:18:05.0675 3928 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:18:05.0690 3928 Wecsvc - ok
20:18:05.0690 3928 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:18:05.0706 3928 wercplsupport - ok
20:18:05.0706 3928 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:18:05.0721 3928 WerSvc - ok
20:18:05.0721 3928 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:18:05.0737 3928 WfpLwf - ok
20:18:05.0753 3928 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:18:05.0753 3928 WIMMount - ok
20:18:05.0753 3928 WinHttpAutoProxySvc - ok
20:18:05.0784 3928 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:18:05.0815 3928 Winmgmt - ok
20:18:05.0846 3928 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:18:05.0862 3928 WinRM - ok
20:18:05.0893 3928 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:18:05.0909 3928 WinUsb - ok
20:18:05.0940 3928 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:18:05.0971 3928 Wlansvc - ok
20:18:05.0987 3928 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:18:05.0987 3928 WmiAcpi - ok
20:18:06.0002 3928 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:18:06.0018 3928 wmiApSrv - ok
20:18:06.0065 3928 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:18:06.0080 3928 WMPNetworkSvc - ok
20:18:06.0080 3928 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:18:06.0096 3928 WPCSvc - ok
20:18:06.0174 3928 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:18:06.0189 3928 WPDBusEnum - ok
20:18:06.0189 3928 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:18:06.0221 3928 ws2ifsl - ok
20:18:06.0221 3928 WSearch - ok
20:18:06.0283 3928 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:18:06.0314 3928 wuauserv - ok
20:18:06.0345 3928 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:18:06.0361 3928 WudfPf - ok
20:18:06.0361 3928 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:18:06.0377 3928 WUDFRd - ok
20:18:06.0392 3928 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:18:06.0408 3928 wudfsvc - ok
20:18:06.0408 3928 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:18:06.0423 3928 WwanSvc - ok
20:18:06.0423 3928 ================ Scan global ===============================
20:18:06.0455 3928 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:18:06.0486 3928 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:18:06.0486 3928 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:18:06.0517 3928 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:18:06.0533 3928 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:18:06.0533 3928 [Global] - ok
20:18:06.0533 3928 ================ Scan MBR ==================================
20:18:06.0548 3928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:18:06.0860 3928 \Device\Harddisk0\DR0 - ok
20:18:06.0860 3928 ================ Scan VBR ==================================
20:18:06.0876 3928 [ 1187B0E5A237DB43F55AEADF2A246704 ] \Device\Harddisk0\DR0\Partition1
20:18:06.0876 3928 \Device\Harddisk0\DR0\Partition1 - ok
20:18:06.0876 3928 [ FB4378FB012F0A7B704505CA45F3341E ] \Device\Harddisk0\DR0\Partition2
20:18:06.0876 3928 \Device\Harddisk0\DR0\Partition2 - ok
20:18:06.0891 3928 [ CF4393CFA77508A24334B47F3346D809 ] \Device\Harddisk0\DR0\Partition3
20:18:06.0891 3928 \Device\Harddisk0\DR0\Partition3 - ok
20:18:06.0891 3928 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition4
20:18:06.0891 3928 \Device\Harddisk0\DR0\Partition4 - ok
20:18:06.0891 3928 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition5
20:18:06.0891 3928 \Device\Harddisk0\DR0\Partition5 - ok
20:18:06.0891 3928 ============================================================
20:18:06.0891 3928 Scan finished
20:18:06.0891 3928 ============================================================
20:18:06.0907 5124 Detected object count: 7
20:18:06.0907 5124 Actual detected object count: 7
20:18:12.0663 5124 aacf ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 aacf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 AppleHFS ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 AppleHFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 AppleMNT ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 AppleMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 KeyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 KeyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 MacHALDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 MacHALDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:12.0663 5124 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:12.0663 5124 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:42.0955 5292 ============================================================
20:31:42.0955 5292 Scan started
20:31:42.0955 5292 Mode: Manual; SigCheck; TDLFS;
20:31:42.0955 5292 ============================================================
20:31:43.0595 5292 ================ Scan system memory ========================
20:31:43.0595 5292 System memory - ok
20:31:43.0595 5292 ================ Scan services =============================
20:31:43.0704 5292 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:31:43.0735 5292 1394ohci - ok
20:31:43.0751 5292 [ 0EB7B2562620DAE45231C19ADDB749A6 ] A38CCID C:\Windows\system32\DRIVERS\a38ccid.sys
20:31:43.0782 5292 A38CCID - ok
20:31:43.0798 5292 [ E6D35F3AA51A65EB35C1F2340154A25E ] aacf C:\Windows\system32\drivers\iontrec.sys
20:31:43.0798 5292 aacf ( UnsignedFile.Multi.Generic ) - warning
20:31:43.0798 5292 aacf - detected UnsignedFile.Multi.Generic (1)
20:31:43.0813 5292 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:31:43.0829 5292 ACPI - ok
20:31:43.0844 5292 [ 79D6B28027C398B728CE7CD0570248B0 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
20:31:43.0876 5292 acpials - ok
20:31:43.0891 5292 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:31:43.0907 5292 AcpiPmi - ok
20:31:43.0969 5292 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:31:43.0969 5292 AdobeARMservice - ok
20:31:44.0000 5292 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:31:44.0016 5292 adp94xx - ok
20:31:44.0032 5292 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:31:44.0047 5292 adpahci - ok
20:31:44.0063 5292 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:31:44.0063 5292 adpu320 - ok
20:31:44.0094 5292 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:31:44.0110 5292 AeLookupSvc - ok
20:31:44.0141 5292 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:31:44.0156 5292 AFD - ok
20:31:44.0172 5292 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:31:44.0188 5292 agp440 - ok
20:31:44.0203 5292 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:31:44.0219 5292 aic78xx - ok
20:31:44.0234 5292 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:31:44.0234 5292 ALG - ok
20:31:44.0250 5292 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:31:44.0250 5292 aliide - ok
20:31:44.0281 5292 [ FB7FDA167F89694B8AF18A4636D0C19C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:31:44.0281 5292 AMD External Events Utility - ok
20:31:44.0297 5292 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:31:44.0312 5292 amdagp - ok
20:31:44.0328 5292 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:31:44.0328 5292 amdide - ok
20:31:44.0344 5292 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:31:44.0344 5292 AmdK8 - ok
20:31:44.0453 5292 [ 409D070998DE0C740372531174D22C91 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:31:44.0578 5292 amdkmdag - ok
20:31:44.0593 5292 [ 377CD7845A5C428112ADD976867A2819 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:31:44.0609 5292 amdkmdap - ok
20:31:44.0609 5292 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:31:44.0624 5292 AmdPPM - ok
20:31:44.0656 5292 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:31:44.0671 5292 amdsata - ok
20:31:44.0671 5292 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:31:44.0687 5292 amdsbs - ok
20:31:44.0702 5292 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:31:44.0718 5292 amdxata - ok
20:31:44.0749 5292 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:31:44.0765 5292 androidusb - ok
20:31:44.0765 5292 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:31:44.0796 5292 AppID - ok
20:31:44.0812 5292 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:31:44.0827 5292 AppIDSvc - ok
20:31:44.0827 5292 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:31:44.0843 5292 Appinfo - ok
20:31:44.0905 5292 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:44.0921 5292 Apple Mobile Device - ok
20:31:44.0921 5292 [ F81B2BAFAC16CD53E17E079EB2282D94 ] applebmt C:\Windows\system32\DRIVERS\applebmt.sys
20:31:44.0952 5292 applebmt - ok
20:31:44.0968 5292 [ 3B80A371525170C3CB6EA11614B30FE6 ] AppleBtBc C:\Windows\system32\DRIVERS\AppleBtBc.sys
20:31:44.0983 5292 AppleBtBc - ok
20:31:44.0983 5292 [ 2419E0CE7AE87F471CCE3E5768B285A4 ] AppleHFS C:\Windows\system32\drivers\AppleHFS.sys
20:31:44.0999 5292 AppleHFS ( UnsignedFile.Multi.Generic ) - warning
20:31:44.0999 5292 AppleHFS - detected UnsignedFile.Multi.Generic (1)
20:31:45.0014 5292 [ 9E7A162AE3AC1BF033BF20C379FBE3F4 ] AppleMNT C:\Windows\system32\drivers\AppleMNT.sys
20:31:45.0014 5292 AppleMNT ( UnsignedFile.Multi.Generic ) - warning
20:31:45.0014 5292 AppleMNT - detected UnsignedFile.Multi.Generic (1)
20:31:45.0014 5292 [ 90331505FF7F6C0D5CFA7C34BDA4E673 ] AppleOSSMgr C:\Windows\system32\AppleOSSMgr.exe
20:31:45.0030 5292 AppleOSSMgr - ok
20:31:45.0046 5292 [ 1F54B7E4283C8F76347805FD78B9128F ] AppleTimeSrv C:\Windows\system32\AppleTimeSrv.exe
20:31:45.0046 5292 AppleTimeSrv - ok
20:31:45.0077 5292 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:31:45.0077 5292 AppMgmt - ok
20:31:45.0092 5292 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:31:45.0108 5292 arc - ok
20:31:45.0124 5292 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:31:45.0124 5292 arcsas - ok
20:31:45.0186 5292 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:31:45.0186 5292 aspnet_state - ok
20:31:45.0202 5292 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:31:45.0233 5292 AsyncMac - ok
20:31:45.0248 5292 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:31:45.0264 5292 atapi - ok
20:31:45.0311 5292 [ F8CFE8471BD445F2B437281F2AF01780 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:31:45.0373 5292 athr - ok
20:31:45.0404 5292 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:31:45.0420 5292 AudioEndpointBuilder - ok
20:31:45.0420 5292 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:31:45.0436 5292 Audiosrv - ok
20:31:45.0436 5292 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:31:45.0451 5292 AxInstSV - ok
20:31:45.0467 5292 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:31:45.0482 5292 b06bdrv - ok
20:31:45.0498 5292 [ BF34695B9E74CD7D72CB945A6AF874B7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:31:45.0498 5292 b57nd60x - ok
20:31:45.0498 5292 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:31:45.0514 5292 BDESVC - ok
20:31:45.0514 5292 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:31:45.0529 5292 Beep - ok
20:31:45.0545 5292 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:31:45.0560 5292 BFE - ok
20:31:45.0592 5292 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:31:45.0607 5292 BITS - ok
20:31:45.0623 5292 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:31:45.0623 5292 blbdrive - ok
20:31:45.0670 5292 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:31:45.0670 5292 Bonjour Service - ok
20:31:45.0685 5292 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:31:45.0685 5292 bowser - ok
20:31:45.0701 5292 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:31:45.0701 5292 BrFiltLo - ok
20:31:45.0716 5292 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:31:45.0716 5292 BrFiltUp - ok
20:31:45.0748 5292 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:31:45.0763 5292 Browser - ok
20:31:45.0763 5292 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:31:45.0763 5292 Brserid - ok
20:31:45.0763 5292 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:31:45.0779 5292 BrSerWdm - ok
20:31:45.0779 5292 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:31:45.0794 5292 BrUsbMdm - ok
20:31:45.0794 5292 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:31:45.0794 5292 BrUsbSer - ok
20:31:45.0826 5292 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:31:45.0841 5292 BthEnum - ok
20:31:45.0841 5292 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:31:45.0841 5292 BTHMODEM - ok
20:31:45.0872 5292 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:31:45.0872 5292 BthPan - ok
20:31:45.0904 5292 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:31:45.0904 5292 BTHPORT - ok
20:31:45.0919 5292 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:31:45.0935 5292 bthserv - ok
20:31:45.0950 5292 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:31:45.0950 5292 BTHUSB - ok
20:31:45.0966 5292 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:31:45.0982 5292 cdfs - ok
20:31:45.0982 5292 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:31:45.0997 5292 cdrom - ok
20:31:45.0997 5292 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:31:46.0013 5292 CertPropSvc - ok
20:31:46.0028 5292 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:31:46.0044 5292 circlass - ok
20:31:46.0044 5292 [ 4A53428F7C383EFBCFAAFDCB434E2AF4 ] CirrusFilter C:\Windows\system32\DRIVERS\CS420x86.sys
20:31:46.0060 5292 CirrusFilter - ok
20:31:46.0060 5292 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:31:46.0075 5292 CLFS - ok
20:31:46.0106 5292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:46.0122 5292 clr_optimization_v2.0.50727_32 - ok
20:31:46.0138 5292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:46.0153 5292 clr_optimization_v4.0.30319_32 - ok
20:31:46.0153 5292 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:31:46.0169 5292 CmBatt - ok
20:31:46.0184 5292 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:31:46.0184 5292 cmdide - ok
20:31:46.0200 5292 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:31:46.0216 5292 CNG - ok
20:31:46.0231 5292 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:31:46.0231 5292 Compbatt - ok
20:31:46.0247 5292 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:31:46.0247 5292 CompositeBus - ok
20:31:46.0247 5292 COMSysApp - ok
20:31:46.0262 5292 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:31:46.0278 5292 crcdisk - ok
20:31:46.0372 5292 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:31:46.0387 5292 CryptSvc - ok
20:31:46.0418 5292 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:31:46.0434 5292 CSC - ok
20:31:46.0450 5292 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:31:46.0465 5292 CscService - ok
20:31:46.0496 5292 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:31:46.0512 5292 DcomLaunch - ok
20:31:46.0543 5292 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:31:46.0574 5292 defragsvc - ok
20:31:46.0574 5292 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:31:46.0590 5292 DfsC - ok
20:31:46.0606 5292 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:31:46.0621 5292 Dhcp - ok
20:31:46.0637 5292 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:31:46.0652 5292 discache - ok
20:31:46.0652 5292 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:31:46.0668 5292 Disk - ok
20:31:46.0684 5292 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:31:46.0699 5292 dmvsc - ok
20:31:46.0730 5292 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:31:46.0746 5292 Dnscache - ok
20:31:46.0746 5292 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:31:46.0762 5292 dot3svc - ok
20:31:46.0762 5292 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:31:46.0777 5292 DPS - ok
20:31:46.0793 5292 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:31:46.0808 5292 drmkaud - ok
20:31:46.0824 5292 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:31:46.0840 5292 DXGKrnl - ok
20:31:46.0855 5292 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:31:46.0871 5292 EapHost - ok
20:31:46.0933 5292 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:31:46.0949 5292 ebdrv - ok
20:31:46.0980 5292 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:31:46.0996 5292 EFS - ok
20:31:47.0042 5292 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:31:47.0058 5292 ehRecvr - ok
20:31:47.0074 5292 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:31:47.0089 5292 ehSched - ok
20:31:47.0105 5292 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:31:47.0136 5292 elxstor - ok
20:31:47.0136 5292 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:31:47.0152 5292 ErrDev - ok
20:31:47.0167 5292 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:31:47.0183 5292 EventSystem - ok
20:31:47.0198 5292 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:31:47.0214 5292 exfat - ok
20:31:47.0230 5292 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:31:47.0245 5292 fastfat - ok
20:31:47.0276 5292 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:31:47.0292 5292 Fax - ok
20:31:47.0292 5292 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:31:47.0308 5292 fdc - ok
20:31:47.0323 5292 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:31:47.0339 5292 fdPHost - ok
20:31:47.0354 5292 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:31:47.0370 5292 FDResPub - ok
20:31:47.0417 5292 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:31:47.0432 5292 FileInfo - ok
20:31:47.0448 5292 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:31:47.0479 5292 Filetrace - ok
20:31:47.0479 5292 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:31:47.0479 5292 flpydisk - ok
20:31:47.0495 5292 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:31:47.0495 5292 FltMgr - ok
20:31:47.0542 5292 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:31:47.0573 5292 FontCache - ok
20:31:47.0604 5292 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:31:47.0604 5292 FontCache3.0.0.0 - ok
20:31:47.0620 5292 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:31:47.0635 5292 FsDepends - ok
20:31:47.0666 5292 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:31:47.0666 5292 Fs_Rec - ok
20:31:47.0682 5292 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:31:47.0698 5292 fvevol - ok
20:31:47.0698 5292 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:31:47.0713 5292 gagp30kx - ok
20:31:47.0713 5292 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:31:47.0729 5292 GEARAspiWDM - ok
20:31:47.0744 5292 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:31:47.0760 5292 gpsvc - ok
20:31:47.0776 5292 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:31:47.0776 5292 hcw85cir - ok
20:31:47.0807 5292 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:31:47.0807 5292 HdAudAddService - ok
20:31:47.0822 5292 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:31:47.0838 5292 HDAudBus - ok
20:31:47.0854 5292 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:31:47.0854 5292 HidBatt - ok
20:31:47.0869 5292 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:31:47.0869 5292 HidBth - ok
20:31:47.0885 5292 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:31:47.0885 5292 HidIr - ok
20:31:47.0900 5292 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:31:47.0916 5292 hidserv - ok
20:31:47.0916 5292 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:31:47.0932 5292 HidUsb - ok
20:31:47.0947 5292 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:31:47.0963 5292 hkmsvc - ok
20:31:47.0978 5292 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:31:47.0978 5292 HomeGroupListener - ok
20:31:48.0010 5292 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:31:48.0010 5292 HomeGroupProvider - ok
20:31:48.0025 5292 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:31:48.0025 5292 HpSAMD - ok
20:31:48.0041 5292 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:31:48.0072 5292 HTTP - ok
20:31:48.0072 5292 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:31:48.0088 5292 hwpolicy - ok
20:31:48.0088 5292 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:31:48.0103 5292 i8042prt - ok
20:31:48.0134 5292 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:31:48.0150 5292 iaStorV - ok
20:31:48.0181 5292 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:31:48.0197 5292 idsvc - ok
20:31:48.0212 5292 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:31:48.0212 5292 iirsp - ok
20:31:48.0275 5292 [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:31:48.0290 5292 IJPLMSVC - ok
20:31:48.0322 5292 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:31:48.0353 5292 IKEEXT - ok
20:31:48.0353 5292 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:31:48.0368 5292 intelide - ok
20:31:48.0368 5292 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:31:48.0384 5292 intelppm - ok
20:31:48.0400 5292 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:31:48.0415 5292 IPBusEnum - ok
20:31:48.0431 5292 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:31:48.0446 5292 IpFilterDriver - ok
20:31:48.0462 5292 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:31:48.0478 5292 IPMIDRV - ok
20:31:48.0509 5292 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:31:48.0524 5292 IPNAT - ok
20:31:48.0556 5292 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:31:48.0571 5292 iPod Service - ok
20:31:48.0587 5292 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:31:48.0587 5292 IRENUM - ok
20:31:48.0602 5292 [ DD4C1A21ABD0C41184D3F529421E4650 ] IRRemoteFlt C:\Windows\system32\DRIVERS\IRFilter.sys
20:31:48.0618 5292 IRRemoteFlt - ok
20:31:48.0634 5292 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:31:48.0634 5292 isapnp - ok
20:31:48.0649 5292 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:31:48.0649 5292 iScsiPrt - ok
20:31:48.0665 5292 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:31:48.0680 5292 kbdclass - ok
20:31:48.0680 5292 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:31:48.0680 5292 kbdhid - ok
20:31:48.0712 5292 [ F98ECF8A1135B9C56A6D51EC08D4651A ] KeyAgent C:\Windows\system32\drivers\KeyAgent.sys
20:31:48.0712 5292 KeyAgent ( UnsignedFile.Multi.Generic ) - warning
20:31:48.0712 5292 KeyAgent - detected UnsignedFile.Multi.Generic (1)
20:31:48.0727 5292 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:31:48.0727 5292 KeyIso - ok
20:31:48.0743 5292 [ 298D7B6B8B7985C272A7E7158119A416 ] KeyMagic C:\Windows\system32\DRIVERS\KeyMagic.sys
20:31:48.0758 5292 KeyMagic - ok
20:31:48.0774 5292 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:31:48.0790 5292 KSecDD - ok
20:31:48.0805 5292 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:31:48.0805 5292 KSecPkg - ok
20:31:48.0821 5292 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:31:48.0852 5292 KtmRm - ok
20:31:48.0868 5292 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:31:48.0883 5292 LanmanServer - ok
20:31:48.0914 5292 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:31:48.0930 5292 LanmanWorkstation - ok
20:31:48.0946 5292 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:31:48.0946 5292 lltdio - ok
20:31:48.0961 5292 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:31:48.0992 5292 lltdsvc - ok
20:31:49.0008 5292 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:31:49.0008 5292 lmhosts - ok
20:31:49.0039 5292 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:31:49.0055 5292 LMS - ok
20:31:49.0070 5292 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:31:49.0070 5292 LSI_FC - ok
20:31:49.0070 5292 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:31:49.0086 5292 LSI_SAS - ok
20:31:49.0086 5292 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:31:49.0102 5292 LSI_SAS2 - ok
20:31:49.0102 5292 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:31:49.0102 5292 LSI_SCSI - ok
20:31:49.0117 5292 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:31:49.0133 5292 luafv - ok
20:31:49.0195 5292 [ 6311F8863D898CE60C048779F9D86E74 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
20:31:49.0211 5292 lxecCATSCustConnectService - ok
20:31:49.0226 5292 lxec_device - ok
20:31:49.0242 5292 [ 6AAC2E751258B28982D77A56EBC97479 ] MacHALDriver C:\Windows\system32\drivers\MacHALDriver.sys
20:31:49.0242 5292 MacHALDriver ( UnsignedFile.Multi.Generic ) - warning
20:31:49.0242 5292 MacHALDriver - detected UnsignedFile.Multi.Generic (1)
20:31:49.0258 5292 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:31:49.0258 5292 MBAMProtector - ok
20:31:49.0304 5292 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:31:49.0320 5292 MBAMScheduler - ok
20:31:49.0429 5292 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:31:49.0445 5292 MBAMService - ok
20:31:49.0476 5292 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:31:49.0476 5292 Mcx2Svc - ok
20:31:49.0492 5292 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:31:49.0492 5292 megasas - ok
20:31:49.0492 5292 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:31:49.0507 5292 MegaSR - ok
20:31:49.0523 5292 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
20:31:49.0523 5292 MEI - ok
20:31:49.0538 5292 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:31:49.0554 5292 MMCSS - ok
20:31:49.0570 5292 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:31:49.0585 5292 Modem - ok
20:31:49.0585 5292 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:31:49.0601 5292 monitor - ok
20:31:49.0601 5292 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:31:49.0616 5292 mouclass - ok
20:31:49.0616 5292 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:31:49.0632 5292 mouhid - ok
20:31:49.0632 5292 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:31:49.0648 5292 mountmgr - ok
20:31:49.0648 5292 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:31:49.0648 5292 mpio - ok
20:31:49.0694 5292 MpKslba5a688c - ok
20:31:49.0710 5292 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:31:49.0741 5292 mpsdrv - ok
20:31:49.0757 5292 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:31:49.0788 5292 MpsSvc - ok
20:31:49.0788 5292 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:31:49.0804 5292 MRxDAV - ok
20:31:49.0835 5292 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:31:49.0850 5292 mrxsmb - ok
20:31:49.0866 5292 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:31:49.0882 5292 mrxsmb10 - ok
20:31:49.0897 5292 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:31:49.0913 5292 mrxsmb20 - ok
20:31:49.0913 5292 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:31:49.0928 5292 msahci - ok
20:31:49.0928 5292 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:31:49.0944 5292 msdsm - ok
20:31:49.0944 5292 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:31:49.0960 5292 MSDTC - ok
20:31:49.0975 5292 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:31:49.0991 5292 Msfs - ok
20:31:49.0991 5292 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:31:50.0006 5292 mshidkmdf - ok
20:31:50.0022 5292 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:31:50.0022 5292 msisadrv - ok
20:31:50.0053 5292 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:31:50.0084 5292 MSiSCSI - ok
20:31:50.0084 5292 msiserver - ok
20:31:50.0100 5292 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:31:50.0131 5292 MSKSSRV - ok
20:31:50.0147 5292 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:31:50.0162 5292 MSPCLOCK - ok
20:31:50.0178 5292 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:31:50.0178 5292 MSPQM - ok
20:31:50.0209 5292 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:31:50.0209 5292 MsRPC - ok
20:31:50.0209 5292 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:31:50.0225 5292 mssmbios - ok
20:31:50.0287 5292 MSSQL$SQLEXPRESS - ok
20:31:50.0318 5292 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:31:50.0334 5292 MSSQLServerADHelper - ok
20:31:50.0334 5292 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:31:50.0365 5292 MSTEE - ok
20:31:50.0365 5292 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:31:50.0381 5292 MTConfig - ok
20:31:50.0396 5292 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:31:50.0396 5292 Mup - ok
20:31:50.0412 5292 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:31:50.0443 5292 napagent - ok
20:31:50.0443 5292 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:31:50.0459 5292 NativeWifiP - ok
20:31:50.0490 5292 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:31:50.0506 5292 NDIS - ok
20:31:50.0521 5292 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:31:50.0537 5292 NdisCap - ok
20:31:50.0552 5292 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:31:50.0568 5292 NdisTapi - ok
20:31:50.0568 5292 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:31:50.0584 5292 Ndisuio - ok
20:31:50.0584 5292 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:31:50.0599 5292 NdisWan - ok
20:31:50.0615 5292 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:31:50.0630 5292 NDProxy - ok
20:31:50.0630 5292 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:31:50.0646 5292 NetBIOS - ok
20:31:50.0662 5292 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:31:50.0677 5292 NetBT - ok
20:31:50.0677 5292 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:31:50.0677 5292 Netlogon - ok
20:31:50.0708 5292 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:31:50.0724 5292 Netman - ok
20:31:50.0755 5292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:31:50.0755 5292 NetMsmqActivator - ok
20:31:50.0755 5292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:31:50.0771 5292 NetPipeActivator - ok
20:31:50.0786 5292 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:31:50.0802 5292 netprofm - ok
20:31:50.0802 5292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:31:50.0818 5292 NetTcpActivator - ok
20:31:50.0818 5292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:31:50.0818 5292 NetTcpPortSharing - ok
20:31:50.0833 5292 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:31:50.0833 5292 nfrd960 - ok
20:31:50.0864 5292 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:31:50.0880 5292 NlaSvc - ok
20:31:50.0896 5292 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:31:50.0911 5292 Npfs - ok
20:31:50.0927 5292 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:31:50.0942 5292 nsi - ok
20:31:50.0958 5292 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:31:50.0974 5292 nsiproxy - ok
20:31:51.0005 5292 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:31:51.0036 5292 Ntfs - ok
20:31:51.0052 5292 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:31:51.0067 5292 Null - ok
20:31:51.0083 5292 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:31:51.0083 5292 nvraid - ok
20:31:51.0114 5292 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:31:51.0130 5292 nvstor - ok
20:31:51.0145 5292 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:31:51.0145 5292 nv_agp - ok
20:31:51.0161 5292 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:31:51.0161 5292 ohci1394 - ok
20:31:51.0208 5292 OracleJobSchedulerACS - ok
20:31:51.0223 5292 OracleMTSRecoveryService - ok
20:31:51.0223 5292 OracleOraDb11g_home1ClrAgent - ok
20:31:51.0223 5292 OracleOraDb11g_home1TNSListener - ok
20:31:51.0223 5292 OracleServiceACS - ok
20:31:51.0239 5292 OracleVssWriterACS - ok
20:31:51.0270 5292 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:31:51.0270 5292 ose - ok
20:31:51.0395 5292 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:31:51.0442 5292 osppsvc - ok
20:31:51.0473 5292 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:31:51.0488 5292 p2pimsvc - ok
20:31:51.0488 5292 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:31:51.0504 5292 p2psvc - ok
20:31:51.0504 5292 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:31:51.0520 5292 Parport - ok
20:31:51.0535 5292 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:31:51.0535 5292 partmgr - ok
20:31:51.0551 5292 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:31:51.0551 5292 Parvdm - ok
20:31:51.0566 5292 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:31:51.0582 5292 PcaSvc - ok
20:31:51.0582 5292 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:31:51.0598 5292 pci - ok
20:31:51.0598 5292 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:31:51.0613 5292 pciide - ok
20:31:51.0613 5292 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:31:51.0613 5292 pcmcia - ok
20:31:51.0629 5292 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:31:51.0629 5292 pcw - ok
20:31:51.0644 5292 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:31:51.0660 5292 PEAUTH - ok
20:31:51.0691 5292 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:31:51.0707 5292 PeerDistSvc - ok
20:31:51.0738 5292 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:31:51.0754 5292 pla - ok
20:31:51.0800 5292 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:31:51.0816 5292 PlugPlay - ok
20:31:51.0832 5292 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:31:51.0847 5292 PNRPAutoReg - ok
20:31:51.0847 5292 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:31:51.0863 5292 PNRPsvc - ok
20:31:51.0878 5292 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:31:51.0910 5292 PolicyAgent - ok
20:31:51.0925 5292 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:31:51.0941 5292 Power - ok
20:31:51.0941 5292 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:31:51.0956 5292 PptpMiniport - ok
20:31:51.0972 5292 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:31:51.0972 5292 Processor - ok
20:31:52.0003 5292 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:31:52.0019 5292 ProfSvc - ok
20:31:52.0019 5292 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:31:52.0019 5292 ProtectedStorage - ok
20:31:52.0034 5292 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:31:52.0050 5292 Psched - ok
20:31:52.0081 5292 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:31:52.0112 5292 ql2300 - ok
20:31:52.0112 5292 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:31:52.0128 5292 ql40xx - ok
20:31:52.0144 5292 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:31:52.0159 5292 QWAVE - ok
20:31:52.0159 5292 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:31:52.0175 5292 QWAVEdrv - ok
20:31:52.0190 5292 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:31:52.0190 5292 RasAcd - ok
20:31:52.0206 5292 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:31:52.0222 5292 RasAgileVpn - ok
20:31:52.0237 5292 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:31:52.0253 5292 RasAuto - ok
20:31:52.0268 5292 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:31:52.0284 5292 Rasl2tp - ok
20:31:52.0284 5292 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:31:52.0300 5292 RasMan - ok
20:31:52.0315 5292 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:31:52.0331 5292 RasPppoe - ok
20:31:52.0331 5292 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:31:52.0346 5292 RasSstp - ok
20:31:52.0362 5292 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:31:52.0378 5292 rdbss - ok
20:31:52.0378 5292 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:31:52.0393 5292 rdpbus - ok
20:31:52.0393 5292 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:31:52.0409 5292 RDPCDD - ok
20:31:52.0502 5292 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:31:52.0518 5292 RDPDR - ok
20:31:52.0518 5292 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:31:52.0549 5292 RDPENCDD - ok
20:31:52.0565 5292 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:31:52.0565 5292 RDPREFMP - ok
20:31:52.0612 5292 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:31:52.0627 5292 RdpVideoMiniport - ok
20:31:52.0658 5292 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:31:52.0674 5292 RDPWD - ok
20:31:52.0690 5292 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:31:52.0705 5292 rdyboost - ok
20:31:52.0721 5292 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:31:52.0752 5292 RemoteAccess - ok
20:31:52.0768 5292 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:31:52.0783 5292 RemoteRegistry - ok
20:31:52.0814 5292 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:31:52.0830 5292 RFCOMM - ok
20:31:52.0830 5292 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:31:52.0846 5292 RpcEptMapper - ok
20:31:52.0861 5292 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:31:52.0861 5292 RpcLocator - ok
20:31:52.0877 5292 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:31:52.0908 5292 RpcSs - ok
20:31:52.0908 5292 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:31:52.0924 5292 rspndr - ok
20:31:52.0955 5292 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:31:52.0955 5292 s3cap - ok
20:31:52.0970 5292 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:31:52.0970 5292 SamSs - ok
20:31:53.0002 5292 [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
20:31:53.0017 5292 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - warning
20:31:53.0017 5292 Samsung UPD Service2 - detected UnsignedFile.Multi.Generic (1)
20:31:53.0033 5292 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:31:53.0033 5292 sbp2port - ok
20:31:53.0048 5292 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:31:53.0064 5292 SCardSvr - ok
20:31:53.0080 5292 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:31:53.0095 5292 scfilter - ok
20:31:53.0111 5292 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:31:53.0126 5292 Schedule - ok
20:31:53.0158 5292 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:31:53.0173 5292 SCPolicySvc - ok
20:31:53.0173 5292 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:31:53.0204 5292 SDRSVC - ok
20:31:53.0220 5292 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:31:53.0251 5292 secdrv - ok
20:31:53.0251 5292 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:31:53.0267 5292 seclogon - ok
20:31:53.0267 5292 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:31:53.0282 5292 SENS - ok
20:31:53.0298 5292 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:31:53.0314 5292 SensrSvc - ok
20:31:53.0329 5292 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:31:53.0329 5292 Serenum - ok
20:31:53.0345 5292 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:31:53.0360 5292 Serial - ok
20:31:53.0360 5292 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:31:53.0376 5292 sermouse - ok
20:31:53.0392 5292 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:31:53.0407 5292 SessionEnv - ok
20:31:53.0407 5292 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:31:53.0423 5292 sffdisk - ok
20:31:53.0423 5292 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:31:53.0438 5292 sffp_mmc - ok
20:31:53.0454 5292 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:31:53.0454 5292 sffp_sd - ok
20:31:53.0454 5292 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:31:53.0470 5292 sfloppy - ok
20:31:53.0485 5292 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:31:53.0501 5292 ShellHWDetection - ok
20:31:53.0501 5292 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:31:53.0501 5292 sisagp - ok
20:31:53.0516 5292 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:31:53.0516 5292 SiSRaid2 - ok
20:31:53.0516 5292 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:31:53.0532 5292 SiSRaid4 - ok
20:31:53.0610 5292 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:31:53.0641 5292 Skype C2C Service - ok
20:31:53.0688 5292 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:31:53.0704 5292 SkypeUpdate - ok
20:31:53.0704 5292 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:31:53.0735 5292 Smb - ok
20:31:53.0750 5292 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:31:53.0766 5292 SNMPTRAP - ok
20:31:53.0766 5292 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:31:53.0782 5292 spldr - ok
20:31:53.0813 5292 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:31:53.0828 5292 Spooler - ok
20:31:53.0875 5292 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:31:53.0906 5292 sppsvc - ok
20:31:53.0938 5292 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:31:53.0953 5292 sppuinotify - ok
20:31:53.0984 5292 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:31:54.0000 5292 SQLBrowser - ok
20:31:54.0031 5292 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:31:54.0047 5292 SQLWriter - ok
20:31:54.0078 5292 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:31:54.0094 5292 srv - ok
20:31:54.0109 5292 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:31:54.0109 5292 srv2 - ok
20:31:54.0125 5292 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:31:54.0140 5292 srvnet - ok
20:31:54.0172 5292 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:31:54.0172 5292 ssadbus - ok
20:31:54.0203 5292 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:31:54.0218 5292 ssadmdfl - ok
20:31:54.0234 5292 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:31:54.0250 5292 ssadmdm - ok
20:31:54.0265 5292 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:31:54.0281 5292 ssadserd - ok
20:31:54.0296 5292 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:31:54.0343 5292 SSDPSRV - ok
20:31:54.0343 5292 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:31:54.0359 5292 SstpSvc - ok
20:31:54.0374 5292 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:31:54.0374 5292 stexstor - ok
20:31:54.0406 5292 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:31:54.0421 5292 StiSvc - ok
20:31:54.0437 5292 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:31:54.0437 5292 storflt - ok
20:31:54.0452 5292 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:31:54.0468 5292 storvsc - ok
20:31:54.0484 5292 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:31:54.0484 5292 swenum - ok
20:31:54.0484 5292 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:31:54.0515 5292 swprv - ok
20:31:54.0530 5292 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:31:54.0530 5292 Synth3dVsc - ok
20:31:54.0562 5292 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:31:54.0577 5292 SysMain - ok
20:31:54.0577 5292 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:31:54.0593 5292 TabletInputService - ok
20:31:54.0608 5292 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:31:54.0624 5292 TapiSrv - ok
20:31:54.0640 5292 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:31:54.0655 5292 TBS - ok
20:31:54.0702 5292 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:31:54.0733 5292 Tcpip - ok
20:31:54.0749 5292 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:31:54.0780 5292 TCPIP6 - ok
20:31:54.0780 5292 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:31:54.0796 5292 tcpipreg - ok
20:31:54.0796 5292 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:31:54.0811 5292 TDPIPE - ok
20:31:54.0827 5292 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:31:54.0827 5292 TDTCP - ok
20:31:54.0842 5292 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:31:54.0858 5292 tdx - ok
20:31:54.0936 5292 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:31:54.0967 5292 TeamViewer7 - ok
20:31:54.0998 5292 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:31:54.0998 5292 TermDD - ok
20:31:54.0998 5292 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:31:55.0014 5292 terminpt - ok
20:31:55.0030 5292 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:31:55.0045 5292 TermService - ok
20:31:55.0061 5292 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:31:55.0061 5292 Themes - ok
20:31:55.0076 5292 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:31:55.0092 5292 THREADORDER - ok
20:31:55.0108 5292 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:31:55.0123 5292 TrkWks - ok
20:31:55.0154 5292 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:31:55.0170 5292 TrustedInstaller - ok
20:31:55.0186 5292 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:31:55.0201 5292 tssecsrv - ok
20:31:55.0201 5292 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:31:55.0201 5292 TsUsbFlt - ok
20:31:55.0217 5292 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:31:55.0217 5292 TsUsbGD - ok
20:31:55.0232 5292 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:31:55.0248 5292 tsusbhub - ok
20:31:55.0248 5292 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:31:55.0264 5292 tunnel - ok
20:31:55.0279 5292 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:31:55.0279 5292 uagp35 - ok
20:31:55.0295 5292 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:31:55.0310 5292 udfs - ok
20:31:55.0326 5292 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:31:55.0326 5292 UI0Detect - ok
20:31:55.0342 5292 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:31:55.0357 5292 uliagpkx - ok
20:31:55.0357 5292 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:31:55.0357 5292 umbus - ok
20:31:55.0373 5292 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:31:55.0388 5292 UmPass - ok
20:31:55.0404 5292 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:31:55.0420 5292 UmRdpService - ok
20:31:55.0498 5292 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:31:55.0529 5292 UNS - ok
20:31:55.0591 5292 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:31:55.0622 5292 upnphost - ok
20:31:55.0654 5292 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:31:55.0654 5292 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:31:55.0654 5292 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:31:55.0685 5292 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:31:55.0700 5292 usbccgp - ok
20:31:55.0700 5292 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:31:55.0716 5292 usbcir - ok
20:31:55.0747 5292 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:31:55.0747 5292 usbehci - ok
20:31:55.0763 5292 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:31:55.0778 5292 usbhub - ok
20:31:55.0794 5292 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:31:55.0794 5292 usbohci - ok
20:31:55.0810 5292 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:31:55.0810 5292 usbprint - ok
20:31:55.0825 5292 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:31:55.0841 5292 usbscan - ok
20:31:55.0872 5292 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:31:55.0872 5292 usbser - ok
20:31:55.0872 5292 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:31:55.0903 5292 USBSTOR - ok
20:31:55.0903 5292 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:31:55.0919 5292 usbuhci - ok
20:31:55.0934 5292 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:31:55.0950 5292 usbvideo - ok
20:31:55.0966 5292 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:31:55.0997 5292 UxSms - ok
20:31:56.0012 5292 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:31:56.0028 5292 VaultSvc - ok
20:31:56.0044 5292 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:31:56.0044 5292 vdrvroot - ok
20:31:56.0059 5292 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:31:56.0090 5292 vds - ok
20:31:56.0106 5292 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:31:56.0106 5292 vga - ok
20:31:56.0122 5292 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:31:56.0153 5292 VgaSave - ok
20:31:56.0153 5292 VGPU - ok
20:31:56.0153 5292 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:31:56.0168 5292 vhdmp - ok
20:31:56.0168 5292 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:31:56.0168 5292 viaagp - ok
20:31:56.0184 5292 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:31:56.0184 5292 ViaC7 - ok
20:31:56.0200 5292 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:31:56.0200 5292 viaide - ok
20:31:56.0231 5292 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:31:56.0246 5292 vmbus - ok
20:31:56.0262 5292 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:31:56.0278 5292 VMBusHID - ok
20:31:56.0293 5292 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:31:56.0309 5292 volmgr - ok
20:31:56.0324 5292 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:31:56.0324 5292 volmgrx - ok
20:31:56.0340 5292 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:31:56.0340 5292 volsnap - ok
20:31:56.0371 5292 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:31:56.0371 5292 vsmraid - ok
20:31:56.0402 5292 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:31:56.0434 5292 VSS - ok
20:31:56.0434 5292 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:31:56.0449 5292 vwifibus - ok
20:31:56.0449 5292 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:31:56.0465 5292 vwififlt - ok
20:31:56.0465 5292 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:31:56.0496 5292 W32Time - ok
20:31:56.0496 5292 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:31:56.0512 5292 WacomPen - ok
20:31:56.0527 5292 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:31:56.0527 5292 WANARP - ok
20:31:56.0543 5292 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:31:56.0558 5292 Wanarpv6 - ok
20:31:56.0605 5292 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:31:56.0636 5292 WatAdminSvc - ok
20:31:56.0668 5292 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:31:56.0683 5292 wbengine - ok
20:31:56.0699 5292 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:31:56.0714 5292 WbioSrvc - ok
20:31:56.0714 5292 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:31:56.0730 5292 wcncsvc - ok
20:31:56.0746 5292 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:31:56.0761 5292 WcsPlugInService - ok
20:31:56.0761 5292 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:31:56.0777 5292 Wd - ok
20:31:56.0808 5292 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:31:56.0824 5292 Wdf01000 - ok
20:31:56.0839 5292 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:31:56.0839 5292 WdiServiceHost - ok
20:31:56.0839 5292 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:31:56.0855 5292 WdiSystemHost - ok
20:31:56.0870 5292 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:31:56.0870 5292 WebClient - ok
20:31:56.0886 5292 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:31:56.0902 5292 Wecsvc - ok
20:31:56.0902 5292 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:31:56.0917 5292 wercplsupport - ok
20:31:56.0933 5292 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:31:56.0948 5292 WerSvc - ok
20:31:56.0948 5292 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:31:56.0964 5292 WfpLwf - ok
20:31:56.0980 5292 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:31:56.0980 5292 WIMMount - ok
20:31:56.0980 5292 WinHttpAutoProxySvc - ok
20:31:57.0011 5292 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:31:57.0026 5292 Winmgmt - ok
20:31:57.0058 5292 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:31:57.0089 5292 WinRM - ok
20:31:57.0136 5292 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:31:57.0151 5292 WinUsb - ok
20:31:57.0182 5292 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:31:57.0214 5292 Wlansvc - ok
20:31:57.0229 5292 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:31:57.0229 5292 WmiAcpi - ok
20:31:57.0260 5292 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:31:57.0260 5292 wmiApSrv - ok
20:31:57.0323 5292 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:31:57.0370 5292 WMPNetworkSvc - ok
20:31:57.0370 5292 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:31:57.0385 5292 WPCSvc - ok
20:31:57.0385 5292 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:31:57.0401 5292 WPDBusEnum - ok
20:31:57.0416 5292 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:31:57.0432 5292 ws2ifsl - ok
20:31:57.0432 5292 WSearch - ok
20:31:57.0479 5292 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:31:57.0526 5292 wuauserv - ok
20:31:57.0557 5292 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:31:57.0557 5292 WudfPf - ok
20:31:57.0572 5292 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:31:57.0588 5292 WUDFRd - ok
20:31:57.0588 5292 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:31:57.0604 5292 wudfsvc - ok
20:31:57.0604 5292 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:31:57.0619 5292 WwanSvc - ok
20:31:57.0619 5292 ================ Scan global ===============================
20:31:57.0635 5292 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:31:57.0666 5292 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:31:57.0682 5292 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:31:57.0697 5292 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:31:57.0713 5292 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:31:57.0728 5292 [Global] - ok
20:31:57.0728 5292 ================ Scan MBR ==================================
20:31:57.0744 5292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:31:58.0040 5292 \Device\Harddisk0\DR0 - ok
20:31:58.0040 5292 ================ Scan VBR ==================================
20:31:58.0040 5292 [ 1187B0E5A237DB43F55AEADF2A246704 ] \Device\Harddisk0\DR0\Partition1
20:31:58.0040 5292 \Device\Harddisk0\DR0\Partition1 - ok
20:31:58.0040 5292 [ FB4378FB012F0A7B704505CA45F3341E ] \Device\Harddisk0\DR0\Partition2
20:31:58.0040 5292 \Device\Harddisk0\DR0\Partition2 - ok
20:31:58.0056 5292 [ CF4393CFA77508A24334B47F3346D809 ] \Device\Harddisk0\DR0\Partition3
20:31:58.0056 5292 \Device\Harddisk0\DR0\Partition3 - ok
20:31:58.0056 5292 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition4
20:31:58.0056 5292 \Device\Harddisk0\DR0\Partition4 - ok
20:31:58.0056 5292 [ 92C5BD8D32374365996AC6CD64C5441C ] \Device\Harddisk0\DR0\Partition5
20:31:58.0056 5292 \Device\Harddisk0\DR0\Partition5 - ok
20:31:58.0056 5292 ============================================================
20:31:58.0056 5292 Scan finished
20:31:58.0056 5292 ============================================================
20:31:58.0072 3452 Detected object count: 7
20:31:58.0072 3452 Actual detected object count: 7
20:52:30.0118 3452 aacf ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 aacf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 AppleHFS ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 AppleHFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 AppleMNT ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 AppleMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 KeyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 KeyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 MacHALDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 MacHALDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 Samsung UPD Service2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:30.0118 3452 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:30.0118 3452 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 11.01.2013, 21:03

hi
weiter mit Combofix bitte, wir haben uns überschnitten

Alexander12 · 11.01.2013, 22:15

Wie kann ich die Anti-vir programme deaktivieren. Habe Windows security essential vom Computer deinstalliert und trotzdem zeigt mir beim start von Combofix das Programm an, das der Scan noch aktiv ist.

markusg · 11.01.2013, 22:21

deinstalieren brauchst du es nicht, lass cf einfach laufen.

Win 7 Firewall lässt sich nicht mehr aktivieren (Fehlercode Error 0x8007042c)

Plagegeister aller Art und deren Bekämpfung: Win 7 Firewall lässt sich nicht mehr aktivieren (Fehlercode Error 0x8007042c)