| |
| |||||||
Log-Analyse und Auswertung: Win Vista: Avira meldet 'BOO/TDss.O' gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.12.2013, 14:41
| #16 |
 |  Win Vista: Avira meldet 'BOO/TDss.O' gefundenCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=50e6594b52671449b669fd2e546bc86c
# engine=16181
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-08 01:24:46
# local_time=2013-12-08 02:24:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 95 77430 157180391 12139 0
# compatibility_mode=5378 16777214 0 8 56315358 56331406 0 0
# compatibility_mode=5892 16776638 100 100 33350274 224041814 0 0
# scanned=353105
# found=9
# cleaned=0
# scan_time=14100
sh=1B55A807FB047C47C0CFF49162A91BE77E50F051 ft=1 fh=4a92c2fd18962af4 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0005.dta"
sh=7C794856DA9A3D40740431C1C355324BF15F7B9F ft=1 fh=3c404436a28ba5f7 vn="a variant of Generik.CIVPCAN trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0006.dta"
sh=8FC47002C94322D27E7CC23DE0E09366278D1FAC ft=1 fh=b59116e9ea4b609b vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0007.dta"
sh=C1537F8F8308DB428A17D8309AF853CBDDD86378 ft=1 fh=c25e6ab804e54205 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0008.dta"
sh=D5F20E8DD68BF3F2755756925DE31F78941EFD8F ft=1 fh=533da6b67824c7dc vn="a variant of Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0009.dta"
sh=BD23CFA926B0FE04CDE450F63D7BDC381D238E12 ft=1 fh=e7aec2c971424e71 vn="Win64/Olmasco.V trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0010.dta"
sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0011.dta"
sh=0052E97FFDEB7172B5306B68B008697EB61862A4 ft=1 fh=98c9107c7a5c7106 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\07.12.2013_12.04.21\tdlfs0000\tsk0012.dta"
sh=8DDE856805780977C50D8D9B33E56A58CD7BF34C ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="F:\Users\Richard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\44bc4adf-26fb1688"
Code:
ATTFilter Results of screen317's Security Check version 0.99.76 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 CCleaner Java(TM) 6 Update 22 Java version out of Date! Adobe Flash Player 9 Flash Player out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Firefox (25.0.1) ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 02
Ran by Richard (administrator) on RICHARD-PC on 08-12-2013 14:33:19
Running from C:\Users\Richard\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Spotify Ltd) C:\Users\Richard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Dropbox, Inc.) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Richard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-18] (Spotify Ltd)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\Richard\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid a25629733f7e47d18d83d14a4b47895b-e2d58aa5192df42f33b082801a16ed7e8dfe1348 --CMPID 0913b
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: {16e47d92-032e-11e2-b577-00030da360a8} - F:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\evpl76q9.default
FF Homepage: hxxp://www.tagesschau.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\evpl76q9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
==================== Drivers (Whitelisted) ====================
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-29] (Avira Operations GmbH & Co. KG)
R3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)
S3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
S3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 RVIEG01; C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys [187992 2001-04-13] (Roland)
R2 RVIEGVST; C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys [188276 2001-04-13] (Roland)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-31] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Richard\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-08 14:33 - 2013-12-08 14:33 - 00000000 ____D C:\Users\Richard\Downloads\FRST-OlderVersion
2013-12-08 14:28 - 2013-12-08 10:24 - 00891184 _____ C:\Users\Richard\Desktop\SecurityCheck.exe
2013-12-08 10:24 - 2013-12-08 10:24 - 00891184 _____ C:\Users\Richard\Downloads\SecurityCheck.exe
2013-12-08 10:23 - 2013-12-08 10:23 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu.exe
2013-12-07 21:02 - 2013-12-07 21:02 - 00000808 _____ C:\Users\Richard\Desktop\PDF Architect.lnk
2013-12-07 21:01 - 2013-12-07 21:01 - 00000000 ____D C:\Users\Richard\Documents\PDF Architect Files
2013-12-07 21:01 - 2013-12-07 21:01 - 00000000 ____D C:\Program Files\PDF Architect
2013-12-07 21:00 - 2013-12-07 21:02 - 00000000 ____D C:\Program Files\PDFCreator
2013-12-07 21:00 - 2013-12-07 21:00 - 00000834 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-12-07 21:00 - 2013-12-07 21:00 - 00000000 ____D C:\Users\Richard\AppData\Roaming\pdfforge
2013-12-07 21:00 - 2013-04-09 14:13 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2013-12-07 21:00 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX
2013-12-07 21:00 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX
2013-12-07 21:00 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL
2013-12-07 21:00 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\system32\VB6DE.DLL
2013-12-07 21:00 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCDE.DLL
2013-12-07 21:00 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\MSCC2DE.DLL
2013-12-07 20:47 - 2013-12-07 20:50 - 69734576 _____ (pdfforge ) C:\Users\Richard\Downloads\PDFCreator-1_7_2_setup_offline.exe
2013-12-07 20:39 - 2013-12-07 20:44 - 00415527 _____ C:\Windows\system32\~.tmp
2013-12-07 20:30 - 2013-12-07 20:34 - 00415527 _____ C:\Users\Richard\Documents\~.tmp
2013-12-07 13:40 - 2013-12-08 14:33 - 01060441 _____ (Farbar) C:\Users\Richard\Downloads\FRST.exe
2013-12-07 13:37 - 2013-12-07 13:37 - 00001195 _____ C:\Users\Richard\Desktop\JRT.txt
2013-12-07 13:33 - 2013-12-07 13:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 13:24 - 2013-12-07 13:25 - 00000000 ____D C:\AdwCleaner
2013-12-07 12:20 - 2013-12-07 12:20 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-07 12:19 - 2013-12-07 12:19 - 00000912 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-07 12:19 - 2013-12-07 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-07 12:19 - 2013-12-07 12:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-07 12:19 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-07 12:07 - 2013-12-07 12:07 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-07 12:06 - 2013-12-07 12:06 - 01034531 _____ (Thisisu) C:\Users\Richard\Downloads\JRT.exe
2013-12-07 12:05 - 2013-12-07 12:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richard\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-07 12:05 - 2013-12-07 12:05 - 01110034 _____ C:\Users\Richard\Downloads\adwcleaner.exe
2013-12-06 12:17 - 2013-12-08 09:54 - 00003510 _____ C:\Windows\PFRO.log
2013-12-06 10:16 - 2013-12-06 10:18 - 00000000 ___SD C:\ComboFix
2013-12-05 11:12 - 2013-12-05 11:12 - 00000000 ____D C:\Qoobox
2013-12-05 11:12 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-05 11:12 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-05 11:12 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-05 11:12 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-05 11:12 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-05 11:12 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-05 11:12 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-05 11:12 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-05 11:11 - 2013-12-06 10:16 - 00000000 ___SD C:\32788R22FWJFW
2013-12-05 11:11 - 2013-12-05 11:11 - 00000000 ____D C:\Windows\erdnt
2013-12-05 11:08 - 2013-12-06 10:11 - 05153080 ____R (Swearware) C:\Users\Richard\Desktop\ComboFix.exe
2013-12-02 10:25 - 2013-12-02 10:25 - 00002651 _____ C:\Users\Richard\Downloads\GMER.log
2013-12-02 10:08 - 2013-12-02 10:08 - 01110476 _____ C:\Users\Richard\Downloads\7z920.exe
2013-12-02 10:03 - 2013-12-02 10:03 - 00377856 _____ C:\Users\Richard\Downloads\gmer_2.1.19163.exe
2013-12-02 10:02 - 2013-12-02 10:03 - 00000476 _____ C:\Users\Richard\Downloads\defogger_disable.log
2013-12-02 10:02 - 2013-12-02 10:02 - 00050477 _____ C:\Users\Richard\Downloads\Defogger.exe
2013-12-02 10:02 - 2013-12-02 10:02 - 00000000 _____ C:\Users\Richard\defogger_reenable
2013-12-02 09:33 - 2013-12-02 09:34 - 00015931 _____ C:\Users\Richard\Downloads\Addition.txt
2013-12-02 09:32 - 2013-12-08 14:33 - 00012683 _____ C:\Users\Richard\Downloads\FRST.txt
2013-12-02 09:32 - 2013-12-08 14:33 - 00000000 ____D C:\FRST
2013-11-30 20:25 - 2013-11-30 20:25 - 04101441 _____ C:\Users\Richard\Downloads\tdsskiller.zip
2013-11-30 20:25 - 2013-11-30 20:25 - 00000000 ____D C:\Users\Richard\Desktop\tdsskiller
2013-11-30 20:18 - 2013-11-18 09:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Desktop\tdsskiller.exe
2013-11-27 12:19 - 2013-11-27 12:19 - 106424558 _____ C:\Windows\system32\咁ॎ᭄™
2013-11-19 14:47 - 2013-11-19 14:48 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-19 14:47 - 2013-11-19 14:48 - 00000000 ____D C:\Program Files\iTunes
2013-11-19 14:47 - 2013-11-19 14:47 - 00000000 ____D C:\Program Files\iPod
2013-11-19 14:06 - 2013-11-19 14:09 - 98633040 _____ (Apple Inc.) C:\Users\Richard\Downloads\iTunesSetup.exe
2013-11-18 10:49 - 2013-11-18 10:50 - 19071742 _____ C:\Users\Richard\Downloads\Jonas-Burgwinkel-Press-Pictures.zip
2013-11-17 21:50 - 2013-11-17 21:52 - 164009087 _____ C:\Users\Richard\Downloads\sascha-26-10-13.zip
2013-11-15 21:56 - 2013-11-15 21:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 09:01 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 09:01 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 09:01 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 09:01 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 09:01 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 09:01 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 09:01 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 09:01 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 09:01 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 09:01 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 09:01 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 09:01 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 09:01 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 09:01 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 09:01 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 09:01 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 14:07 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 14:07 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 14:07 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 14:07 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 14:07 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-08 14:33 - 2013-12-08 14:33 - 00000000 ____D C:\Users\Richard\Downloads\FRST-OlderVersion
2013-12-08 14:33 - 2013-12-07 13:40 - 01060441 _____ (Farbar) C:\Users\Richard\Downloads\FRST.exe
2013-12-08 14:33 - 2013-12-02 09:32 - 00012683 _____ C:\Users\Richard\Downloads\FRST.txt
2013-12-08 14:33 - 2013-12-02 09:32 - 00000000 ____D C:\FRST
2013-12-08 14:28 - 2008-07-03 05:11 - 00042749 _____ C:\ProgramData\nvModes.001
2013-12-08 14:00 - 2011-10-10 17:01 - 01365789 _____ C:\Windows\WindowsUpdate.log
2013-12-08 13:55 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-08 13:55 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-08 10:29 - 2012-02-21 19:29 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Dropbox
2013-12-08 10:25 - 2008-01-21 08:16 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-08 10:24 - 2013-12-08 14:28 - 00891184 _____ C:\Users\Richard\Desktop\SecurityCheck.exe
2013-12-08 10:24 - 2013-12-08 10:24 - 00891184 _____ C:\Users\Richard\Downloads\SecurityCheck.exe
2013-12-08 10:23 - 2013-12-08 10:23 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu.exe
2013-12-08 10:00 - 2011-11-07 17:58 - 00000000 ____D C:\ProgramData\MFAData
2013-12-08 09:56 - 2012-02-21 19:32 - 00000000 ___RD C:\Users\Richard\Dropbox
2013-12-08 09:55 - 2008-07-03 05:11 - 00042749 _____ C:\ProgramData\nvModes.dat
2013-12-08 09:55 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-08 09:54 - 2013-12-06 12:17 - 00003510 _____ C:\Windows\PFRO.log
2013-12-08 00:10 - 2006-11-02 14:01 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-07 21:02 - 2013-12-07 21:02 - 00000808 _____ C:\Users\Richard\Desktop\PDF Architect.lnk
2013-12-07 21:02 - 2013-12-07 21:00 - 00000000 ____D C:\Program Files\PDFCreator
2013-12-07 21:01 - 2013-12-07 21:01 - 00000000 ____D C:\Users\Richard\Documents\PDF Architect Files
2013-12-07 21:01 - 2013-12-07 21:01 - 00000000 ____D C:\Program Files\PDF Architect
2013-12-07 21:00 - 2013-12-07 21:00 - 00000834 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-12-07 21:00 - 2013-12-07 21:00 - 00000000 ____D C:\Users\Richard\AppData\Roaming\pdfforge
2013-12-07 20:50 - 2013-12-07 20:47 - 69734576 _____ (pdfforge ) C:\Users\Richard\Downloads\PDFCreator-1_7_2_setup_offline.exe
2013-12-07 20:44 - 2013-12-07 20:39 - 00415527 _____ C:\Windows\system32\~.tmp
2013-12-07 20:42 - 2013-09-26 09:46 - 00000000 ____D C:\Program Files\PDF24
2013-12-07 20:34 - 2013-12-07 20:30 - 00415527 _____ C:\Users\Richard\Documents\~.tmp
2013-12-07 13:37 - 2013-12-07 13:37 - 00001195 _____ C:\Users\Richard\Desktop\JRT.txt
2013-12-07 13:33 - 2013-12-07 13:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 13:25 - 2013-12-07 13:24 - 00000000 ____D C:\AdwCleaner
2013-12-07 13:18 - 2012-09-06 10:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-07 12:37 - 2011-10-10 17:09 - 00000000 ____D C:\Users\Richard
2013-12-07 12:20 - 2013-12-07 12:20 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Malwarebytes
2013-12-07 12:19 - 2013-12-07 12:19 - 00000912 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-07 12:19 - 2013-12-07 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-07 12:19 - 2013-12-07 12:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-07 12:07 - 2013-12-07 12:07 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-07 12:06 - 2013-12-07 12:06 - 01034531 _____ (Thisisu) C:\Users\Richard\Downloads\JRT.exe
2013-12-07 12:05 - 2013-12-07 12:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richard\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-07 12:05 - 2013-12-07 12:05 - 01110034 _____ C:\Users\Richard\Downloads\adwcleaner.exe
2013-12-06 12:14 - 2011-10-10 18:09 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Winamp
2013-12-06 10:18 - 2013-12-06 10:16 - 00000000 ___SD C:\ComboFix
2013-12-06 10:16 - 2013-12-05 11:11 - 00000000 ___SD C:\32788R22FWJFW
2013-12-06 10:11 - 2013-12-05 11:08 - 05153080 ____R (Swearware) C:\Users\Richard\Desktop\ComboFix.exe
2013-12-05 22:49 - 2008-07-03 14:25 - 00000000 ____D C:\Windows\Panther
2013-12-05 13:24 - 2011-11-17 13:11 - 00000000 ____D C:\bb
2013-12-05 11:12 - 2013-12-05 11:12 - 00000000 ____D C:\Qoobox
2013-12-05 11:11 - 2013-12-05 11:11 - 00000000 ____D C:\Windows\erdnt
2013-12-03 15:55 - 2011-10-10 17:15 - 00000000 ____D C:\Users\Richard\Documents\Rechnungen, Verträge, Angebote
2013-12-03 14:48 - 2013-07-31 18:05 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 10:25 - 2013-12-02 10:25 - 00002651 _____ C:\Users\Richard\Downloads\GMER.log
2013-12-02 10:08 - 2013-12-02 10:08 - 01110476 _____ C:\Users\Richard\Downloads\7z920.exe
2013-12-02 10:03 - 2013-12-02 10:03 - 00377856 _____ C:\Users\Richard\Downloads\gmer_2.1.19163.exe
2013-12-02 10:03 - 2013-12-02 10:02 - 00000476 _____ C:\Users\Richard\Downloads\defogger_disable.log
2013-12-02 10:02 - 2013-12-02 10:02 - 00050477 _____ C:\Users\Richard\Downloads\Defogger.exe
2013-12-02 10:02 - 2013-12-02 10:02 - 00000000 _____ C:\Users\Richard\defogger_reenable
2013-12-02 09:34 - 2013-12-02 09:33 - 00015931 _____ C:\Users\Richard\Downloads\Addition.txt
2013-11-30 20:25 - 2013-11-30 20:25 - 04101441 _____ C:\Users\Richard\Downloads\tdsskiller.zip
2013-11-30 20:25 - 2013-11-30 20:25 - 00000000 ____D C:\Users\Richard\Desktop\tdsskiller
2013-11-29 12:25 - 2012-10-18 00:33 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Spotify
2013-11-29 11:32 - 2013-07-31 18:05 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-29 11:32 - 2013-07-31 18:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-27 12:19 - 2013-11-27 12:19 - 106424558 _____ C:\Windows\system32\咁ॎ᭄™
2013-11-27 10:18 - 2013-10-29 09:47 - 00000864 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-27 10:16 - 2011-11-07 19:17 - 00000000 ___HD C:\$AVG
2013-11-25 22:15 - 2012-10-18 00:33 - 00000000 ____D C:\Users\Richard\AppData\Local\Spotify
2013-11-25 11:31 - 2012-07-27 10:54 - 00000000 ____D C:\Users\Richard\AppData\Local\Paint.NET
2013-11-23 13:50 - 2013-07-26 11:31 - 00000000 ____D C:\Users\Richard\Documents\C-Sheets
2013-11-22 11:03 - 2011-11-18 21:13 - 00000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2013-11-19 14:48 - 2013-11-19 14:47 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-19 14:48 - 2013-11-19 14:47 - 00000000 ____D C:\Program Files\iTunes
2013-11-19 14:47 - 2013-11-19 14:47 - 00000000 ____D C:\Program Files\iPod
2013-11-19 14:47 - 2013-02-06 12:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-19 14:47 - 2012-10-14 22:38 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-19 14:09 - 2013-11-19 14:06 - 98633040 _____ (Apple Inc.) C:\Users\Richard\Downloads\iTunesSetup.exe
2013-11-19 10:19 - 2013-07-29 11:04 - 00000000 ____D C:\Windows\system32\MRT
2013-11-18 10:50 - 2013-11-18 10:49 - 19071742 _____ C:\Users\Richard\Downloads\Jonas-Burgwinkel-Press-Pictures.zip
2013-11-18 09:28 - 2013-11-30 20:18 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Desktop\tdsskiller.exe
2013-11-17 21:52 - 2013-11-17 21:50 - 164009087 _____ C:\Users\Richard\Downloads\sascha-26-10-13.zip
2013-11-17 12:43 - 2012-07-21 09:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-15 21:56 - 2013-11-15 21:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 09:54 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-14 09:34 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-14 08:58 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
ZeroAccess:
C:\Users\Richard\AppData\Local\7dcd0ae1
C:\Users\Richard\AppData\Local\7dcd0ae1\@
C:\Users\Richard\AppData\Local\7dcd0ae1\loader.tlb
Files to move or delete:
====================
C:\ProgramData\0tbpw.pad
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\avgnt.exe
C:\Users\Richard\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-08 10:03
==================== End Of Log ============================
--- --- --- --- --- --- Avira meldet sich noch immer nach dem Neustart mit der gleichen Meldung. Auch Eset hat ja scheinbar einige infizierte Dateien gefunden. Viele Grüße Richard |
|
08.12.2013, 17:07
| #17 |
| /// the machine /// TB-Ausbilder    | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Java, Flash und Adobe updaten. Bitte einen frischen Scan mit TDSSKiller machen und das Log posten.
__________________
__________________ |
|
08.12.2013, 18:21
| #18 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefundenCode:
ATTFilter 18:18:23.0960 0x0110 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
18:18:28.0441 0x0110 ============================================================
18:18:28.0441 0x0110 Current date / time: 2013/12/08 18:18:28.0441
18:18:28.0441 0x0110 SystemInfo:
18:18:28.0441 0x0110
18:18:28.0441 0x0110 OS Version: 6.0.6002 ServicePack: 2.0
18:18:28.0441 0x0110 Product type: Workstation
18:18:28.0441 0x0110 ComputerName: RICHARD-PC
18:18:28.0442 0x0110 UserName: Richard
18:18:28.0442 0x0110 Windows directory: C:\Windows
18:18:28.0442 0x0110 System windows directory: C:\Windows
18:18:28.0442 0x0110 Processor architecture: Intel x86
18:18:28.0442 0x0110 Number of processors: 2
18:18:28.0442 0x0110 Page size: 0x1000
18:18:28.0442 0x0110 Boot type: Normal boot
18:18:28.0442 0x0110 ============================================================
18:18:31.0359 0x0110 KLMD registered as C:\Windows\system32\drivers\81515329.sys
18:18:32.0033 0x0110 System UUID: {1DD9EEBB-7F7A-37D7-BD67-B0028FB386EB}
18:18:33.0993 0x0110 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:18:33.0996 0x0110 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:18:37.0721 0x0110 ============================================================
18:18:37.0721 0x0110 \Device\Harddisk0\DR0:
18:18:37.0740 0x0110 MBR partitions:
18:18:37.0740 0x0110 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1194800, BlocksNum 0xBC51800
18:18:37.0740 0x0110 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDE6000, BlocksNum 0x186482B0
18:18:37.0740 0x0110 \Device\Harddisk1\DR1:
18:18:37.0763 0x0110 GPT partitions:
18:18:37.0765 0x0110 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {38662204-425C-40E5-A1BF-9B044C400B0A}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
18:18:37.0765 0x0110 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A6FC4F53-4362-410C-B651-60963133C394}, Name: Basic data partition, StartLBA 0x64800, BlocksNum 0x3A321000
18:18:37.0765 0x0110 MBR partitions:
18:18:37.0765 0x0110 ============================================================
18:18:37.0859 0x0110 C: <-> \Device\Harddisk0\DR0\Partition1
18:18:37.0908 0x0110 D: <-> \Device\Harddisk0\DR0\Partition2
18:18:37.0968 0x0110 F: <-> \Device\Harddisk1\DR1\Partition2
18:18:37.0968 0x0110 ============================================================
18:18:37.0969 0x0110 Initialize success
18:18:37.0969 0x0110 ============================================================
18:18:44.0082 0x03f4 ============================================================
18:18:44.0083 0x03f4 Scan started
18:18:44.0083 0x03f4 Mode: Manual; SigCheck; TDLFS;
18:18:44.0083 0x03f4 ============================================================
18:18:44.0083 0x03f4 KSN ping started
18:19:15.0708 0x03f4 KSN ping finished: true
18:19:17.0118 0x03f4 ================ Scan system memory ========================
18:19:17.0118 0x03f4 System memory - ok
18:19:17.0118 0x03f4 ================ Scan services =============================
18:19:17.0359 0x03f4 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:19:17.0547 0x03f4 ACPI - ok
18:19:17.0678 0x03f4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:19:17.0724 0x03f4 AdobeARMservice - ok
18:19:17.0820 0x03f4 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:19:17.0839 0x03f4 AdobeFlashPlayerUpdateSvc - ok
18:19:17.0891 0x03f4 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:19:17.0963 0x03f4 adp94xx - ok
18:19:18.0001 0x03f4 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:19:18.0049 0x03f4 adpahci - ok
18:19:18.0071 0x03f4 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:19:18.0115 0x03f4 adpu160m - ok
18:19:18.0139 0x03f4 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:19:18.0224 0x03f4 adpu320 - ok
18:19:18.0281 0x03f4 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:19:18.0453 0x03f4 AeLookupSvc - ok
18:19:18.0506 0x03f4 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
18:19:18.0606 0x03f4 AFD - ok
18:19:18.0655 0x03f4 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:19:18.0720 0x03f4 agp440 - ok
18:19:18.0756 0x03f4 [ 0DEE2B628D4C6E23285BB91EFFDABFDE, 58F14336AA1642D97D4EA540166FDCFA7B9125062E4350F0DD51D235E395ED00 ] ahcix86s C:\Windows\system32\drivers\ahcix86s.sys
18:19:18.0809 0x03f4 ahcix86s - ok
18:19:18.0852 0x03f4 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:19:18.0875 0x03f4 aic78xx - ok
18:19:18.0940 0x03f4 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
18:19:19.0073 0x03f4 ALG - ok
18:19:19.0110 0x03f4 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
18:19:19.0130 0x03f4 aliide - ok
18:19:19.0156 0x03f4 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:19:19.0195 0x03f4 amdagp - ok
18:19:19.0225 0x03f4 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
18:19:19.0268 0x03f4 amdide - ok
18:19:19.0307 0x03f4 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:19:19.0386 0x03f4 AmdK7 - ok
18:19:19.0407 0x03f4 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:19:19.0553 0x03f4 AmdK8 - ok
18:19:20.0068 0x03f4 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:19:20.0150 0x03f4 AntiVirSchedulerService - ok
18:19:20.0311 0x03f4 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:19:20.0352 0x03f4 AntiVirService - ok
18:19:20.0625 0x03f4 [ 48543D304F54C8997462208555662BA4, ADA3B62E6D1513FF24D044B03EFCBBD4268DB32C213F575D8AD3867D3F82B340 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:19:20.0821 0x03f4 AntiVirWebService - ok
18:19:20.0916 0x03f4 [ BEF294FFE5F40BE768BDCBE1837DFABE, A5EBC3289758E2E152BA1571BB288FA33D7E2D23FE715CB51D39992369FDFC19 ] APNMCP C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
18:19:20.0997 0x03f4 APNMCP - ok
18:19:21.0047 0x03f4 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
18:19:21.0132 0x03f4 Appinfo - ok
18:19:21.0217 0x03f4 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:19:21.0238 0x03f4 Apple Mobile Device - ok
18:19:21.0287 0x03f4 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
18:19:21.0349 0x03f4 arc - ok
18:19:21.0385 0x03f4 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:19:21.0408 0x03f4 arcsas - ok
18:19:21.0435 0x03f4 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:19:21.0551 0x03f4 AsyncMac - ok
18:19:21.0583 0x03f4 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
18:19:21.0598 0x03f4 atapi - ok
18:19:21.0657 0x03f4 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:19:21.0715 0x03f4 AudioEndpointBuilder - ok
18:19:21.0746 0x03f4 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:19:21.0780 0x03f4 Audiosrv - ok
18:19:21.0834 0x03f4 [ 9C7C45DE9E167F6268D32D6D10133F7D, 58005B49AE6D5CABB3ECEFF0D800F53D6E81A67B5EFE25E9374EC061FEC5601F ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
18:19:21.0876 0x03f4 Avgdiskx - ok
18:19:22.0099 0x03f4 [ F89B2DACE0FBE54CF65D12B7081C19C3, 64BBA5A29948ABFADB8865CE0D7D0259AB291B8DA04786AB351055D57B49D439 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
18:19:22.0539 0x03f4 AVGIDSAgent - ok
18:19:22.0604 0x03f4 [ C66B17D93F94622293608C2FB91C5806, 5BA6948A5328D73B1BAF6DACC7B2A842FD0072246DD416DE39F6993EAABC2997 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:19:22.0644 0x03f4 AVGIDSDriver - ok
18:19:22.0731 0x03f4 [ 0C70FAB4B08DC1FF6612AA3F352CFCA9, 6991B6A9E5063611C280968F758E6B0F431E19EB8539808531C6293A0F313C47 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
18:19:22.0808 0x03f4 AVGIDSHX - ok
18:19:22.0829 0x03f4 [ 4118A9D326A76D485713A36988102C3E, 10C494165258D091AB31533C37FA05C29013471D5B2D6BDA60F731715FA02248 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:19:22.0861 0x03f4 AVGIDSShim - ok
18:19:22.0921 0x03f4 [ 578ECC3D911897B2C5B760EDAF8ED6CA, 99CAACB349C8629D4BE6070BDBFB0BDB4A13ABFFF738F04D723D2AFE7EA58894 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
18:19:22.0967 0x03f4 Avgldx86 - ok
18:19:23.0059 0x03f4 [ BD1A440B9F126AFE52978A44952B0018, 83577249AACC3F0C655C27A471739113B2086BFC1FF15D0ED7E64B0215B739DB ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
18:19:23.0156 0x03f4 Avglogx - ok
18:19:23.0214 0x03f4 [ 7DC192EC714342E7C020C7CF42E394D8, 09F4CFFD93067E62B09C550A7A0588E90CAD190E49E1B7082FC5A949AF389781 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
18:19:23.0237 0x03f4 Avgmfx86 - ok
18:19:23.0313 0x03f4 [ 6B4362EDB2EB956DF594D9168D179972, 7E2F5E76C6885BB3D889726B240A4AC3394216C2884EE2088B2CD05F91571B19 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:19:23.0336 0x03f4 avgntflt - ok
18:19:23.0437 0x03f4 [ E6322DF686CE1C59D7797FAEF0732454, 03534F19568B421F9BE9C99A7A5302D38FCABA26E95C49A492DA49E58A918B55 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
18:19:23.0457 0x03f4 Avgrkx86 - ok
18:19:23.0518 0x03f4 [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
18:19:23.0568 0x03f4 Avgtdix - ok
18:19:23.0620 0x03f4 [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
18:19:23.0717 0x03f4 avgwd - ok
18:19:23.0792 0x03f4 [ C0F13672DEA7BDB40A89414AB0411705, 5B0C2391340BEE31CB6D8D7433786EDD48BBCD5D5737A539D4A0A54F37636720 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:19:23.0818 0x03f4 avipbb - ok
18:19:23.0857 0x03f4 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:19:23.0922 0x03f4 avkmgr - ok
18:19:23.0965 0x03f4 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
18:19:24.0052 0x03f4 Beep - ok
18:19:24.0107 0x03f4 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
18:19:24.0223 0x03f4 BFE - ok
18:19:24.0320 0x03f4 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
18:19:24.0438 0x03f4 BITS - ok
18:19:24.0491 0x03f4 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:19:24.0594 0x03f4 blbdrive - ok
18:19:24.0691 0x03f4 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:19:24.0740 0x03f4 Bonjour Service - ok
18:19:24.0772 0x03f4 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:19:24.0853 0x03f4 bowser - ok
18:19:24.0890 0x03f4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:19:24.0987 0x03f4 BrFiltLo - ok
18:19:25.0004 0x03f4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:19:25.0075 0x03f4 BrFiltUp - ok
18:19:25.0112 0x03f4 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
18:19:25.0172 0x03f4 Browser - ok
18:19:25.0194 0x03f4 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:19:25.0443 0x03f4 Brserid - ok
18:19:25.0512 0x03f4 [ 1A5FC78E41840EDF79D65EC16EFF2787, 05BC4C07C88ADDE6D7FF01B821DDB944EEEC8035AC1B6D780E39FDBD12FCA885 ] BrSerIf C:\Windows\system32\Drivers\BrSerIf.sys
18:19:25.0578 0x03f4 BrSerIf - ok
18:19:25.0617 0x03f4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:19:25.0716 0x03f4 BrSerWdm - ok
18:19:25.0731 0x03f4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:19:25.0824 0x03f4 BrUsbMdm - ok
18:19:25.0844 0x03f4 [ A24C7B39602218F8DBDB2B6704325FC7, B90A1BA412A33AD041A2CE47FBB73AE296AF07A2F3DF1F56D9FEE5B3B1E0BBD5 ] BrUsbSer C:\Windows\system32\Drivers\BrUsbSer.sys
18:19:25.0903 0x03f4 BrUsbSer - ok
18:19:25.0933 0x03f4 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:19:26.0029 0x03f4 BTHMODEM - ok
18:19:26.0183 0x03f4 catchme - ok
18:19:26.0225 0x03f4 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:19:26.0310 0x03f4 cdfs - ok
18:19:26.0357 0x03f4 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:19:26.0417 0x03f4 cdrom - ok
18:19:26.0499 0x03f4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
18:19:26.0542 0x03f4 CertPropSvc - ok
18:19:26.0581 0x03f4 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
18:19:26.0634 0x03f4 circlass - ok
18:19:26.0696 0x03f4 [ B53F9635457B56DCFFEF750E18AEC6CB, BAF6B8C8FAD040ED8E61209E9795C613C979B84C6B771FDED05B64BBEEB6A569 ] CLEDX C:\Windows\system32\DRIVERS\cledx.sys
18:19:26.0750 0x03f4 CLEDX - detected UnsignedFile.Multi.Generic ( 1 )
18:19:26.0932 0x03f4 Detect skipped due to KSN trusted
18:19:26.0932 0x03f4 CLEDX - ok
18:19:27.0001 0x03f4 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
18:19:27.0044 0x03f4 CLFS - ok
18:19:27.0097 0x03f4 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:27.0112 0x03f4 clr_optimization_v2.0.50727_32 - ok
18:19:27.0206 0x03f4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:27.0232 0x03f4 clr_optimization_v4.0.30319_32 - ok
18:19:27.0320 0x03f4 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:19:27.0380 0x03f4 CmBatt - ok
18:19:27.0400 0x03f4 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:19:27.0420 0x03f4 cmdide - ok
18:19:27.0438 0x03f4 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:19:27.0458 0x03f4 Compbatt - ok
18:19:27.0463 0x03f4 COMSysApp - ok
18:19:27.0468 0x03f4 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:19:27.0489 0x03f4 crcdisk - ok
18:19:27.0498 0x03f4 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:19:27.0580 0x03f4 Crusoe - ok
18:19:27.0629 0x03f4 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:19:27.0718 0x03f4 CryptSvc - ok
18:19:27.0772 0x03f4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:19:27.0888 0x03f4 DcomLaunch - ok
18:19:27.0950 0x03f4 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:19:28.0030 0x03f4 DfsC - ok
18:19:28.0182 0x03f4 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
18:19:28.0506 0x03f4 DFSR - ok
18:19:28.0556 0x03f4 [ 6CC6C4B9D7B906A151AA094CA087B9F0, 5D06DC2FCAF86C256792D541D5581AF5AFEDA247814E07C6017BEE92284CAA56 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:19:28.0603 0x03f4 dg_ssudbus - ok
18:19:28.0692 0x03f4 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:19:28.0737 0x03f4 Dhcp - ok
18:19:28.0770 0x03f4 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
18:19:28.0793 0x03f4 disk - ok
18:19:28.0828 0x03f4 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:19:28.0938 0x03f4 Dnscache - ok
18:19:28.0965 0x03f4 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
18:19:29.0000 0x03f4 dot3svc - ok
18:19:29.0056 0x03f4 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
18:19:29.0109 0x03f4 DPS - ok
18:19:29.0159 0x03f4 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:19:29.0217 0x03f4 drmkaud - ok
18:19:29.0285 0x03f4 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:19:29.0462 0x03f4 DXGKrnl - ok
18:19:29.0542 0x03f4 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:19:29.0581 0x03f4 E1G60 - ok
18:19:29.0626 0x03f4 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
18:19:29.0668 0x03f4 EapHost - ok
18:19:29.0719 0x03f4 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
18:19:29.0748 0x03f4 Ecache - ok
18:19:29.0816 0x03f4 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:19:29.0857 0x03f4 ehRecvr - ok
18:19:29.0880 0x03f4 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
18:19:29.0954 0x03f4 ehSched - ok
18:19:29.0963 0x03f4 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
18:19:29.0990 0x03f4 ehstart - ok
18:19:30.0047 0x03f4 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:19:30.0169 0x03f4 elxstor - ok
18:19:30.0237 0x03f4 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:19:30.0378 0x03f4 EMDMgmt - ok
18:19:30.0439 0x03f4 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:19:30.0486 0x03f4 ErrDev - ok
18:19:30.0546 0x03f4 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
18:19:30.0617 0x03f4 EventSystem - ok
18:19:30.0692 0x03f4 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
18:19:30.0805 0x03f4 exfat - ok
18:19:30.0837 0x03f4 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:19:30.0918 0x03f4 fastfat - ok
18:19:30.0965 0x03f4 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:19:31.0029 0x03f4 fdc - ok
18:19:31.0067 0x03f4 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
18:19:31.0097 0x03f4 fdPHost - ok
18:19:31.0116 0x03f4 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
18:19:31.0177 0x03f4 FDResPub - ok
18:19:31.0213 0x03f4 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:19:31.0292 0x03f4 FileInfo - ok
18:19:31.0311 0x03f4 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:19:31.0365 0x03f4 Filetrace - ok
18:19:31.0388 0x03f4 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:19:31.0459 0x03f4 flpydisk - ok
18:19:31.0498 0x03f4 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:19:31.0546 0x03f4 FltMgr - ok
18:19:31.0643 0x03f4 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
18:19:31.0828 0x03f4 FontCache - ok
18:19:31.0911 0x03f4 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:19:31.0925 0x03f4 FontCache3.0.0.0 - ok
18:19:31.0949 0x03f4 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:19:32.0060 0x03f4 Fs_Rec - ok
18:19:32.0103 0x03f4 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:19:32.0141 0x03f4 gagp30kx - ok
18:19:32.0197 0x03f4 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:19:32.0260 0x03f4 GEARAspiWDM - ok
18:19:32.0320 0x03f4 [ 9E6B5241CB0B11DDDDF162865041D193, 66F8984276E65A8607A5FA981FB48897B52C22BD629864B01470DAF78B0D5CE1 ] GpdDevDPort C:\Windows\system32\directport.sys
18:19:32.0369 0x03f4 GpdDevDPort - detected UnsignedFile.Multi.Generic ( 1 )
18:19:32.0640 0x03f4 GpdDevDPort ( UnsignedFile.Multi.Generic ) - warning
18:19:32.0640 0x03f4 Force sending object to P2P due to detect: C:\Windows\system32\directport.sys
18:19:52.0656 0x03f4 Object send P2P result: false
18:19:53.0305 0x03f4 [ E48C4E69E2126AAC01888C60CC6ED966, 46A5DE1BCEFA31A583770AB391EE2C940649CAF0A44557B479B1C34BF51D53CF ] GpdKbFilter C:\Windows\system32\kbfiltr.sys
18:19:53.0354 0x03f4 GpdKbFilter - detected UnsignedFile.Multi.Generic ( 1 )
18:19:55.0173 0x03f4 Detect skipped due to KSN trusted
18:19:55.0173 0x03f4 GpdKbFilter - ok
18:19:55.0240 0x03f4 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
18:19:55.0364 0x03f4 gpsvc - ok
18:19:55.0448 0x03f4 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:19:55.0566 0x03f4 HdAudAddService - ok
18:19:55.0624 0x03f4 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:19:55.0952 0x03f4 HDAudBus - ok
18:19:55.0991 0x03f4 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:19:56.0044 0x03f4 HidBth - ok
18:19:56.0068 0x03f4 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
18:19:56.0150 0x03f4 HidIr - ok
18:19:56.0176 0x03f4 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
18:19:56.0227 0x03f4 hidserv - ok
18:19:56.0262 0x03f4 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:19:56.0354 0x03f4 HidUsb - ok
18:19:56.0401 0x03f4 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
18:19:56.0434 0x03f4 hkmsvc - ok
18:19:56.0453 0x03f4 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:19:56.0501 0x03f4 HpCISSs - ok
18:19:56.0548 0x03f4 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:19:56.0667 0x03f4 HTTP - ok
18:19:56.0701 0x03f4 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:19:56.0721 0x03f4 i2omp - ok
18:19:56.0769 0x03f4 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:19:56.0834 0x03f4 i8042prt - ok
18:19:56.0925 0x03f4 [ E5A0034847537EAEE3C00349D5C34C5F, 3E0F99512CDFF0B628E2FF5B91BB371CDEF65201B03C53182C97DDE34E26E04C ] iaStor C:\Windows\system32\drivers\iastor.sys
18:19:56.0977 0x03f4 iaStor - ok
18:19:57.0002 0x03f4 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:19:57.0042 0x03f4 iaStorV - ok
18:19:57.0135 0x03f4 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:19:57.0195 0x03f4 idsvc - ok
18:19:57.0215 0x03f4 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:19:57.0236 0x03f4 iirsp - ok
18:19:57.0293 0x03f4 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
18:19:57.0348 0x03f4 IKEEXT - ok
18:19:57.0503 0x03f4 [ 2DEB2538C9372568BB67B5FDF2359790, 3F19414B12B5C8F361F9273E380D8C53938F344FAFB8C6517D4421755A3A994B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:19:57.0784 0x03f4 IntcAzAudAddService - ok
18:19:57.0830 0x03f4 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
18:19:57.0850 0x03f4 intelide - ok
18:19:57.0900 0x03f4 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:19:57.0955 0x03f4 intelppm - ok
18:19:58.0003 0x03f4 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:19:58.0054 0x03f4 IPBusEnum - ok
18:19:58.0074 0x03f4 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:19:58.0140 0x03f4 IpFilterDriver - ok
18:19:58.0180 0x03f4 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:19:58.0265 0x03f4 iphlpsvc - ok
18:19:58.0269 0x03f4 IpInIp - ok
18:19:58.0289 0x03f4 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:19:58.0374 0x03f4 IPMIDRV - ok
18:19:58.0396 0x03f4 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:19:58.0453 0x03f4 IPNAT - ok
18:19:58.0518 0x03f4 [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:19:58.0585 0x03f4 iPod Service - ok
18:19:58.0601 0x03f4 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:19:58.0660 0x03f4 IRENUM - ok
18:19:58.0681 0x03f4 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:19:58.0703 0x03f4 isapnp - ok
18:19:58.0737 0x03f4 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:19:58.0768 0x03f4 iScsiPrt - ok
18:19:58.0796 0x03f4 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:19:58.0816 0x03f4 iteatapi - ok
18:19:58.0824 0x03f4 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:19:58.0866 0x03f4 iteraid - ok
18:19:58.0895 0x03f4 [ C36F3A1A4E8416EF43F30DEAB7701730, 26A151FE87E1AFD18F7A88553E41E27DD3087721974C2B44621629D9029C4D29 ] JRAID C:\Windows\system32\drivers\jraid.sys
18:19:59.0000 0x03f4 JRAID - ok
18:19:59.0039 0x03f4 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:19:59.0080 0x03f4 kbdclass - ok
18:19:59.0112 0x03f4 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:19:59.0186 0x03f4 kbdhid - ok
18:19:59.0226 0x03f4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
18:19:59.0300 0x03f4 KeyIso - ok
18:19:59.0344 0x03f4 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:19:59.0422 0x03f4 KSecDD - ok
18:19:59.0474 0x03f4 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:19:59.0615 0x03f4 KtmRm - ok
18:19:59.0652 0x03f4 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
18:19:59.0727 0x03f4 LanmanServer - ok
18:19:59.0786 0x03f4 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:19:59.0848 0x03f4 LanmanWorkstation - ok
18:19:59.0893 0x03f4 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:19:59.0950 0x03f4 lltdio - ok
18:19:59.0989 0x03f4 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:20:00.0062 0x03f4 lltdsvc - ok
18:20:00.0082 0x03f4 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:20:00.0144 0x03f4 lmhosts - ok
18:20:00.0161 0x03f4 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:20:00.0227 0x03f4 LSI_FC - ok
18:20:00.0255 0x03f4 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:20:00.0280 0x03f4 LSI_SAS - ok
18:20:00.0336 0x03f4 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:20:00.0380 0x03f4 LSI_SCSI - ok
18:20:00.0400 0x03f4 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
18:20:00.0457 0x03f4 luafv - ok
18:20:00.0506 0x03f4 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:20:00.0551 0x03f4 MBAMProtector - ok
18:20:00.0618 0x03f4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:20:00.0669 0x03f4 MBAMScheduler - ok
18:20:00.0739 0x03f4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:20:00.0820 0x03f4 MBAMService - ok
18:20:00.0846 0x03f4 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:20:00.0895 0x03f4 Mcx2Svc - ok
18:20:00.0922 0x03f4 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
18:20:00.0961 0x03f4 megasas - ok
18:20:01.0006 0x03f4 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:20:01.0095 0x03f4 MegaSR - ok
18:20:01.0116 0x03f4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
18:20:01.0147 0x03f4 MMCSS - ok
18:20:01.0166 0x03f4 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
18:20:01.0267 0x03f4 Modem - ok
18:20:01.0282 0x03f4 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:20:01.0356 0x03f4 monitor - ok
18:20:01.0389 0x03f4 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:20:01.0451 0x03f4 mouclass - ok
18:20:01.0469 0x03f4 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:20:01.0531 0x03f4 mouhid - ok
18:20:01.0554 0x03f4 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:20:01.0577 0x03f4 MountMgr - ok
18:20:01.0615 0x03f4 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:20:01.0643 0x03f4 MozillaMaintenance - ok
18:20:01.0681 0x03f4 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:20:01.0723 0x03f4 mpio - ok
18:20:01.0746 0x03f4 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:20:01.0789 0x03f4 mpsdrv - ok
18:20:01.0857 0x03f4 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:20:01.0919 0x03f4 MpsSvc - ok
18:20:01.0933 0x03f4 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:20:01.0953 0x03f4 Mraid35x - ok
18:20:01.0982 0x03f4 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:20:02.0029 0x03f4 MRxDAV - ok
18:20:02.0063 0x03f4 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:02.0124 0x03f4 mrxsmb - ok
18:20:02.0149 0x03f4 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:02.0200 0x03f4 mrxsmb10 - ok
18:20:02.0227 0x03f4 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:02.0270 0x03f4 mrxsmb20 - ok
18:20:02.0321 0x03f4 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
18:20:02.0363 0x03f4 msahci - ok
18:20:02.0388 0x03f4 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:20:02.0442 0x03f4 msdsm - ok
18:20:02.0473 0x03f4 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
18:20:02.0550 0x03f4 MSDTC - ok
18:20:02.0586 0x03f4 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:20:02.0661 0x03f4 Msfs - ok
18:20:02.0703 0x03f4 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:20:02.0734 0x03f4 msisadrv - ok
18:20:02.0774 0x03f4 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:20:02.0839 0x03f4 MSiSCSI - ok
18:20:02.0843 0x03f4 msiserver - ok
18:20:02.0862 0x03f4 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:20:02.0911 0x03f4 MSKSSRV - ok
18:20:02.0947 0x03f4 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:03.0013 0x03f4 MSPCLOCK - ok
18:20:03.0071 0x03f4 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:20:03.0120 0x03f4 MSPQM - ok
18:20:03.0198 0x03f4 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:20:03.0265 0x03f4 MsRPC - ok
18:20:03.0317 0x03f4 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:20:03.0338 0x03f4 mssmbios - ok
18:20:03.0346 0x03f4 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:20:03.0415 0x03f4 MSTEE - ok
18:20:03.0434 0x03f4 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
18:20:03.0458 0x03f4 Mup - ok
18:20:03.0498 0x03f4 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
18:20:03.0535 0x03f4 napagent - ok
18:20:03.0579 0x03f4 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:20:03.0627 0x03f4 NativeWifiP - ok
18:20:03.0675 0x03f4 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:20:03.0747 0x03f4 NDIS - ok
18:20:03.0806 0x03f4 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:03.0875 0x03f4 NdisTapi - ok
18:20:03.0890 0x03f4 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:03.0953 0x03f4 Ndisuio - ok
18:20:03.0998 0x03f4 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:04.0033 0x03f4 NdisWan - ok
18:20:04.0053 0x03f4 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:20:04.0102 0x03f4 NDProxy - ok
18:20:04.0230 0x03f4 [ B044BB341E164DA6750A9B8E6A5FF6A1, 5E5CB4713BA20971CD09D176CBBE8857EB21A032CAC02A9042E88E5DD15B44D3 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
18:20:04.0415 0x03f4 Nero BackItUp Scheduler 3 - ok
18:20:04.0444 0x03f4 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:20:04.0494 0x03f4 NetBIOS - ok
18:20:04.0533 0x03f4 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:20:04.0623 0x03f4 netbt - ok
18:20:04.0640 0x03f4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
18:20:04.0658 0x03f4 Netlogon - ok
18:20:04.0714 0x03f4 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
18:20:04.0783 0x03f4 Netman - ok
18:20:04.0812 0x03f4 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
18:20:04.0932 0x03f4 netprofm - ok
18:20:04.0958 0x03f4 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:20:04.0974 0x03f4 NetTcpPortSharing - ok
18:20:05.0180 0x03f4 [ 840D89327C45B0CB9E1AB130249046E2, 13B937BAB596141000C554B9BB6753E7358ED42B3367B496D1777B9B74F6CEF8 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
18:20:05.0824 0x03f4 NETw5v32 - ok
18:20:05.0917 0x03f4 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:20:05.0938 0x03f4 nfrd960 - ok
18:20:05.0993 0x03f4 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
18:20:06.0031 0x03f4 NlaSvc - ok
18:20:06.0123 0x03f4 [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
18:20:06.0222 0x03f4 NMIndexingService - ok
18:20:06.0256 0x03f4 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:20:06.0314 0x03f4 Npfs - ok
18:20:06.0387 0x03f4 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
18:20:06.0418 0x03f4 nsi - ok
18:20:06.0467 0x03f4 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:20:06.0536 0x03f4 nsiproxy - ok
18:20:06.0641 0x03f4 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:20:06.0842 0x03f4 Ntfs - ok
18:20:06.0890 0x03f4 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:20:06.0995 0x03f4 ntrigdigi - ok
18:20:07.0019 0x03f4 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
18:20:07.0072 0x03f4 Null - ok
18:20:07.0420 0x03f4 [ CEF89AD9AAABF89C9C36C65ADC62F1ED, A0BC68D32482EB674E6081673951FF53A780759215BED5E9DDC84E1DFC1B9FED ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:20:08.0412 0x03f4 nvlddmkm - ok
18:20:08.0472 0x03f4 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:20:08.0518 0x03f4 nvraid - ok
18:20:08.0541 0x03f4 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:20:08.0562 0x03f4 nvstor - ok
18:20:08.0603 0x03f4 [ CC0AA0355DED3D34B7D975B6815CF30A, E9B0E33E0965B47BDE22545C6886DEE036012E4A6A7FCF7B7FE46ADE142769F4 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:20:08.0662 0x03f4 nvsvc - ok
18:20:08.0680 0x03f4 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:20:08.0724 0x03f4 nv_agp - ok
18:20:08.0732 0x03f4 NwlnkFlt - ok
18:20:08.0737 0x03f4 NwlnkFwd - ok
18:20:08.0905 0x03f4 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:20:09.0004 0x03f4 odserv - ok
18:20:09.0059 0x03f4 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:20:09.0129 0x03f4 ohci1394 - ok
18:20:09.0166 0x03f4 [ B7EDD9FD6387802DFAA795372AECF212, 53E8EACC9CD678BC4FFBD22A0F463A7834B1E68D2741518C65CC8883757CD912 ] OsdService C:\Program Files\OEM\OSD_1.12\OsdService.exe
18:20:09.0249 0x03f4 OsdService - detected UnsignedFile.Multi.Generic ( 1 )
18:20:19.0250 0x03f4 OsdService ( UnsignedFile.Multi.Generic ) - warning
18:20:20.0484 0x03f4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:20:20.0535 0x03f4 ose - ok
18:20:20.0588 0x03f4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:20:20.0693 0x03f4 p2pimsvc - ok
18:20:20.0716 0x03f4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
18:20:20.0788 0x03f4 p2psvc - ok
18:20:20.0855 0x03f4 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
18:20:20.0928 0x03f4 Parport - ok
18:20:20.0954 0x03f4 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:20:20.0998 0x03f4 partmgr - ok
18:20:21.0046 0x03f4 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:20:21.0151 0x03f4 Parvdm - ok
18:20:21.0192 0x03f4 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
18:20:21.0253 0x03f4 PcaSvc - ok
18:20:21.0293 0x03f4 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
18:20:21.0361 0x03f4 pci - ok
18:20:21.0384 0x03f4 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
18:20:21.0419 0x03f4 pciide - ok
18:20:21.0448 0x03f4 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:20:21.0476 0x03f4 pcmcia - ok
18:20:21.0608 0x03f4 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
18:20:21.0765 0x03f4 PDF Architect Helper Service - ok
18:20:21.0815 0x03f4 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
18:20:21.0965 0x03f4 PDF Architect Service - ok
18:20:22.0059 0x03f4 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:20:22.0226 0x03f4 PEAUTH - ok
18:20:22.0320 0x03f4 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
18:20:22.0445 0x03f4 pla - ok
18:20:22.0469 0x03f4 [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
18:20:22.0534 0x03f4 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic ( 1 )
18:20:22.0710 0x03f4 Detect skipped due to KSN trusted
18:20:22.0710 0x03f4 PLFlash DeviceIoControl Service - ok
18:20:22.0807 0x03f4 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:20:22.0883 0x03f4 PlugPlay - ok
18:20:22.0934 0x03f4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:20:23.0050 0x03f4 PNRPAutoReg - ok
18:20:23.0111 0x03f4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:20:23.0152 0x03f4 PNRPsvc - ok
18:20:23.0198 0x03f4 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:20:23.0343 0x03f4 PolicyAgent - ok
18:20:23.0397 0x03f4 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:20:23.0456 0x03f4 PptpMiniport - ok
18:20:23.0532 0x03f4 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
18:20:23.0591 0x03f4 Processor - ok
18:20:23.0634 0x03f4 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
18:20:23.0666 0x03f4 ProfSvc - ok
18:20:23.0674 0x03f4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:23.0702 0x03f4 ProtectedStorage - ok
18:20:23.0724 0x03f4 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:20:23.0769 0x03f4 PSched - ok
18:20:23.0831 0x03f4 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:20:23.0852 0x03f4 PxHelp20 - ok
18:20:23.0933 0x03f4 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:20:24.0100 0x03f4 ql2300 - ok
18:20:24.0129 0x03f4 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:20:24.0171 0x03f4 ql40xx - ok
18:20:24.0209 0x03f4 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
18:20:24.0265 0x03f4 QWAVE - ok
18:20:24.0288 0x03f4 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:20:24.0326 0x03f4 QWAVEdrv - ok
18:20:24.0347 0x03f4 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:20:24.0420 0x03f4 RasAcd - ok
18:20:24.0443 0x03f4 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
18:20:24.0583 0x03f4 RasAuto - ok
18:20:24.0629 0x03f4 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:24.0683 0x03f4 Rasl2tp - ok
18:20:24.0757 0x03f4 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
18:20:24.0805 0x03f4 RasMan - ok
18:20:24.0835 0x03f4 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:24.0888 0x03f4 RasPppoe - ok
18:20:24.0928 0x03f4 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:20:24.0964 0x03f4 RasSstp - ok
18:20:25.0016 0x03f4 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:20:25.0084 0x03f4 rdbss - ok
18:20:25.0113 0x03f4 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:25.0205 0x03f4 RDPCDD - ok
18:20:25.0235 0x03f4 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:20:25.0341 0x03f4 rdpdr - ok
18:20:25.0379 0x03f4 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:20:25.0702 0x03f4 RDPENCDD - ok
18:20:25.0796 0x03f4 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:20:25.0890 0x03f4 RDPWD - ok
18:20:25.0960 0x03f4 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
18:20:26.0025 0x03f4 RemoteAccess - ok
18:20:26.0062 0x03f4 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:20:26.0123 0x03f4 RemoteRegistry - ok
18:20:26.0151 0x03f4 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
18:20:26.0214 0x03f4 RpcLocator - ok
18:20:26.0250 0x03f4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
18:20:26.0322 0x03f4 RpcSs - ok
18:20:26.0365 0x03f4 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:20:26.0462 0x03f4 rspndr - ok
18:20:26.0518 0x03f4 [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
18:20:26.0601 0x03f4 RTL8169 - ok
18:20:26.0696 0x03f4 [ 93F66FAEA8BF047D4242AC85AADA403D, EAC5EA048B255EA255E120FD8FCF6BC682843E08A57838FB731050A7B9B9EDCC ] RVIEG01 C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
18:20:26.0747 0x03f4 RVIEG01 - detected UnsignedFile.Multi.Generic ( 1 )
18:20:26.0934 0x03f4 Detect skipped due to KSN trusted
18:20:26.0934 0x03f4 RVIEG01 - ok
18:20:26.0992 0x03f4 [ 3C74D9FDB1D9831EC932E89F3D874F00, 193577197D2EE5E91A282B8DF945A1A5459C4D44F8C93F7FD5D67801BEEF988B ] RVIEGVST C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
18:20:27.0061 0x03f4 RVIEGVST - detected UnsignedFile.Multi.Generic ( 1 )
18:20:27.0257 0x03f4 RVIEGVST ( UnsignedFile.Multi.Generic ) - warning
18:20:27.0257 0x03f4 Force sending object to P2P due to detect: C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
18:20:34.0238 0x03f4 Object send P2P result: true
18:20:34.0413 0x03f4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
18:20:34.0432 0x03f4 SamSs - ok
18:20:34.0448 0x03f4 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:20:34.0471 0x03f4 sbp2port - ok
18:20:34.0511 0x03f4 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:20:34.0541 0x03f4 SCardSvr - ok
18:20:34.0591 0x03f4 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
18:20:34.0682 0x03f4 Schedule - ok
18:20:34.0739 0x03f4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
18:20:34.0764 0x03f4 SCPolicySvc - ok
18:20:34.0789 0x03f4 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:20:34.0850 0x03f4 SDRSVC - ok
18:20:34.0899 0x03f4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:20:34.0966 0x03f4 secdrv - ok
18:20:34.0985 0x03f4 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
18:20:35.0049 0x03f4 seclogon - ok
18:20:35.0088 0x03f4 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
18:20:35.0153 0x03f4 SENS - ok
18:20:35.0175 0x03f4 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:20:35.0243 0x03f4 Serenum - ok
18:20:35.0276 0x03f4 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
18:20:35.0334 0x03f4 Serial - ok
18:20:35.0369 0x03f4 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:20:35.0419 0x03f4 sermouse - ok
18:20:35.0457 0x03f4 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
18:20:35.0514 0x03f4 SessionEnv - ok
18:20:35.0530 0x03f4 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:20:35.0588 0x03f4 sffdisk - ok
18:20:35.0610 0x03f4 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:20:35.0661 0x03f4 sffp_mmc - ok
18:20:35.0685 0x03f4 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:20:35.0746 0x03f4 sffp_sd - ok
18:20:35.0775 0x03f4 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6, 490C29DC9E9FE8D5010E6DB18DE7DA808BCE84F014CFDEE0530735CBED788073 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:20:35.0835 0x03f4 sfloppy - ok
18:20:35.0878 0x03f4 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:20:35.0925 0x03f4 SharedAccess - ok
18:20:35.0989 0x03f4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:20:36.0135 0x03f4 ShellHWDetection - ok
18:20:36.0276 0x03f4 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:20:36.0395 0x03f4 sisagp - ok
18:20:36.0419 0x03f4 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:20:36.0456 0x03f4 SiSRaid2 - ok
18:20:36.0475 0x03f4 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:20:36.0518 0x03f4 SiSRaid4 - ok
18:20:36.0615 0x03f4 [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:20:36.0720 0x03f4 SkypeUpdate - ok
18:20:36.0904 0x03f4 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
18:20:37.0312 0x03f4 slsvc - ok
18:20:37.0555 0x03f4 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:20:37.0636 0x03f4 SLUINotify - ok
18:20:37.0714 0x03f4 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:20:38.0042 0x03f4 Smb - ok
18:20:38.0073 0x03f4 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:20:38.0102 0x03f4 SNMPTRAP - ok
18:20:38.0134 0x03f4 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
18:20:38.0167 0x03f4 spldr - ok
18:20:38.0198 0x03f4 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
18:20:38.0245 0x03f4 Spooler - ok
18:20:38.0289 0x03f4 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
18:20:38.0417 0x03f4 srv - ok
18:20:38.0489 0x03f4 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:20:38.0581 0x03f4 srv2 - ok
18:20:38.0641 0x03f4 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:20:38.0724 0x03f4 srvnet - ok
18:20:38.0817 0x03f4 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:20:38.0905 0x03f4 SSDPSRV - ok
18:20:38.0960 0x03f4 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
18:20:39.0017 0x03f4 ssmdrv - ok
18:20:39.0082 0x03f4 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:20:39.0133 0x03f4 SstpSvc - ok
18:20:39.0186 0x03f4 Steam Client Service - ok
18:20:39.0238 0x03f4 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
18:20:39.0511 0x03f4 stisvc - ok
18:20:39.0573 0x03f4 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:20:39.0605 0x03f4 swenum - ok
18:20:39.0716 0x03f4 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
18:20:39.0776 0x03f4 swprv - ok
18:20:39.0836 0x03f4 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:20:39.0944 0x03f4 Symc8xx - ok
18:20:40.0000 0x03f4 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:20:40.0057 0x03f4 Sym_hi - ok
18:20:40.0088 0x03f4 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:20:40.0139 0x03f4 Sym_u3 - ok
18:20:40.0189 0x03f4 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
18:20:40.0311 0x03f4 SysMain - ok
18:20:40.0349 0x03f4 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:20:40.0387 0x03f4 TabletInputService - ok
18:20:40.0456 0x03f4 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:20:40.0544 0x03f4 TapiSrv - ok
18:20:40.0564 0x03f4 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
18:20:40.0622 0x03f4 TBS - ok
18:20:40.0727 0x03f4 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:20:40.0913 0x03f4 Tcpip - ok
18:20:40.0949 0x03f4 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:20:41.0045 0x03f4 Tcpip6 - ok
18:20:41.0096 0x03f4 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:20:41.0252 0x03f4 tcpipreg - ok
18:20:41.0336 0x03f4 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:20:41.0387 0x03f4 TDPIPE - ok
18:20:41.0404 0x03f4 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:20:41.0510 0x03f4 TDTCP - ok
18:20:41.0588 0x03f4 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:20:41.0667 0x03f4 tdx - ok
18:20:41.0690 0x03f4 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:20:41.0718 0x03f4 TermDD - ok
18:20:41.0744 0x03f4 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
18:20:41.0833 0x03f4 TermService - ok
18:20:41.0947 0x03f4 [ 250B9120C7C103AFDC0C6643F9691055, 63E6CD6E92DAB86A07AED8C4E1C3955C818C0E6E60A33A18EF58DDEC06767B4C ] TestHandler C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
18:20:42.0013 0x03f4 TestHandler - detected UnsignedFile.Multi.Generic ( 1 )
18:20:42.0189 0x03f4 Detect skipped due to KSN trusted
18:20:42.0189 0x03f4 TestHandler - ok
18:20:42.0229 0x03f4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
18:20:42.0294 0x03f4 Themes - ok
18:20:42.0328 0x03f4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
18:20:42.0360 0x03f4 THREADORDER - ok
18:20:42.0414 0x03f4 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
18:20:42.0482 0x03f4 TrkWks - ok
18:20:42.0541 0x03f4 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:20:42.0567 0x03f4 TrustedInstaller - ok
18:20:42.0608 0x03f4 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:20:42.0711 0x03f4 tssecsrv - ok
18:20:42.0752 0x03f4 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:20:42.0846 0x03f4 tunmp - ok
18:20:42.0871 0x03f4 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:20:42.0941 0x03f4 tunnel - ok
18:20:42.0964 0x03f4 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:20:43.0017 0x03f4 uagp35 - ok
18:20:43.0054 0x03f4 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:20:43.0100 0x03f4 udfs - ok
18:20:43.0152 0x03f4 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:20:43.0186 0x03f4 UI0Detect - ok
18:20:43.0207 0x03f4 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:20:43.0229 0x03f4 uliagpkx - ok
18:20:43.0263 0x03f4 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:20:43.0325 0x03f4 uliahci - ok
18:20:43.0387 0x03f4 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:20:43.0429 0x03f4 UlSata - ok
18:20:43.0454 0x03f4 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:20:43.0478 0x03f4 ulsata2 - ok
18:20:43.0498 0x03f4 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:20:43.0556 0x03f4 umbus - ok
18:20:43.0592 0x03f4 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
18:20:43.0634 0x03f4 upnphost - ok
18:20:43.0676 0x03f4 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:20:43.0744 0x03f4 USBAAPL - ok
18:20:43.0782 0x03f4 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:20:43.0839 0x03f4 usbaudio - ok
18:20:43.0887 0x03f4 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:20:43.0947 0x03f4 usbccgp - ok
18:20:43.0970 0x03f4 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:20:44.0057 0x03f4 usbcir - ok
18:20:44.0127 0x03f4 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:20:44.0149 0x03f4 usbehci - ok
18:20:44.0180 0x03f4 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:20:44.0247 0x03f4 usbhub - ok
18:20:44.0267 0x03f4 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:20:44.0335 0x03f4 usbohci - ok
18:20:44.0370 0x03f4 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:20:44.0440 0x03f4 usbprint - ok
18:20:44.0482 0x03f4 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:20:44.0544 0x03f4 usbscan - ok
18:20:44.0582 0x03f4 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:20:44.0614 0x03f4 USBSTOR - ok
18:20:44.0640 0x03f4 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:20:44.0662 0x03f4 usbuhci - ok
18:20:44.0703 0x03f4 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:20:44.0759 0x03f4 usbvideo - ok
18:20:44.0808 0x03f4 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
18:20:44.0893 0x03f4 UxSms - ok
18:20:44.0929 0x03f4 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
18:20:44.0984 0x03f4 vds - ok
18:20:45.0087 0x03f4 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:20:45.0123 0x03f4 vga - ok
18:20:45.0154 0x03f4 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:20:45.0204 0x03f4 VgaSave - ok
18:20:45.0218 0x03f4 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:20:45.0260 0x03f4 viaagp - ok
18:20:45.0286 0x03f4 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:20:45.0324 0x03f4 ViaC7 - ok
18:20:45.0342 0x03f4 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
18:20:45.0379 0x03f4 viaide - ok
18:20:45.0401 0x03f4 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:20:45.0423 0x03f4 volmgr - ok
18:20:45.0461 0x03f4 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:20:45.0509 0x03f4 volmgrx - ok
18:20:45.0542 0x03f4 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:20:45.0576 0x03f4 volsnap - ok
18:20:45.0599 0x03f4 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:20:45.0624 0x03f4 vsmraid - ok
18:20:45.0845 0x03f4 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
18:20:46.0016 0x03f4 VSS - ok
18:20:46.0079 0x03f4 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
18:20:46.0169 0x03f4 W32Time - ok
18:20:46.0206 0x03f4 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:20:46.0310 0x03f4 WacomPen - ok
18:20:46.0365 0x03f4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:20:46.0437 0x03f4 Wanarp - ok
18:20:46.0448 0x03f4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:20:46.0490 0x03f4 Wanarpv6 - ok
18:20:46.0533 0x03f4 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:20:46.0609 0x03f4 wcncsvc - ok
18:20:46.0656 0x03f4 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:20:46.0726 0x03f4 WcsPlugInService - ok
18:20:46.0761 0x03f4 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
18:20:46.0805 0x03f4 Wd - ok
18:20:46.0892 0x03f4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:20:46.0970 0x03f4 Wdf01000 - ok
18:20:46.0995 0x03f4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:20:47.0048 0x03f4 WdiServiceHost - ok
18:20:47.0059 0x03f4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:20:47.0128 0x03f4 WdiSystemHost - ok
18:20:47.0175 0x03f4 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
18:20:47.0220 0x03f4 WebClient - ok
18:20:47.0258 0x03f4 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:20:47.0331 0x03f4 Wecsvc - ok
18:20:47.0416 0x03f4 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:20:47.0461 0x03f4 wercplsupport - ok
18:20:47.0504 0x03f4 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
18:20:47.0569 0x03f4 WerSvc - ok
18:20:47.0701 0x03f4 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:20:47.0771 0x03f4 WinDefend - ok
18:20:47.0777 0x03f4 WinHttpAutoProxySvc - ok
18:20:47.0840 0x03f4 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:20:47.0890 0x03f4 Winmgmt - ok
18:20:47.0971 0x03f4 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
18:20:48.0158 0x03f4 WinRM - ok
18:20:48.0221 0x03f4 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:20:48.0328 0x03f4 Wlansvc - ok
18:20:48.0367 0x03f4 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:20:48.0412 0x03f4 WmiAcpi - ok
18:20:48.0447 0x03f4 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:20:48.0497 0x03f4 wmiApSrv - ok
18:20:48.0679 0x03f4 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:20:48.0822 0x03f4 WMPNetworkSvc - ok
18:20:48.0894 0x03f4 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:20:48.0985 0x03f4 WPCSvc - ok
18:20:49.0065 0x03f4 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:20:49.0103 0x03f4 WPDBusEnum - ok
18:20:49.0186 0x03f4 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:20:49.0245 0x03f4 WpdUsb - ok
18:20:49.0373 0x03f4 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:20:49.0473 0x03f4 WPFFontCache_v0400 - ok
18:20:49.0487 0x03f4 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:20:49.0530 0x03f4 ws2ifsl - ok
18:20:49.0583 0x03f4 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
18:20:49.0606 0x03f4 wscsvc - ok
18:20:49.0612 0x03f4 WSearch - ok
18:20:49.0734 0x03f4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
18:20:49.0920 0x03f4 wuauserv - ok
18:20:49.0979 0x03f4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:20:50.0008 0x03f4 WudfPf - ok
18:20:50.0045 0x03f4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:20:50.0097 0x03f4 WUDFRd - ok
18:20:50.0149 0x03f4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:20:50.0173 0x03f4 wudfsvc - ok
18:20:50.0190 0x03f4 ================ Scan global ===============================
18:20:50.0223 0x03f4 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
18:20:50.0287 0x03f4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:20:50.0339 0x03f4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:20:50.0396 0x03f4 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
18:20:50.0408 0x03f4 [ Global ] - ok
18:20:50.0409 0x03f4 ================ Scan MBR ==================================
18:20:50.0428 0x03f4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:20:51.0145 0x03f4 \Device\Harddisk0\DR0 - ok
18:20:51.0148 0x03f4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:20:51.0559 0x03f4 \Device\Harddisk1\DR1 - ok
18:20:51.0560 0x03f4 ================ Scan VBR ==================================
18:20:51.0587 0x03f4 [ 475F109F98C97AD8B988A9DFE2889F3C ] \Device\Harddisk0\DR0\Partition1
18:20:51.0589 0x03f4 \Device\Harddisk0\DR0\Partition1 - ok
18:20:51.0613 0x03f4 [ 2E8119675E5F4A5D83E35072BAE43E85 ] \Device\Harddisk0\DR0\Partition2
18:20:51.0616 0x03f4 \Device\Harddisk0\DR0\Partition2 - ok
18:20:51.0619 0x03f4 [ 7D307B81C9F87F79DB5EEF5803D40BC8 ] \Device\Harddisk1\DR1\Partition1
18:20:51.0620 0x03f4 \Device\Harddisk1\DR1\Partition1 - ok
18:20:51.0624 0x03f4 [ 78C08141051E0F66FA900D339D2AFCCA ] \Device\Harddisk1\DR1\Partition2
18:20:51.0626 0x03f4 \Device\Harddisk1\DR1\Partition2 - ok
18:20:51.0627 0x03f4 Waiting for KSN requests completion. In queue: 121
18:20:52.0930 0x03f4 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
18:20:52.0967 0x03f4 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x40000 ( disabled : updated )
18:20:53.0057 0x03f4 Win FW state via NFP2: enabled
18:20:53.0517 0x03f4 ============================================================
18:20:53.0517 0x03f4 Scan finished
18:20:53.0517 0x03f4 ============================================================
18:20:53.0531 0x15c4 Detected object count: 3
18:20:53.0531 0x15c4 Actual detected object count: 3
18:21:09.0849 0x15c4 GpdDevDPort ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:09.0849 0x15c4 GpdDevDPort ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:09.0849 0x15c4 OsdService ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:09.0849 0x15c4 OsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:09.0849 0x15c4 RVIEGVST ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:09.0849 0x15c4 RVIEGVST ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
09.12.2013, 09:47
| #19 |
| /// the machine /// TB-Ausbilder | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Vista DVD da?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.12.2013, 22:18
| #20 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Nein, aber ich kann eine Recovery DVD mit einem vorinstallierten Programm erstellen. Soll ich Vista neu installieren? Bringt es nichts, wenn ich mit dem ESET-Programm ein paar Sachen bereinige? Das hatte, glaube ich 9 Bedrohungen entdeckt. Grüße Richard |
|
10.12.2013, 12:02
| #21 |
| /// the machine /// TB-Ausbilder | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Nee wir müssen einfach nur von aussen den MBR neu schreiben. Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
__________________ --> Win Vista: Avira meldet 'BOO/TDss.O' gefunden |
|
10.12.2013, 15:02
| #22 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefundenCode:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-10 14:23:33
-----------------------------
14:23:33.526 OS Version: Windows 6.0.6002 Service Pack 2
14:23:33.526 Number of processors: 2 586 0x1706
14:23:33.530 ComputerName: RICHARD-PC UserName: Richard
14:23:34.741 Initialize success
14:25:28.723 AVAST engine defs: 13120902
14:27:07.891 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:27:07.893 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
14:27:07.983 Disk 0 MBR read successfully
14:27:07.986 Disk 0 MBR scan
14:27:08.016 Disk 0 Windows VISTA default MBR code
14:27:08.031 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9000 MB offset 2048
14:27:08.086 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 96419 MB offset 18434048
14:27:08.112 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 199824 MB offset 215900160
14:27:08.158 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 0 MB offset 625140400
14:27:08.583 Disk 0 scanning sectors +625142432
14:27:10.050 Disk 0 scanning C:\Windows\system32\drivers
14:27:29.811 Service scanning
14:27:57.817 Modules scanning
14:28:04.362 Disk 0 trace - called modules:
14:28:04.381 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
14:28:04.386 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864d4370]
14:28:04.391 3 CLASSPNP.SYS[8aba08b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84bd8b98]
14:28:05.447 AVAST engine scan C:\Windows
14:28:10.529 AVAST engine scan C:\Windows\system32
14:33:55.857 AVAST engine scan C:\Windows\system32\drivers
14:34:12.485 AVAST engine scan C:\Users\Richard
14:43:38.477 AVAST engine scan C:\ProgramData
14:47:57.706 Scan finished successfully
15:00:57.277 Disk 0 MBR has been saved successfully to "C:\Users\Richard\Desktop\MBR.dat"
15:00:57.282 The log file has been saved successfully to "C:\Users\Richard\Desktop\aswMBR.txt"
|
|
10.12.2013, 15:06
| #23 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Hallo! Anbei findest du die gezippte emsi. Grüße Richard |
|
10.12.2013, 15:06
| #24 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefundenCode:
ATTFilter Detected Windows version: 6.0 Build 6002 Service Pack 2
Installing direct disk access driver ...
Driver connection handle: 0x000000D4
1 valid drive(s) found.
Details for Disk 0 - WDC WD3200BEVT-22ZCT0 Rev 11.01A11:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 38913/255/63
Boot loader reputation : Known Good (Windows Vista)
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : 8DF43F2BDE2D9451948FA14B5279969C777A7979
MD5 : 5C616939100B85E558DA92B899A0FC36
|
|
11.12.2013, 09:19
| #25 |
| /// the machine /// TB-Ausbilder | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Alles sauber. Meldung kommt immer noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.12.2013, 11:32
| #26 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefunden ja, die meldung erscheint leider immer noch. ich habe AVG und Avira installiert. Macht das Sinn? Viele Grüße Richard |
|
17.12.2013, 09:26
| #27 |
| /// the machine /// TB-Ausbilder | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Nee, nur eines  Zeig mal bitte nochmal die genaue Meldung. Sind da externe Platten dran? Wieviel interne Platten?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.12.2013, 00:09
| #28 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefunden Habe zur Zeit keine externe Festplatte dran. Wie zeig ich dir die Meldung? Es erscheint jedes Mal ein Fesnter von Avira mit dem Sicherheitshinweis: "Im Masterbootsektor von Laufwerk D wurde ein Virus oder unerwünschtes Programm BOO/TDss.O gefunden. Bitte wählen sie die weitere Aktion: Entfernen, Details" |
|
18.12.2013, 11:47
| #29 |
| /// the machine /// TB-Ausbilder | Win Vista: Avira meldet 'BOO/TDss.O' gefunden hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.12.2013, 23:49
| #30 |
| | Win Vista: Avira meldet 'BOO/TDss.O' gefundenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2013.12.19.11
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Richard :: RICHARD-PC [administrator]
19.12.2013 23:05:20
mbar-log-2013-12-19 (23-05-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 209574
Time elapsed: 12 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
c:\windows\$ntuninstallkb30508$\2110589665 (Backdoor.0Access) -> Delete on reboot.
c:\windows\$ntuninstallkb30508$\2110589665\l (Backdoor.0Access) -> Delete on reboot.
c:\windows\$ntuninstallkb30508$\2110589665\u (Backdoor.0Access) -> Delete on reboot.
c:\windows\$ntuninstallkb30508$\2707825333 (Backdoor.0Access) -> Delete on reboot.
Files Detected: 1
c:\windows\$ntuninstallkb30508$\2110589665\desktop.ini (Backdoor.0Access) -> Delete on reboot.
Physical Sectors Detected: 1
Physical Sector #625140400 on Drive #0 (Rootkit.Alureon.E.VBR) -> Replace on reboot.
(end)
|
|
| Themen zu Win Vista: Avira meldet 'BOO/TDss.O' gefunden |
| avira, boo/tdss.o, entferne, entfernen, gefunde, geklickt, gescannt, immer wieder, laufwerk, mas, masterbootsektor, masterbootsektor hd0, melde, meldet, meldung, programm, schei, tdsskiller, virus, vista, win, win vista |
Linear-Darstellung
