Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mystart.incredibar entfernen (https://www.trojaner-board.de/118591-mystart-incredibar-entfernen.html)

mirhannah 13.07.2012 17:30
tut mir leid, dass ich so doof fragen muss. Aber soll ich jetzt insgesamt 1 oder 2 fix machen?

cosinus 13.07.2012 21:28
Wieso kommst du denn auf zwei :confused:
Meinen Text aus der Box 1:1 kopieren, bei OTL unten einfügen und dann 1x auf Fix klicken

Ist doch klar so in der Anleitung auch beschrieben! :wtf:

mirhannah 13.07.2012 21:44
Ja, sorry :stirn:
Hab das vorhin bei der Arbeit gelesen und gedacht: 1.mache ein OTL-FIX
2. beende alle Programme (...) mache ein OTL-FIX. Dann wären es zwei. :balla:

Also ich lege jetzt los, und poste dir dann die Ergebnisse. Vielen Dank für die Geduld.

Hier die Ergebnisse. (Beim ersten Versuch ist der PC zwischendrin abgestürzt. Das sind jetzt die Ergebnisse vom zweiten Anlauf)

Code:
All processes killed
========== OTL ==========
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Folder C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Registry value HKEY_USERS\S-1-5-21-4131452526-3298899096-3233267490-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28a47d84-ecfe-11dc-b386-0013775baaa5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28a47d84-ecfe-11dc-b386-0013775baaa5}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\34542.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{56a52bbf-115f-11e1-a5f0-0013775baaa5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56a52bbf-115f-11e1-a5f0-0013775baaa5}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\copy.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8830768c-ed5a-11dc-b22f-0013775baaa5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8830768c-ed5a-11dc-b22f-0013775baaa5}\ not found.
File WDSetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9538169-f073-11dc-8ecb-0013775baaa5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9538169-f073-11dc-8ecb-0013775baaa5}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\copy.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f23719ee-790d-11de-bb2c-0013775baaa5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f23719ee-790d-11de-bb2c-0013775baaa5}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\copy.exe not found.
Unable to delete ADS C:\ProgramData\TEMP:430C6D84 .
Unable to delete ADS C:\ProgramData\TEMP:66B13F37 .
Unable to delete ADS C:\ProgramData\TEMP:6152D44C .
Unable to delete ADS C:\ProgramData\TEMP:C980DA7D .
Unable to delete ADS C:\ProgramData\TEMP:DFC5A2B2 .
========== FILES ==========
File\Folder C:\Program Files\kikin not found.
File\Folder C:\user.js not found.
========== COMMANDS ==========
 
[EMPTYTEMP]

mirhannah 17.07.2012 11:27
Hallo Arne, vielen Dank für die Hilfe. Die Symptome sind jetzt verschwunden. heißt das, dass mein PC jetzt wieder sauber ist?
Gruß,
Hannah

cosinus 17.07.2012 15:25
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

mirhannah 17.07.2012 15:51
Code:
16:41:00.0093 3432        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
16:41:00.0186 3432        ============================================================
16:41:00.0186 3432        Current date / time: 2012/07/17 16:41:00.0186
16:41:00.0186 3432        SystemInfo:
16:41:00.0186 3432       
16:41:00.0186 3432        OS Version: 6.0.6002 ServicePack: 2.0
16:41:00.0186 3432        Product type: Workstation
16:41:00.0186 3432        ComputerName: HANNAH-PC
16:41:00.0186 3432        UserName: Hannah
16:41:00.0186 3432        Windows directory: C:\Windows
16:41:00.0186 3432        System windows directory: C:\Windows
16:41:00.0186 3432        Processor architecture: Intel x86
16:41:00.0186 3432        Number of processors: 2
16:41:00.0186 3432        Page size: 0x1000
16:41:00.0186 3432        Boot type: Normal boot
16:41:00.0186 3432        ============================================================
16:41:01.0450 3432        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:41:01.0450 3432        ============================================================
16:41:01.0450 3432        \Device\Harddisk0\DR0:
16:41:01.0450 3432        MBR partitions:
16:41:01.0450 3432        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x8A19000
16:41:01.0450 3432        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9E19800, BlocksNum 0x8BFF800
16:41:01.0450 3432        ============================================================
16:41:01.0481 3432        C: <-> \Device\Harddisk0\DR0\Partition0
16:41:01.0544 3432        D: <-> \Device\Harddisk0\DR0\Partition1
16:41:01.0544 3432        ============================================================
16:41:01.0544 3432        Initialize success
16:41:01.0544 3432        ============================================================
16:43:19.0872 2676        ============================================================
16:43:19.0872 2676        Scan started
16:43:19.0872 2676        Mode: Manual; SigCheck; TDLFS;
16:43:19.0872 2676        ============================================================
16:43:21.0371 2676        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
16:43:21.0542 2676        ACPI - ok
16:43:21.0683 2676        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:43:21.0698 2676        AdobeFlashPlayerUpdateSvc - ok
16:43:21.0776 2676        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
16:43:21.0840 2676        adp94xx - ok
16:43:21.0965 2676        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
16:43:21.0996 2676        adpahci - ok
16:43:22.0105 2676        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
16:43:22.0121 2676        adpu160m - ok
16:43:22.0199 2676        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
16:43:22.0230 2676        adpu320 - ok
16:43:22.0308 2676        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:43:22.0386 2676        AeLookupSvc - ok
16:43:22.0511 2676        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
16:43:22.0604 2676        AFD - ok
16:43:22.0635 2676        AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
16:43:22.0698 2676        AgereModemAudio - ok
16:43:23.0058 2676        AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
16:43:23.0245 2676        AgereSoftModem - ok
16:43:23.0292 2676        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
16:43:23.0323 2676        agp440 - ok
16:43:23.0370 2676        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:43:23.0385 2676        aic78xx - ok
16:43:23.0604 2676        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:43:23.0760 2676        ALG - ok
16:43:23.0995 2676        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
16:43:24.0057 2676        aliide - ok
16:43:24.0119 2676        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
16:43:24.0135 2676        amdagp - ok
16:43:24.0166 2676        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
16:43:24.0182 2676        amdide - ok
16:43:24.0229 2676        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
16:43:24.0447 2676        AmdK7 - ok
16:43:24.0885 2676        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
16:43:24.0994 2676        AmdK8 - ok
16:43:25.0088 2676        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:43:25.0134 2676        Appinfo - ok
16:43:25.0415 2676        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:43:25.0431 2676        Apple Mobile Device - ok
16:43:25.0478 2676        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
16:43:25.0493 2676        arc - ok
16:43:25.0556 2676        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
16:43:25.0571 2676        arcsas - ok
16:43:25.0618 2676        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:43:25.0696 2676        AsyncMac - ok
16:43:25.0821 2676        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
16:43:25.0836 2676        atapi - ok
16:43:26.0212 2676        athr            (f32fee7cb2ee32c1f808409bc8019701) C:\Windows\system32\DRIVERS\athr.sys
16:43:26.0368 2676        athr - ok
16:43:26.0805 2676        Ati External Event Utility (d29cae8aa91e405a569892fa3d97aa64) C:\Windows\system32\Ati2evxx.exe
16:43:26.0899 2676        Ati External Event Utility - ok
16:43:27.0914 2676        atikmdag        (e46f2fb11cfe13187a4e3ef512c0d226) C:\Windows\system32\DRIVERS\atikmdag.sys
16:43:28.0164 2676        atikmdag - ok
16:43:29.0054 2676        AtiPcie        (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:43:29.0101 2676        AtiPcie - ok
16:43:29.0257 2676        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:43:29.0335 2676        AudioEndpointBuilder - ok
16:43:29.0350 2676        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:43:29.0382 2676        Audiosrv - ok
16:43:29.0413 2676        avkmgr - ok
16:43:29.0475 2676        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:43:29.0538 2676        Beep - ok
16:43:29.0709 2676        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
16:43:29.0787 2676        BFE - ok
16:43:29.0944 2676        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
16:43:30.0038 2676        BITS - ok
16:43:30.0038 2676        blbdrive - ok
16:43:30.0303 2676        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:43:30.0350 2676        Bonjour Service - ok
16:43:30.0631 2676        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
16:43:30.0693 2676        bowser - ok
16:43:30.0740 2676        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:43:30.0802 2676        BrFiltLo - ok
16:43:30.0818 2676        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:43:30.0896 2676        BrFiltUp - ok
16:43:31.0084 2676        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:43:31.0162 2676        Browser - ok
16:43:31.0224 2676        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:43:31.0318 2676        Brserid - ok
16:43:31.0334 2676        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:43:31.0396 2676        BrSerWdm - ok
16:43:31.0427 2676        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:43:31.0490 2676        BrUsbMdm - ok
16:43:31.0536 2676        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:43:31.0614 2676        BrUsbSer - ok
16:43:31.0677 2676        BthEnum        (064fbc56921051de1075495d628b815f) C:\Windows\system32\DRIVERS\BthEnum.sys
16:43:31.0724 2676        BthEnum - ok
16:43:31.0755 2676        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:43:31.0833 2676        BTHMODEM - ok
16:43:31.0942 2676        BthPan          (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
16:43:32.0021 2676        BthPan - ok
16:43:32.0099 2676        BTHPORT        (b24757d9154cca035e1bbd3db92966d7) C:\Windows\system32\Drivers\BTHport.sys
16:43:32.0146 2676        BTHPORT - ok
16:43:32.0224 2676        BthServ        (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
16:43:32.0271 2676        BthServ - ok
16:43:32.0302 2676        BTHUSB          (d42cf5f0c7635b3f1578810fe34d9e41) C:\Windows\system32\Drivers\BTHUSB.sys
16:43:32.0333 2676        BTHUSB - ok
16:43:32.0395 2676        btwaudio        (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
16:43:32.0427 2676        btwaudio - ok
16:43:32.0489 2676        btwavdt        (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
16:43:32.0505 2676        btwavdt - ok
16:43:32.0551 2676        btwrchid        (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
16:43:32.0567 2676        btwrchid - ok
16:43:32.0692 2676        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:43:32.0770 2676        cdfs - ok
16:43:32.0863 2676        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
16:43:32.0926 2676        cdrom - ok
16:43:33.0051 2676        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:43:33.0144 2676        CertPropSvc - ok
16:43:33.0222 2676        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
16:43:33.0331 2676        circlass - ok
16:43:33.0456 2676        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
16:43:33.0487 2676        CLFS - ok
16:43:33.0581 2676        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:43:33.0597 2676        clr_optimization_v2.0.50727_32 - ok
16:43:33.0753 2676        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:43:33.0784 2676        clr_optimization_v4.0.30319_32 - ok
16:43:33.0862 2676        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:43:33.0924 2676        CmBatt - ok
16:43:33.0987 2676        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
16:43:34.0002 2676        cmdide - ok
16:43:34.0080 2676        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:43:34.0096 2676        Compbatt - ok
16:43:34.0111 2676        COMSysApp - ok
16:43:34.0111 2676        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
16:43:34.0143 2676        crcdisk - ok
16:43:34.0158 2676        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
16:43:34.0236 2676        Crusoe - ok
16:43:34.0283 2676        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
16:43:34.0314 2676        CryptSvc - ok
16:43:34.0470 2676        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:43:34.0564 2676        DcomLaunch - ok
16:43:34.0704 2676        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
16:43:34.0798 2676        DfsC - ok
16:43:35.0391 2676        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
16:43:35.0640 2676        DFSR - ok
16:43:36.0046 2676        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
16:43:36.0124 2676        Dhcp - ok
16:43:36.0217 2676        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
16:43:36.0249 2676        disk - ok
16:43:36.0311 2676        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
16:43:36.0373 2676        Dnscache - ok
16:43:36.0436 2676        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
16:43:36.0467 2676        dot3svc - ok
16:43:36.0545 2676        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:43:36.0607 2676        DPS - ok
16:43:36.0670 2676        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:43:36.0701 2676        drmkaud - ok
16:43:36.0810 2676        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
16:43:36.0841 2676        DXGKrnl - ok
16:43:36.0888 2676        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:43:36.0997 2676        E1G60 - ok
16:43:37.0060 2676        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:43:37.0091 2676        EapHost - ok
16:43:37.0185 2676        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
16:43:37.0200 2676        Ecache - ok
16:43:37.0263 2676        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:43:37.0325 2676        ehRecvr - ok
16:43:37.0403 2676        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:43:37.0450 2676        ehSched - ok
16:43:37.0481 2676        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:43:37.0512 2676        ehstart - ok
16:43:37.0590 2676        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
16:43:37.0637 2676        elxstor - ok
16:43:37.0746 2676        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
16:43:37.0840 2676        EMDMgmt - ok
16:43:37.0887 2676        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
16:43:37.0949 2676        EventSystem - ok
16:43:38.0011 2676        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
16:43:38.0089 2676        exfat - ok
16:43:38.0136 2676        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
16:43:38.0167 2676        fastfat - ok
16:43:38.0230 2676        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
16:43:38.0323 2676        fdc - ok
16:43:38.0355 2676        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:43:38.0386 2676        fdPHost - ok
16:43:38.0401 2676        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:43:38.0479 2676        FDResPub - ok
16:43:38.0526 2676        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:43:38.0542 2676        FileInfo - ok
16:43:38.0557 2676        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:43:38.0604 2676        Filetrace - ok
16:43:38.0651 2676        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
16:43:38.0729 2676        flpydisk - ok
16:43:38.0854 2676        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
16:43:38.0885 2676        FltMgr - ok
16:43:39.0088 2676        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
16:43:39.0197 2676        FontCache - ok
16:43:39.0306 2676        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:43:39.0337 2676        FontCache3.0.0.0 - ok
16:43:39.0369 2676        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
16:43:39.0431 2676        Fs_Rec - ok
16:43:39.0493 2676        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
16:43:39.0525 2676        gagp30kx - ok
16:43:39.0587 2676        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:43:39.0603 2676        GEARAspiWDM - ok
16:43:39.0743 2676        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
16:43:39.0868 2676        gpsvc - ok
16:43:40.0133 2676        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:43:40.0149 2676        gupdate - ok
16:43:40.0149 2676        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:43:40.0180 2676        gupdatem - ok
16:43:40.0242 2676        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
16:43:40.0351 2676        HdAudAddService - ok
16:43:40.0523 2676        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:43:40.0648 2676        HDAudBus - ok
16:43:40.0663 2676        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:43:40.0788 2676        HidBth - ok
16:43:40.0897 2676        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:43:41.0007 2676        HidIr - ok
16:43:41.0100 2676        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
16:43:41.0163 2676        hidserv - ok
16:43:41.0303 2676        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
16:43:41.0365 2676        HidUsb - ok
16:43:41.0443 2676        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:43:41.0521 2676        hkmsvc - ok
16:43:41.0755 2676        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
16:43:41.0771 2676        HpCISSs - ok
16:43:41.0896 2676        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
16:43:42.0005 2676        HTTP - ok
16:43:42.0145 2676        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
16:43:42.0161 2676        i2omp - ok
16:43:42.0255 2676        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:43:42.0301 2676        i8042prt - ok
16:43:42.0411 2676        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
16:43:42.0442 2676        iaStorV - ok
16:43:42.0660 2676        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:43:42.0691 2676        IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:43:42.0691 2676        IDriverT - detected UnsignedFile.Multi.Generic (1)
16:43:42.0910 2676        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:43:43.0035 2676        idsvc - ok
16:43:43.0471 2676        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:43:43.0487 2676        iirsp - ok
16:43:43.0705 2676        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
16:43:43.0783 2676        IKEEXT - ok
16:43:44.0423 2676        IntcAzAudAddService (7bd4e0428776d11c8e8e26f9f5508690) C:\Windows\system32\drivers\RTKVHDA.sys
16:43:44.0595 2676        IntcAzAudAddService - ok
16:43:45.0577 2676        intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
16:43:45.0593 2676        intelide - ok
16:43:45.0671 2676        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:43:45.0733 2676        intelppm - ok
16:43:45.0796 2676        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:43:45.0843 2676        IPBusEnum - ok
16:43:45.0874 2676        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:43:45.0921 2676        IpFilterDriver - ok
16:43:46.0201 2676        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
16:43:46.0264 2676        iphlpsvc - ok
16:43:46.0264 2676        IpInIp - ok
16:43:46.0420 2676        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
16:43:46.0513 2676        IPMIDRV - ok
16:43:46.0591 2676        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:43:46.0654 2676        IPNAT - ok
16:43:47.0075 2676        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
16:43:47.0184 2676        iPod Service - ok
16:43:47.0293 2676        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:43:47.0340 2676        IRENUM - ok
16:43:47.0512 2676        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
16:43:47.0543 2676        isapnp - ok
16:43:47.0652 2676        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
16:43:47.0683 2676        iScsiPrt - ok
16:43:47.0777 2676        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:43:47.0808 2676        iteatapi - ok
16:43:47.0980 2676        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:43:48.0027 2676        iteraid - ok
16:43:48.0167 2676        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:43:48.0183 2676        kbdclass - ok
16:43:48.0261 2676        kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
16:43:48.0370 2676        kbdhid - ok
16:43:48.0573 2676        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:43:48.0666 2676        KeyIso - ok
16:43:48.0729 2676        KMDFMEMIO      (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
16:43:48.0775 2676        KMDFMEMIO - ok
16:43:49.0056 2676        KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
16:43:49.0119 2676        KSecDD - ok
16:43:49.0197 2676        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:43:49.0337 2676        KtmRm - ok
16:43:49.0555 2676        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
16:43:49.0649 2676        LanmanServer - ok
16:43:49.0836 2676        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
16:43:49.0914 2676        LanmanWorkstation - ok
16:43:50.0226 2676        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:43:50.0273 2676        lltdio - ok
16:43:50.0507 2676        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:43:50.0585 2676        lltdsvc - ok
16:43:50.0741 2676        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:43:50.0819 2676        lmhosts - ok
16:43:50.0897 2676        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
16:43:50.0928 2676        LSI_FC - ok
16:43:51.0053 2676        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
16:43:51.0069 2676        LSI_SAS - ok
16:43:51.0178 2676        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
16:43:51.0209 2676        LSI_SCSI - ok
16:43:51.0334 2676        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:43:51.0396 2676        luafv - ok
16:43:51.0474 2676        LVRS            (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys
16:43:51.0521 2676        LVRS - ok
16:43:52.0535 2676        LVUVC          (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys
16:43:52.0878 2676        LVUVC - ok
16:43:53.0299 2676        MBAMProtector  (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
16:43:53.0315 2676        MBAMProtector - ok
16:43:53.0518 2676        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:43:53.0627 2676        MBAMService - ok
16:43:53.0845 2676        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
16:43:53.0877 2676        McComponentHostService - ok
16:43:54.0001 2676        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:43:54.0048 2676        Mcx2Svc - ok
16:43:54.0282 2676        MDM            (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
16:43:54.0313 2676        MDM - ok
16:43:54.0501 2676        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
16:43:54.0532 2676        megasas - ok
16:43:54.0641 2676        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:43:54.0688 2676        MMCSS - ok
16:43:54.0766 2676        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:43:54.0813 2676        Modem - ok
16:43:54.0875 2676        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:43:54.0906 2676        monitor - ok
16:43:55.0031 2676        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:43:55.0047 2676        mouclass - ok
16:43:55.0062 2676        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:43:55.0109 2676        mouhid - ok
16:43:55.0203 2676        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:43:55.0218 2676        MountMgr - ok
16:43:55.0281 2676        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:43:55.0296 2676        MozillaMaintenance - ok
16:43:55.0343 2676        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
16:43:55.0359 2676        MpFilter - ok
16:43:55.0405 2676        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
16:43:55.0421 2676        mpio - ok
16:43:55.0546 2676        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:43:55.0593 2676        mpsdrv - ok
16:43:55.0671 2676        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
16:43:55.0749 2676        MpsSvc - ok
16:43:55.0795 2676        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:43:55.0811 2676        Mraid35x - ok
16:43:55.0858 2676        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
16:43:55.0889 2676        MRxDAV - ok
16:43:55.0983 2676        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:43:56.0045 2676        mrxsmb - ok
16:43:56.0170 2676        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:43:56.0217 2676        mrxsmb10 - ok
16:43:56.0248 2676        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:43:56.0295 2676        mrxsmb20 - ok
16:43:56.0419 2676        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
16:43:56.0451 2676        msahci - ok
16:43:56.0591 2676        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
16:43:56.0607 2676        msdsm - ok
16:43:56.0747 2676        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:43:56.0825 2676        MSDTC - ok
16:43:56.0887 2676        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:43:56.0934 2676        Msfs - ok
16:43:57.0012 2676        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:43:57.0028 2676        msisadrv - ok
16:43:57.0168 2676        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:43:57.0246 2676        MSiSCSI - ok
16:43:57.0246 2676        msiserver - ok
16:43:57.0324 2676        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:43:57.0387 2676        MSKSSRV - ok
16:43:57.0558 2676        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:43:57.0574 2676        MsMpSvc - ok
16:43:57.0652 2676        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:43:57.0745 2676        MSPCLOCK - ok
16:43:57.0792 2676        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:43:57.0855 2676        MSPQM - ok
16:43:57.0964 2676        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
16:43:57.0995 2676        MsRPC - ok
16:43:58.0120 2676        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:43:58.0151 2676        mssmbios - ok
16:43:58.0198 2676        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:43:58.0291 2676        MSTEE - ok
16:43:58.0338 2676        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
16:43:58.0354 2676        Mup - ok
16:43:58.0510 2676        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
16:43:58.0603 2676        napagent - ok
16:43:58.0744 2676        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
16:43:58.0806 2676        NativeWifiP - ok
16:43:59.0071 2676        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
16:43:59.0149 2676        NDIS - ok
16:43:59.0243 2676        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:43:59.0290 2676        NdisTapi - ok
16:43:59.0337 2676        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:43:59.0383 2676        Ndisuio - ok
16:43:59.0524 2676        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:43:59.0602 2676        NdisWan - ok
16:43:59.0649 2676        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:43:59.0680 2676        NDProxy - ok
16:43:59.0773 2676        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:43:59.0836 2676        NetBIOS - ok
16:43:59.0914 2676        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
16:43:59.0976 2676        netbt - ok
16:44:00.0117 2676        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:00.0132 2676        Netlogon - ok
16:44:00.0226 2676        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:44:00.0304 2676        Netman - ok
16:44:00.0366 2676        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:44:00.0429 2676        netprofm - ok
16:44:00.0569 2676        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:44:00.0585 2676        NetTcpPortSharing - ok
16:44:01.0006 2676        NETw2v32        (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
16:44:01.0365 2676        NETw2v32 - ok
16:44:01.0692 2676        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:44:01.0708 2676        nfrd960 - ok
16:44:01.0755 2676        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:44:01.0770 2676        NisDrv - ok
16:44:01.0942 2676        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:44:01.0957 2676        NisSrv - ok
16:44:02.0051 2676        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:44:02.0145 2676        NlaSvc - ok
16:44:02.0207 2676        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
16:44:02.0238 2676        Npfs - ok
16:44:02.0316 2676        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:44:02.0363 2676        nsi - ok
16:44:02.0394 2676        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:44:02.0457 2676        nsiproxy - ok
16:44:02.0628 2676        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
16:44:02.0691 2676        Ntfs - ok
16:44:02.0753 2676        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:44:02.0831 2676        ntrigdigi - ok
16:44:02.0847 2676        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:44:02.0878 2676        Null - ok
16:44:02.0940 2676        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
16:44:02.0956 2676        nvraid - ok
16:44:03.0034 2676        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
16:44:03.0049 2676        nvstor - ok
16:44:03.0112 2676        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
16:44:03.0127 2676        nv_agp - ok
16:44:03.0127 2676        NwlnkFlt - ok
16:44:03.0143 2676        NwlnkFwd - ok
16:44:03.0174 2676        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
16:44:03.0237 2676        ohci1394 - ok
16:44:03.0330 2676        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:03.0346 2676        ose - ok
16:44:03.0486 2676        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:03.0595 2676        p2pimsvc - ok
16:44:03.0611 2676        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:03.0658 2676        p2psvc - ok
16:44:03.0720 2676        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:44:03.0798 2676        Parport - ok
16:44:03.0845 2676        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
16:44:03.0861 2676        partmgr - ok
16:44:03.0892 2676        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:44:03.0985 2676        Parvdm - ok
16:44:04.0110 2676        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:44:04.0204 2676        PcaSvc - ok
16:44:04.0235 2676        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
16:44:04.0266 2676        pci - ok
16:44:04.0313 2676        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
16:44:04.0344 2676        pciide - ok
16:44:04.0391 2676        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
16:44:04.0407 2676        pcmcia - ok
16:44:04.0563 2676        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:44:04.0672 2676        PEAUTH - ok
16:44:04.0999 2676        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:44:05.0124 2676        pla - ok
16:44:05.0452 2676        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
16:44:05.0499 2676        PlugPlay - ok
16:44:05.0701 2676        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:05.0764 2676        PNRPAutoReg - ok
16:44:05.0779 2676        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:05.0826 2676        PNRPsvc - ok
16:44:05.0920 2676        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
16:44:06.0013 2676        PolicyAgent - ok
16:44:06.0123 2676        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:44:06.0169 2676        PptpMiniport - ok
16:44:06.0216 2676        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
16:44:06.0325 2676        Processor - ok
16:44:06.0419 2676        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
16:44:06.0450 2676        ProfSvc - ok
16:44:06.0497 2676        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:06.0528 2676        ProtectedStorage - ok
16:44:06.0575 2676        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
16:44:06.0653 2676        PSched - ok
16:44:06.0700 2676        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
16:44:06.0715 2676        PxHelp20 - ok
16:44:06.0856 2676        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
16:44:06.0965 2676        ql2300 - ok
16:44:07.0027 2676        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:44:07.0043 2676        ql40xx - ok
16:44:07.0105 2676        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:44:07.0137 2676        QWAVE - ok
16:44:07.0183 2676        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:44:07.0215 2676        QWAVEdrv - ok
16:44:07.0542 2676        R300            (e46f2fb11cfe13187a4e3ef512c0d226) C:\Windows\system32\DRIVERS\atikmdag.sys
16:44:07.0683 2676        R300 - ok
16:44:07.0948 2676        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:44:08.0010 2676        RasAcd - ok
16:44:08.0057 2676        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:44:08.0135 2676        RasAuto - ok
16:44:08.0166 2676        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:44:08.0213 2676        Rasl2tp - ok
16:44:08.0291 2676        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
16:44:08.0369 2676        RasMan - ok
16:44:08.0447 2676        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
16:44:08.0494 2676        RasPppoe - ok
16:44:08.0556 2676        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
16:44:08.0587 2676        RasSstp - ok
16:44:08.0650 2676        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
16:44:08.0697 2676        rdbss - ok
16:44:08.0728 2676        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:44:08.0790 2676        RDPCDD - ok
16:44:08.0868 2676        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
16:44:08.0977 2676        rdpdr - ok
16:44:08.0977 2676        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:44:09.0024 2676        RDPENCDD - ok
16:44:09.0102 2676        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
16:44:09.0149 2676        RDPWD - ok
16:44:09.0243 2676        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:44:09.0289 2676        RemoteAccess - ok
16:44:09.0352 2676        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
16:44:09.0414 2676        RemoteRegistry - ok
16:44:09.0461 2676        RFCOMM          (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
16:44:09.0523 2676        RFCOMM - ok
16:44:09.0679 2676        RichVideo      (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:44:09.0726 2676        RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:44:09.0726 2676        RichVideo - detected UnsignedFile.Multi.Generic (1)
16:44:09.0742 2676        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:44:09.0804 2676        RpcLocator - ok
16:44:09.0929 2676        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:44:09.0991 2676        RpcSs - ok
16:44:10.0054 2676        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:44:10.0101 2676        rspndr - ok
16:44:10.0147 2676        RTL8023xp      (959ef612d2ccfdb6d9e443f8e3655013) C:\Windows\system32\DRIVERS\Rtnicxp.sys
16:44:10.0210 2676        RTL8023xp - ok
16:44:10.0257 2676        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:10.0272 2676        SamSs - ok
16:44:10.0397 2676        Samsung Update Plus (4bfb51cdb25d4d4b9e8fccab635f262e) C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
16:44:10.0444 2676        Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
16:44:10.0444 2676        Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
16:44:10.0475 2676        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:44:10.0491 2676        sbp2port - ok
16:44:10.0553 2676        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
16:44:10.0631 2676        SCardSvr - ok
16:44:10.0740 2676        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
16:44:10.0881 2676        Schedule - ok
16:44:10.0927 2676        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:44:10.0959 2676        SCPolicySvc - ok
16:44:11.0068 2676        sdbus          (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
16:44:11.0161 2676        sdbus - ok
16:44:11.0224 2676        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:44:11.0286 2676        SDRSVC - ok
16:44:11.0317 2676        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:44:11.0411 2676        secdrv - ok
16:44:11.0427 2676        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:44:11.0473 2676        seclogon - ok
16:44:11.0567 2676        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:44:11.0614 2676        SENS - ok
16:44:11.0676 2676        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:44:11.0754 2676        Serenum - ok
16:44:11.0817 2676        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:44:11.0895 2676        Serial - ok
16:44:11.0988 2676        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:44:12.0019 2676        sermouse - ok
16:44:12.0191 2676        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:44:12.0238 2676        SessionEnv - ok
16:44:12.0363 2676        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
16:44:12.0456 2676        sffdisk - ok
16:44:12.0565 2676        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
16:44:12.0643 2676        sffp_mmc - ok
16:44:12.0721 2676        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
16:44:12.0799 2676        sffp_sd - ok
16:44:12.0831 2676        sfloppy        (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
16:44:12.0877 2676        sfloppy - ok
16:44:12.0971 2676        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:44:13.0018 2676        SharedAccess - ok
16:44:13.0111 2676        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
16:44:13.0174 2676        ShellHWDetection - ok
16:44:13.0221 2676        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
16:44:13.0236 2676        sisagp - ok
16:44:13.0267 2676        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
16:44:13.0283 2676        SiSRaid2 - ok
16:44:13.0314 2676        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
16:44:13.0345 2676        SiSRaid4 - ok
16:44:13.0470 2676        SkypeUpdate    (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
16:44:13.0486 2676        SkypeUpdate - ok
16:44:13.0938 2676        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
16:44:14.0266 2676        slsvc - ok
16:44:14.0500 2676        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
16:44:14.0578 2676        SLUINotify - ok
16:44:14.0656 2676        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
16:44:14.0749 2676        Smb - ok
16:44:14.0796 2676        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:44:14.0827 2676        SNMPTRAP - ok
16:44:14.0905 2676        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:44:14.0921 2676        spldr - ok
16:44:14.0999 2676        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
16:44:15.0061 2676        Spooler - ok
16:44:15.0186 2676        SQLWriter      (d2f4f32b59440011174b4f8137af4e0c) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:44:15.0202 2676        SQLWriter - ok
16:44:15.0327 2676        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
16:44:15.0405 2676        srv - ok
16:44:15.0451 2676        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
16:44:15.0514 2676        srv2 - ok
16:44:15.0545 2676        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
16:44:15.0576 2676        srvnet - ok
16:44:15.0654 2676        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:44:15.0701 2676        SSDPSRV - ok
16:44:15.0748 2676        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:44:15.0795 2676        SstpSvc - ok
16:44:15.0888 2676        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
16:44:15.0982 2676        stisvc - ok
16:44:16.0044 2676        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:44:16.0060 2676        swenum - ok
16:44:16.0153 2676        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
16:44:16.0231 2676        swprv - ok
16:44:16.0309 2676        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:44:16.0341 2676        Symc8xx - ok
16:44:16.0356 2676        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:44:16.0387 2676        Sym_hi - ok
16:44:16.0419 2676        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:44:16.0450 2676        Sym_u3 - ok
16:44:16.0528 2676        SynTP          (c1777074592bbb55b1f1a2fbc7a60498) C:\Windows\system32\DRIVERS\SynTP.sys
16:44:16.0543 2676        SynTP - ok
16:44:16.0621 2676        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
16:44:16.0684 2676        SysMain - ok
16:44:16.0731 2676        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:44:16.0793 2676        TabletInputService - ok
16:44:16.0902 2676        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
16:44:16.0980 2676        TapiSrv - ok
16:44:17.0043 2676        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:44:17.0105 2676        TBS - ok
16:44:17.0245 2676        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
16:44:17.0355 2676        Tcpip - ok
16:44:17.0370 2676        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
16:44:17.0417 2676        Tcpip6 - ok
16:44:17.0464 2676        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
16:44:17.0495 2676        tcpipreg - ok
16:44:17.0557 2676        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:44:17.0589 2676        TDPIPE - ok
16:44:17.0651 2676        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:44:17.0698 2676        TDTCP - ok
16:44:17.0760 2676        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
16:44:17.0823 2676        tdx - ok
16:44:17.0947 2676        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
16:44:17.0963 2676        TermDD - ok
16:44:18.0072 2676        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
16:44:18.0166 2676        TermService - ok
16:44:18.0228 2676        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
16:44:18.0259 2676        Themes - ok
16:44:18.0291 2676        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:44:18.0322 2676        THREADORDER - ok
16:44:18.0369 2676        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:44:18.0415 2676        TrkWks - ok
16:44:18.0540 2676        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
16:44:18.0571 2676        TrustedInstaller - ok
16:44:18.0603 2676        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:44:18.0665 2676        tssecsrv - ok
16:44:18.0696 2676        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:44:18.0727 2676        tunmp - ok
16:44:18.0743 2676        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
16:44:18.0774 2676        tunnel - ok
16:44:18.0805 2676        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
16:44:18.0821 2676        uagp35 - ok
16:44:18.0883 2676        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
16:44:18.0930 2676        udfs - ok
16:44:19.0039 2676        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:44:19.0086 2676        UI0Detect - ok
16:44:19.0117 2676        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
16:44:19.0133 2676        uliagpkx - ok
16:44:19.0195 2676        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
16:44:19.0227 2676        uliahci - ok
16:44:19.0305 2676        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:44:19.0336 2676        UlSata - ok
16:44:19.0398 2676        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:44:19.0414 2676        ulsata2 - ok
16:44:19.0476 2676        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:44:19.0523 2676        umbus - ok
16:44:19.0663 2676        UMVPFSrv        (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:44:19.0710 2676        UMVPFSrv - ok
16:44:19.0866 2676        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:44:19.0975 2676        upnphost - ok
16:44:20.0022 2676        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
16:44:20.0069 2676        USBAAPL - ok
16:44:20.0163 2676        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
16:44:20.0225 2676        usbaudio - ok
16:44:20.0287 2676        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
16:44:20.0350 2676        usbccgp - ok
16:44:20.0397 2676        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:44:20.0475 2676        usbcir - ok
16:44:20.0506 2676        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
16:44:20.0553 2676        usbehci - ok
16:44:20.0584 2676        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
16:44:20.0646 2676        usbhub - ok
16:44:20.0693 2676        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
16:44:20.0740 2676        usbohci - ok
16:44:20.0818 2676        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:44:20.0865 2676        usbprint - ok
16:44:20.0974 2676        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:44:21.0005 2676        USBSTOR - ok
16:44:21.0052 2676        usbuhci        (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
16:44:21.0130 2676        usbuhci - ok
16:44:21.0208 2676        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:44:21.0286 2676        usbvideo - ok
16:44:21.0379 2676        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
16:44:21.0442 2676        UxSms - ok
16:44:21.0535 2676        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
16:44:21.0645 2676        vds - ok
16:44:21.0707 2676        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
16:44:21.0754 2676        vga - ok
16:44:21.0832 2676        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:44:21.0879 2676        VgaSave - ok
16:44:21.0910 2676        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
16:44:21.0941 2676        viaagp - ok
16:44:21.0957 2676        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
16:44:22.0081 2676        ViaC7 - ok
16:44:22.0097 2676        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
16:44:22.0113 2676        viaide - ok
16:44:22.0175 2676        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:44:22.0191 2676        volmgr - ok
16:44:22.0300 2676        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
16:44:22.0331 2676        volmgrx - ok
16:44:22.0378 2676        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
16:44:22.0409 2676        volsnap - ok
16:44:22.0440 2676        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
16:44:22.0456 2676        vsmraid - ok
16:44:22.0627 2676        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
16:44:22.0768 2676        VSS - ok
16:44:23.0002 2676        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
16:44:23.0080 2676        W32Time - ok
16:44:23.0173 2676        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:44:23.0236 2676        WacomPen - ok
16:44:23.0298 2676        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:44:23.0345 2676        Wanarp - ok
16:44:23.0345 2676        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:44:23.0376 2676        Wanarpv6 - ok
16:44:23.0470 2676        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
16:44:23.0501 2676        wcncsvc - ok
16:44:23.0563 2676        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:44:23.0595 2676        WcsPlugInService - ok
16:44:23.0626 2676        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
16:44:23.0641 2676        Wd - ok
16:44:23.0797 2676        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:44:23.0829 2676        Wdf01000 - ok
16:44:23.0922 2676        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:44:24.0000 2676        WdiServiceHost - ok
16:44:24.0016 2676        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:44:24.0063 2676        WdiSystemHost - ok
16:44:24.0125 2676        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
16:44:24.0187 2676        WebClient - ok
16:44:24.0250 2676        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:44:24.0297 2676        Wecsvc - ok
16:44:24.0375 2676        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:44:24.0437 2676        wercplsupport - ok
16:44:24.0499 2676        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
16:44:24.0546 2676        WerSvc - ok
16:44:24.0702 2676        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:44:24.0733 2676        WinDefend - ok
16:44:24.0733 2676        WinHttpAutoProxySvc - ok
16:44:24.0843 2676        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
16:44:24.0874 2676        Winmgmt - ok
16:44:25.0123 2676        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:44:25.0233 2676        WinRM - ok
16:44:25.0326 2676        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
16:44:25.0404 2676        Wlansvc - ok
16:44:25.0529 2676        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
16:44:25.0623 2676        WmiAcpi - ok
16:44:25.0763 2676        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
16:44:25.0810 2676        wmiApSrv - ok
16:44:26.0013 2676        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:44:26.0106 2676        WMPNetworkSvc - ok
16:44:26.0184 2676        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
16:44:26.0247 2676        WPCSvc - ok
16:44:26.0293 2676        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
16:44:26.0340 2676        WPDBusEnum - ok
16:44:26.0465 2676        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
16:44:26.0481 2676        WpdUsb - ok
16:44:26.0824 2676        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:44:26.0886 2676        WPFFontCache_v0400 - ok
16:44:26.0933 2676        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:44:26.0980 2676        ws2ifsl - ok
16:44:27.0042 2676        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
16:44:27.0073 2676        wscsvc - ok
16:44:27.0120 2676        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:44:27.0151 2676        WSDPrintDevice - ok
16:44:27.0214 2676        WSDScan        (65d1ff8aaff4a7d8f787a290e5087816) C:\Windows\system32\DRIVERS\WSDScan.sys
16:44:27.0261 2676        WSDScan - ok
16:44:27.0261 2676        WSearch - ok
16:44:27.0666 2676        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:44:27.0822 2676        wuauserv - ok
16:44:28.0197 2676        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:44:28.0275 2676        WUDFRd - ok
16:44:28.0321 2676        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:44:28.0384 2676        wudfsvc - ok
16:44:28.0462 2676        yukonwlh        (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
16:44:28.0509 2676        yukonwlh - ok
16:44:28.0540 2676        MBR (0x1B8)    (61a349592c4728853f4a90ff78f7628e) \Device\Harddisk0\DR0
16:44:29.0367 2676        \Device\Harddisk0\DR0 - ok
16:44:29.0398 2676        Boot (0x1200)  (2d3c8d6b7dd7b6f8b97b0afa65d62e88) \Device\Harddisk0\DR0\Partition0
16:44:29.0476 2676        \Device\Harddisk0\DR0\Partition0 - ok
16:44:29.0507 2676        Boot (0x1200)  (c9074faa7fa3743eae28f3b181586712) \Device\Harddisk0\DR0\Partition1
16:44:29.0507 2676        \Device\Harddisk0\DR0\Partition1 - ok
16:44:29.0507 2676        ============================================================
16:44:29.0507 2676        Scan finished
16:44:29.0507 2676        ============================================================
16:44:29.0523 5184        Detected object count: 3
16:44:29.0523 5184        Actual detected object count: 3

cosinus 18.07.2012 15:22
Log ist unvollständig!! Die untere Zusammenfassung fehlt!

mirhannah 18.07.2012 15:24
so besser?

Code:
16:41:00.0093 3432        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
16:41:00.0186 3432        ============================================================
16:41:00.0186 3432        Current date / time: 2012/07/17 16:41:00.0186
16:41:00.0186 3432        SystemInfo:
16:41:00.0186 3432       
16:41:00.0186 3432        OS Version: 6.0.6002 ServicePack: 2.0
16:41:00.0186 3432        Product type: Workstation
16:41:00.0186 3432        ComputerName: HANNAH-PC
16:41:00.0186 3432        UserName: Hannah
16:41:00.0186 3432        Windows directory: C:\Windows
16:41:00.0186 3432        System windows directory: C:\Windows
16:41:00.0186 3432        Processor architecture: Intel x86
16:41:00.0186 3432        Number of processors: 2
16:41:00.0186 3432        Page size: 0x1000
16:41:00.0186 3432        Boot type: Normal boot
16:41:00.0186 3432        ============================================================
16:41:01.0450 3432        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:41:01.0450 3432        ============================================================
16:41:01.0450 3432        \Device\Harddisk0\DR0:
16:41:01.0450 3432        MBR partitions:
16:41:01.0450 3432        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x8A19000
16:41:01.0450 3432        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9E19800, BlocksNum 0x8BFF800
16:41:01.0450 3432        ============================================================
16:41:01.0481 3432        C: <-> \Device\Harddisk0\DR0\Partition0
16:41:01.0544 3432        D: <-> \Device\Harddisk0\DR0\Partition1
16:41:01.0544 3432        ============================================================
16:41:01.0544 3432        Initialize success
16:41:01.0544 3432        ============================================================
16:43:19.0872 2676        ============================================================
16:43:19.0872 2676        Scan started
16:43:19.0872 2676        Mode: Manual; SigCheck; TDLFS;
16:43:19.0872 2676        ============================================================
16:43:21.0371 2676        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
16:43:21.0542 2676        ACPI - ok
16:43:21.0683 2676        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:43:21.0698 2676        AdobeFlashPlayerUpdateSvc - ok
16:43:21.0776 2676        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
16:43:21.0840 2676        adp94xx - ok
16:43:21.0965 2676        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
16:43:21.0996 2676        adpahci - ok
16:43:22.0105 2676        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
16:43:22.0121 2676        adpu160m - ok
16:43:22.0199 2676        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
16:43:22.0230 2676        adpu320 - ok
16:43:22.0308 2676        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:43:22.0386 2676        AeLookupSvc - ok
16:43:22.0511 2676        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
16:43:22.0604 2676        AFD - ok
16:43:22.0635 2676        AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
16:43:22.0698 2676        AgereModemAudio - ok
16:43:23.0058 2676        AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
16:43:23.0245 2676        AgereSoftModem - ok
16:43:23.0292 2676        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
16:43:23.0323 2676        agp440 - ok
16:43:23.0370 2676        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:43:23.0385 2676        aic78xx - ok
16:43:23.0604 2676        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:43:23.0760 2676        ALG - ok
16:43:23.0995 2676        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
16:43:24.0057 2676        aliide - ok
16:43:24.0119 2676        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
16:43:24.0135 2676        amdagp - ok
16:43:24.0166 2676        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
16:43:24.0182 2676        amdide - ok
16:43:24.0229 2676        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
16:43:24.0447 2676        AmdK7 - ok
16:43:24.0885 2676        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
16:43:24.0994 2676        AmdK8 - ok
16:43:25.0088 2676        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:43:25.0134 2676        Appinfo - ok
16:43:25.0415 2676        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:43:25.0431 2676        Apple Mobile Device - ok
16:43:25.0478 2676        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
16:43:25.0493 2676        arc - ok
16:43:25.0556 2676        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
16:43:25.0571 2676        arcsas - ok
16:43:25.0618 2676        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:43:25.0696 2676        AsyncMac - ok
16:43:25.0821 2676        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
16:43:25.0836 2676        atapi - ok
16:43:26.0212 2676        athr            (f32fee7cb2ee32c1f808409bc8019701) C:\Windows\system32\DRIVERS\athr.sys
16:43:26.0368 2676        athr - ok
16:43:26.0805 2676        Ati External Event Utility (d29cae8aa91e405a569892fa3d97aa64) C:\Windows\system32\Ati2evxx.exe
16:43:26.0899 2676        Ati External Event Utility - ok
16:43:27.0914 2676        atikmdag        (e46f2fb11cfe13187a4e3ef512c0d226) C:\Windows\system32\DRIVERS\atikmdag.sys
16:43:28.0164 2676        atikmdag - ok
16:43:29.0054 2676        AtiPcie        (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:43:29.0101 2676        AtiPcie - ok
16:43:29.0257 2676        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:43:29.0335 2676        AudioEndpointBuilder - ok
16:43:29.0350 2676        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:43:29.0382 2676        Audiosrv - ok
16:43:29.0413 2676        avkmgr - ok
16:43:29.0475 2676        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:43:29.0538 2676        Beep - ok
16:43:29.0709 2676        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
16:43:29.0787 2676        BFE - ok
16:43:29.0944 2676        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
16:43:30.0038 2676        BITS - ok
16:43:30.0038 2676        blbdrive - ok
16:43:30.0303 2676        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:43:30.0350 2676        Bonjour Service - ok
16:43:30.0631 2676        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
16:43:30.0693 2676        bowser - ok
16:43:30.0740 2676        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:43:30.0802 2676        BrFiltLo - ok
16:43:30.0818 2676        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:43:30.0896 2676        BrFiltUp - ok
16:43:31.0084 2676        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:43:31.0162 2676        Browser - ok
16:43:31.0224 2676        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:43:31.0318 2676        Brserid - ok
16:43:31.0334 2676        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:43:31.0396 2676        BrSerWdm - ok
16:43:31.0427 2676        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:43:31.0490 2676        BrUsbMdm - ok
16:43:31.0536 2676        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:43:31.0614 2676        BrUsbSer - ok
16:43:31.0677 2676        BthEnum        (064fbc56921051de1075495d628b815f) C:\Windows\system32\DRIVERS\BthEnum.sys
16:43:31.0724 2676        BthEnum - ok
16:43:31.0755 2676        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:43:31.0833 2676        BTHMODEM - ok
16:43:31.0942 2676        BthPan          (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
16:43:32.0021 2676        BthPan - ok
16:43:32.0099 2676        BTHPORT        (b24757d9154cca035e1bbd3db92966d7) C:\Windows\system32\Drivers\BTHport.sys
16:43:32.0146 2676        BTHPORT - ok
16:43:32.0224 2676        BthServ        (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
16:43:32.0271 2676        BthServ - ok
16:43:32.0302 2676        BTHUSB          (d42cf5f0c7635b3f1578810fe34d9e41) C:\Windows\system32\Drivers\BTHUSB.sys
16:43:32.0333 2676        BTHUSB - ok
16:43:32.0395 2676        btwaudio        (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
16:43:32.0427 2676        btwaudio - ok
16:43:32.0489 2676        btwavdt        (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
16:43:32.0505 2676        btwavdt - ok
16:43:32.0551 2676        btwrchid        (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
16:43:32.0567 2676        btwrchid - ok
16:43:32.0692 2676        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:43:32.0770 2676        cdfs - ok
16:43:32.0863 2676        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
16:43:32.0926 2676        cdrom - ok
16:43:33.0051 2676        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:43:33.0144 2676        CertPropSvc - ok
16:43:33.0222 2676        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
16:43:33.0331 2676        circlass - ok
16:43:33.0456 2676        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
16:43:33.0487 2676        CLFS - ok
16:43:33.0581 2676        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:43:33.0597 2676        clr_optimization_v2.0.50727_32 - ok
16:43:33.0753 2676        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:43:33.0784 2676        clr_optimization_v4.0.30319_32 - ok
16:43:33.0862 2676        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:43:33.0924 2676        CmBatt - ok
16:43:33.0987 2676        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
16:43:34.0002 2676        cmdide - ok
16:43:34.0080 2676        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:43:34.0096 2676        Compbatt - ok
16:43:34.0111 2676        COMSysApp - ok
16:43:34.0111 2676        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
16:43:34.0143 2676        crcdisk - ok
16:43:34.0158 2676        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
16:43:34.0236 2676        Crusoe - ok
16:43:34.0283 2676        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
16:43:34.0314 2676        CryptSvc - ok
16:43:34.0470 2676        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:43:34.0564 2676        DcomLaunch - ok
16:43:34.0704 2676        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
16:43:34.0798 2676        DfsC - ok
16:43:35.0391 2676        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
16:43:35.0640 2676        DFSR - ok
16:43:36.0046 2676        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
16:43:36.0124 2676        Dhcp - ok
16:43:36.0217 2676        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
16:43:36.0249 2676        disk - ok
16:43:36.0311 2676        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
16:43:36.0373 2676        Dnscache - ok
16:43:36.0436 2676        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
16:43:36.0467 2676        dot3svc - ok
16:43:36.0545 2676        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:43:36.0607 2676        DPS - ok
16:43:36.0670 2676        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:43:36.0701 2676        drmkaud - ok
16:43:36.0810 2676        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
16:43:36.0841 2676        DXGKrnl - ok
16:43:36.0888 2676        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:43:36.0997 2676        E1G60 - ok
16:43:37.0060 2676        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:43:37.0091 2676        EapHost - ok
16:43:37.0185 2676        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
16:43:37.0200 2676        Ecache - ok
16:43:37.0263 2676        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:43:37.0325 2676        ehRecvr - ok
16:43:37.0403 2676        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:43:37.0450 2676        ehSched - ok
16:43:37.0481 2676        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:43:37.0512 2676        ehstart - ok
16:43:37.0590 2676        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
16:43:37.0637 2676        elxstor - ok
16:43:37.0746 2676        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
16:43:37.0840 2676        EMDMgmt - ok
16:43:37.0887 2676        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
16:43:37.0949 2676        EventSystem - ok
16:43:38.0011 2676        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
16:43:38.0089 2676        exfat - ok
16:43:38.0136 2676        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
16:43:38.0167 2676        fastfat - ok
16:43:38.0230 2676        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
16:43:38.0323 2676        fdc - ok
16:43:38.0355 2676        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:43:38.0386 2676        fdPHost - ok
16:43:38.0401 2676        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:43:38.0479 2676        FDResPub - ok
16:43:38.0526 2676        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:43:38.0542 2676        FileInfo - ok
16:43:38.0557 2676        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:43:38.0604 2676        Filetrace - ok
16:43:38.0651 2676        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
16:43:38.0729 2676        flpydisk - ok
16:43:38.0854 2676        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
16:43:38.0885 2676        FltMgr - ok
16:43:39.0088 2676        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
16:43:39.0197 2676        FontCache - ok
16:43:39.0306 2676        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:43:39.0337 2676        FontCache3.0.0.0 - ok
16:43:39.0369 2676        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
16:43:39.0431 2676        Fs_Rec - ok
16:43:39.0493 2676        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
16:43:39.0525 2676        gagp30kx - ok
16:43:39.0587 2676        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:43:39.0603 2676        GEARAspiWDM - ok
16:43:39.0743 2676        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
16:43:39.0868 2676        gpsvc - ok
16:43:40.0133 2676        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:43:40.0149 2676        gupdate - ok
16:43:40.0149 2676        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:43:40.0180 2676        gupdatem - ok
16:43:40.0242 2676        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
16:43:40.0351 2676        HdAudAddService - ok
16:43:40.0523 2676        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:43:40.0648 2676        HDAudBus - ok
16:43:40.0663 2676        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:43:40.0788 2676        HidBth - ok
16:43:40.0897 2676        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:43:41.0007 2676        HidIr - ok
16:43:41.0100 2676        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
16:43:41.0163 2676        hidserv - ok
16:43:41.0303 2676        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
16:43:41.0365 2676        HidUsb - ok
16:43:41.0443 2676        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:43:41.0521 2676        hkmsvc - ok
16:43:41.0755 2676        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
16:43:41.0771 2676        HpCISSs - ok
16:43:41.0896 2676        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
16:43:42.0005 2676        HTTP - ok
16:43:42.0145 2676        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
16:43:42.0161 2676        i2omp - ok
16:43:42.0255 2676        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:43:42.0301 2676        i8042prt - ok
16:43:42.0411 2676        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
16:43:42.0442 2676        iaStorV - ok
16:43:42.0660 2676        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:43:42.0691 2676        IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:43:42.0691 2676        IDriverT - detected UnsignedFile.Multi.Generic (1)
16:43:42.0910 2676        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:43:43.0035 2676        idsvc - ok
16:43:43.0471 2676        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:43:43.0487 2676        iirsp - ok
16:43:43.0705 2676        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
16:43:43.0783 2676        IKEEXT - ok
16:43:44.0423 2676        IntcAzAudAddService (7bd4e0428776d11c8e8e26f9f5508690) C:\Windows\system32\drivers\RTKVHDA.sys
16:43:44.0595 2676        IntcAzAudAddService - ok
16:43:45.0577 2676        intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
16:43:45.0593 2676        intelide - ok
16:43:45.0671 2676        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:43:45.0733 2676        intelppm - ok
16:43:45.0796 2676        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:43:45.0843 2676        IPBusEnum - ok
16:43:45.0874 2676        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:43:45.0921 2676        IpFilterDriver - ok
16:43:46.0201 2676        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
16:43:46.0264 2676        iphlpsvc - ok
16:43:46.0264 2676        IpInIp - ok
16:43:46.0420 2676        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
16:43:46.0513 2676        IPMIDRV - ok
16:43:46.0591 2676        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:43:46.0654 2676        IPNAT - ok
16:43:47.0075 2676        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
16:43:47.0184 2676        iPod Service - ok
16:43:47.0293 2676        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:43:47.0340 2676        IRENUM - ok
16:43:47.0512 2676        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
16:43:47.0543 2676        isapnp - ok
16:43:47.0652 2676        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
16:43:47.0683 2676        iScsiPrt - ok
16:43:47.0777 2676        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:43:47.0808 2676        iteatapi - ok
16:43:47.0980 2676        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:43:48.0027 2676        iteraid - ok
16:43:48.0167 2676        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:43:48.0183 2676        kbdclass - ok
16:43:48.0261 2676        kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
16:43:48.0370 2676        kbdhid - ok
16:43:48.0573 2676        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:43:48.0666 2676        KeyIso - ok
16:43:48.0729 2676        KMDFMEMIO      (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
16:43:48.0775 2676        KMDFMEMIO - ok
16:43:49.0056 2676        KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
16:43:49.0119 2676        KSecDD - ok
16:43:49.0197 2676        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:43:49.0337 2676        KtmRm - ok
16:43:49.0555 2676        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
16:43:49.0649 2676        LanmanServer - ok
16:43:49.0836 2676        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
16:43:49.0914 2676        LanmanWorkstation - ok
16:43:50.0226 2676        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:43:50.0273 2676        lltdio - ok
16:43:50.0507 2676        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:43:50.0585 2676        lltdsvc - ok
16:43:50.0741 2676        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:43:50.0819 2676        lmhosts - ok
16:43:50.0897 2676        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
16:43:50.0928 2676        LSI_FC - ok
16:43:51.0053 2676        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
16:43:51.0069 2676        LSI_SAS - ok
16:43:51.0178 2676        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
16:43:51.0209 2676        LSI_SCSI - ok
16:43:51.0334 2676        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:43:51.0396 2676        luafv - ok
16:43:51.0474 2676        LVRS            (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys
16:43:51.0521 2676        LVRS - ok
16:43:52.0535 2676        LVUVC          (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys
16:43:52.0878 2676        LVUVC - ok
16:43:53.0299 2676        MBAMProtector  (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
16:43:53.0315 2676        MBAMProtector - ok
16:43:53.0518 2676        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:43:53.0627 2676        MBAMService - ok
16:43:53.0845 2676        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
16:43:53.0877 2676        McComponentHostService - ok
16:43:54.0001 2676        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:43:54.0048 2676        Mcx2Svc - ok
16:43:54.0282 2676        MDM            (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
16:43:54.0313 2676        MDM - ok
16:43:54.0501 2676        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
16:43:54.0532 2676        megasas - ok
16:43:54.0641 2676        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:43:54.0688 2676        MMCSS - ok
16:43:54.0766 2676        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:43:54.0813 2676        Modem - ok
16:43:54.0875 2676        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:43:54.0906 2676        monitor - ok
16:43:55.0031 2676        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:43:55.0047 2676        mouclass - ok
16:43:55.0062 2676        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:43:55.0109 2676        mouhid - ok
16:43:55.0203 2676        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:43:55.0218 2676        MountMgr - ok
16:43:55.0281 2676        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:43:55.0296 2676        MozillaMaintenance - ok
16:43:55.0343 2676        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
16:43:55.0359 2676        MpFilter - ok
16:43:55.0405 2676        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
16:43:55.0421 2676        mpio - ok
16:43:55.0546 2676        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:43:55.0593 2676        mpsdrv - ok
16:43:55.0671 2676        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
16:43:55.0749 2676        MpsSvc - ok
16:43:55.0795 2676        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:43:55.0811 2676        Mraid35x - ok
16:43:55.0858 2676        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
16:43:55.0889 2676        MRxDAV - ok
16:43:55.0983 2676        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:43:56.0045 2676        mrxsmb - ok
16:43:56.0170 2676        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:43:56.0217 2676        mrxsmb10 - ok
16:43:56.0248 2676        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:43:56.0295 2676        mrxsmb20 - ok
16:43:56.0419 2676        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
16:43:56.0451 2676        msahci - ok
16:43:56.0591 2676        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
16:43:56.0607 2676        msdsm - ok
16:43:56.0747 2676        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:43:56.0825 2676        MSDTC - ok
16:43:56.0887 2676        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:43:56.0934 2676        Msfs - ok
16:43:57.0012 2676        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:43:57.0028 2676        msisadrv - ok
16:43:57.0168 2676        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:43:57.0246 2676        MSiSCSI - ok
16:43:57.0246 2676        msiserver - ok
16:43:57.0324 2676        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:43:57.0387 2676        MSKSSRV - ok
16:43:57.0558 2676        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:43:57.0574 2676        MsMpSvc - ok
16:43:57.0652 2676        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:43:57.0745 2676        MSPCLOCK - ok
16:43:57.0792 2676        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:43:57.0855 2676        MSPQM - ok
16:43:57.0964 2676        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
16:43:57.0995 2676        MsRPC - ok
16:43:58.0120 2676        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:43:58.0151 2676        mssmbios - ok
16:43:58.0198 2676        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:43:58.0291 2676        MSTEE - ok
16:43:58.0338 2676        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
16:43:58.0354 2676        Mup - ok
16:43:58.0510 2676        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
16:43:58.0603 2676        napagent - ok
16:43:58.0744 2676        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
16:43:58.0806 2676        NativeWifiP - ok
16:43:59.0071 2676        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
16:43:59.0149 2676        NDIS - ok
16:43:59.0243 2676        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:43:59.0290 2676        NdisTapi - ok
16:43:59.0337 2676        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:43:59.0383 2676        Ndisuio - ok
16:43:59.0524 2676        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:43:59.0602 2676        NdisWan - ok
16:43:59.0649 2676        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:43:59.0680 2676        NDProxy - ok
16:43:59.0773 2676        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:43:59.0836 2676        NetBIOS - ok
16:43:59.0914 2676        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
16:43:59.0976 2676        netbt - ok
16:44:00.0117 2676        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:00.0132 2676        Netlogon - ok
16:44:00.0226 2676        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:44:00.0304 2676        Netman - ok
16:44:00.0366 2676        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:44:00.0429 2676        netprofm - ok
16:44:00.0569 2676        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:44:00.0585 2676        NetTcpPortSharing - ok
16:44:01.0006 2676        NETw2v32        (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
16:44:01.0365 2676        NETw2v32 - ok
16:44:01.0692 2676        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:44:01.0708 2676        nfrd960 - ok
16:44:01.0755 2676        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:44:01.0770 2676        NisDrv - ok
16:44:01.0942 2676        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:44:01.0957 2676        NisSrv - ok
16:44:02.0051 2676        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:44:02.0145 2676        NlaSvc - ok
16:44:02.0207 2676        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
16:44:02.0238 2676        Npfs - ok
16:44:02.0316 2676        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:44:02.0363 2676        nsi - ok
16:44:02.0394 2676        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:44:02.0457 2676        nsiproxy - ok
16:44:02.0628 2676        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
16:44:02.0691 2676        Ntfs - ok
16:44:02.0753 2676        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:44:02.0831 2676        ntrigdigi - ok
16:44:02.0847 2676        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:44:02.0878 2676        Null - ok
16:44:02.0940 2676        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
16:44:02.0956 2676        nvraid - ok
16:44:03.0034 2676        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
16:44:03.0049 2676        nvstor - ok
16:44:03.0112 2676        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
16:44:03.0127 2676        nv_agp - ok
16:44:03.0127 2676        NwlnkFlt - ok
16:44:03.0143 2676        NwlnkFwd - ok
16:44:03.0174 2676        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
16:44:03.0237 2676        ohci1394 - ok
16:44:03.0330 2676        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:03.0346 2676        ose - ok
16:44:03.0486 2676        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:03.0595 2676        p2pimsvc - ok
16:44:03.0611 2676        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:03.0658 2676        p2psvc - ok
16:44:03.0720 2676        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:44:03.0798 2676        Parport - ok
16:44:03.0845 2676        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
16:44:03.0861 2676        partmgr - ok
16:44:03.0892 2676        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:44:03.0985 2676        Parvdm - ok
16:44:04.0110 2676        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:44:04.0204 2676        PcaSvc - ok
16:44:04.0235 2676        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
16:44:04.0266 2676        pci - ok
16:44:04.0313 2676        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
16:44:04.0344 2676        pciide - ok
16:44:04.0391 2676        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
16:44:04.0407 2676        pcmcia - ok
16:44:04.0563 2676        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:44:04.0672 2676        PEAUTH - ok
16:44:04.0999 2676        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:44:05.0124 2676        pla - ok
16:44:05.0452 2676        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
16:44:05.0499 2676        PlugPlay - ok
16:44:05.0701 2676        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:05.0764 2676        PNRPAutoReg - ok
16:44:05.0779 2676        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:44:05.0826 2676        PNRPsvc - ok
16:44:05.0920 2676        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
16:44:06.0013 2676        PolicyAgent - ok
16:44:06.0123 2676        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:44:06.0169 2676        PptpMiniport - ok
16:44:06.0216 2676        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
16:44:06.0325 2676        Processor - ok
16:44:06.0419 2676        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
16:44:06.0450 2676        ProfSvc - ok
16:44:06.0497 2676        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:06.0528 2676        ProtectedStorage - ok
16:44:06.0575 2676        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
16:44:06.0653 2676        PSched - ok
16:44:06.0700 2676        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
16:44:06.0715 2676        PxHelp20 - ok
16:44:06.0856 2676        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
16:44:06.0965 2676        ql2300 - ok
16:44:07.0027 2676        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:44:07.0043 2676        ql40xx - ok
16:44:07.0105 2676        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:44:07.0137 2676        QWAVE - ok
16:44:07.0183 2676        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:44:07.0215 2676        QWAVEdrv - ok
16:44:07.0542 2676        R300            (e46f2fb11cfe13187a4e3ef512c0d226) C:\Windows\system32\DRIVERS\atikmdag.sys
16:44:07.0683 2676        R300 - ok
16:44:07.0948 2676        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:44:08.0010 2676        RasAcd - ok
16:44:08.0057 2676        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:44:08.0135 2676        RasAuto - ok
16:44:08.0166 2676        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:44:08.0213 2676        Rasl2tp - ok
16:44:08.0291 2676        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
16:44:08.0369 2676        RasMan - ok
16:44:08.0447 2676        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
16:44:08.0494 2676        RasPppoe - ok
16:44:08.0556 2676        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
16:44:08.0587 2676        RasSstp - ok
16:44:08.0650 2676        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
16:44:08.0697 2676        rdbss - ok
16:44:08.0728 2676        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:44:08.0790 2676        RDPCDD - ok
16:44:08.0868 2676        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
16:44:08.0977 2676        rdpdr - ok
16:44:08.0977 2676        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:44:09.0024 2676        RDPENCDD - ok
16:44:09.0102 2676        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
16:44:09.0149 2676        RDPWD - ok
16:44:09.0243 2676        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:44:09.0289 2676        RemoteAccess - ok
16:44:09.0352 2676        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
16:44:09.0414 2676        RemoteRegistry - ok
16:44:09.0461 2676        RFCOMM          (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
16:44:09.0523 2676        RFCOMM - ok
16:44:09.0679 2676        RichVideo      (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:44:09.0726 2676        RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:44:09.0726 2676        RichVideo - detected UnsignedFile.Multi.Generic (1)
16:44:09.0742 2676        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:44:09.0804 2676        RpcLocator - ok
16:44:09.0929 2676        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:44:09.0991 2676        RpcSs - ok
16:44:10.0054 2676        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:44:10.0101 2676        rspndr - ok
16:44:10.0147 2676        RTL8023xp      (959ef612d2ccfdb6d9e443f8e3655013) C:\Windows\system32\DRIVERS\Rtnicxp.sys
16:44:10.0210 2676        RTL8023xp - ok
16:44:10.0257 2676        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:44:10.0272 2676        SamSs - ok
16:44:10.0397 2676        Samsung Update Plus (4bfb51cdb25d4d4b9e8fccab635f262e) C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
16:44:10.0444 2676        Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
16:44:10.0444 2676        Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
16:44:10.0475 2676        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:44:10.0491 2676        sbp2port - ok
16:44:10.0553 2676        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
16:44:10.0631 2676        SCardSvr - ok
16:44:10.0740 2676        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
16:44:10.0881 2676        Schedule - ok
16:44:10.0927 2676        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:44:10.0959 2676        SCPolicySvc - ok
16:44:11.0068 2676        sdbus          (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
16:44:11.0161 2676        sdbus - ok
16:44:11.0224 2676        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:44:11.0286 2676        SDRSVC - ok
16:44:11.0317 2676        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:44:11.0411 2676        secdrv - ok
16:44:11.0427 2676        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:44:11.0473 2676        seclogon - ok
16:44:11.0567 2676        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:44:11.0614 2676        SENS - ok
16:44:11.0676 2676        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:44:11.0754 2676        Serenum - ok
16:44:11.0817 2676        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:44:11.0895 2676        Serial - ok
16:44:11.0988 2676        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:44:12.0019 2676        sermouse - ok
16:44:12.0191 2676        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:44:12.0238 2676        SessionEnv - ok
16:44:12.0363 2676        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
16:44:12.0456 2676        sffdisk - ok
16:44:12.0565 2676        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
16:44:12.0643 2676        sffp_mmc - ok
16:44:12.0721 2676        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
16:44:12.0799 2676        sffp_sd - ok
16:44:12.0831 2676        sfloppy        (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
16:44:12.0877 2676        sfloppy - ok
16:44:12.0971 2676        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:44:13.0018 2676        SharedAccess - ok
16:44:13.0111 2676        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
16:44:13.0174 2676        ShellHWDetection - ok
16:44:13.0221 2676        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
16:44:13.0236 2676        sisagp - ok
16:44:13.0267 2676        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
16:44:13.0283 2676        SiSRaid2 - ok
16:44:13.0314 2676        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
16:44:13.0345 2676        SiSRaid4 - ok
16:44:13.0470 2676        SkypeUpdate    (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
16:44:13.0486 2676        SkypeUpdate - ok
16:44:13.0938 2676        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
16:44:14.0266 2676        slsvc - ok
16:44:14.0500 2676        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
16:44:14.0578 2676        SLUINotify - ok
16:44:14.0656 2676        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
16:44:14.0749 2676        Smb - ok
16:44:14.0796 2676        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:44:14.0827 2676        SNMPTRAP - ok
16:44:14.0905 2676        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:44:14.0921 2676        spldr - ok
16:44:14.0999 2676        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
16:44:15.0061 2676        Spooler - ok
16:44:15.0186 2676        SQLWriter      (d2f4f32b59440011174b4f8137af4e0c) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:44:15.0202 2676        SQLWriter - ok
16:44:15.0327 2676        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
16:44:15.0405 2676        srv - ok
16:44:15.0451 2676        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
16:44:15.0514 2676        srv2 - ok
16:44:15.0545 2676        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
16:44:15.0576 2676        srvnet - ok
16:44:15.0654 2676        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:44:15.0701 2676        SSDPSRV - ok
16:44:15.0748 2676        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:44:15.0795 2676        SstpSvc - ok
16:44:15.0888 2676        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
16:44:15.0982 2676        stisvc - ok
16:44:16.0044 2676        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:44:16.0060 2676        swenum - ok
16:44:16.0153 2676        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
16:44:16.0231 2676        swprv - ok
16:44:16.0309 2676        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:44:16.0341 2676        Symc8xx - ok
16:44:16.0356 2676        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:44:16.0387 2676        Sym_hi - ok
16:44:16.0419 2676        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:44:16.0450 2676        Sym_u3 - ok
16:44:16.0528 2676        SynTP          (c1777074592bbb55b1f1a2fbc7a60498) C:\Windows\system32\DRIVERS\SynTP.sys
16:44:16.0543 2676        SynTP - ok
16:44:16.0621 2676        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
16:44:16.0684 2676        SysMain - ok
16:44:16.0731 2676        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:44:16.0793 2676        TabletInputService - ok
16:44:16.0902 2676        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
16:44:16.0980 2676        TapiSrv - ok
16:44:17.0043 2676        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:44:17.0105 2676        TBS - ok
16:44:17.0245 2676        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
16:44:17.0355 2676        Tcpip - ok
16:44:17.0370 2676        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
16:44:17.0417 2676        Tcpip6 - ok
16:44:17.0464 2676        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
16:44:17.0495 2676        tcpipreg - ok
16:44:17.0557 2676        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:44:17.0589 2676        TDPIPE - ok
16:44:17.0651 2676        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:44:17.0698 2676        TDTCP - ok
16:44:17.0760 2676        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
16:44:17.0823 2676        tdx - ok
16:44:17.0947 2676        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
16:44:17.0963 2676        TermDD - ok
16:44:18.0072 2676        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
16:44:18.0166 2676        TermService - ok
16:44:18.0228 2676        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
16:44:18.0259 2676        Themes - ok
16:44:18.0291 2676        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:44:18.0322 2676        THREADORDER - ok
16:44:18.0369 2676        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:44:18.0415 2676        TrkWks - ok
16:44:18.0540 2676        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
16:44:18.0571 2676        TrustedInstaller - ok
16:44:18.0603 2676        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:44:18.0665 2676        tssecsrv - ok
16:44:18.0696 2676        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:44:18.0727 2676        tunmp - ok
16:44:18.0743 2676        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
16:44:18.0774 2676        tunnel - ok
16:44:18.0805 2676        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
16:44:18.0821 2676        uagp35 - ok
16:44:18.0883 2676        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
16:44:18.0930 2676        udfs - ok
16:44:19.0039 2676        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:44:19.0086 2676        UI0Detect - ok
16:44:19.0117 2676        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
16:44:19.0133 2676        uliagpkx - ok
16:44:19.0195 2676        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
16:44:19.0227 2676        uliahci - ok
16:44:19.0305 2676        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:44:19.0336 2676        UlSata - ok
16:44:19.0398 2676        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:44:19.0414 2676        ulsata2 - ok
16:44:19.0476 2676        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:44:19.0523 2676        umbus - ok
16:44:19.0663 2676        UMVPFSrv        (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:44:19.0710 2676        UMVPFSrv - ok
16:44:19.0866 2676        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:44:19.0975 2676        upnphost - ok
16:44:20.0022 2676        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
16:44:20.0069 2676        USBAAPL - ok
16:44:20.0163 2676        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
16:44:20.0225 2676        usbaudio - ok
16:44:20.0287 2676        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
16:44:20.0350 2676        usbccgp - ok
16:44:20.0397 2676        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:44:20.0475 2676        usbcir - ok
16:44:20.0506 2676        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
16:44:20.0553 2676        usbehci - ok
16:44:20.0584 2676        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
16:44:20.0646 2676        usbhub - ok
16:44:20.0693 2676        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
16:44:20.0740 2676        usbohci - ok
16:44:20.0818 2676        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:44:20.0865 2676        usbprint - ok
16:44:20.0974 2676        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:44:21.0005 2676        USBSTOR - ok
16:44:21.0052 2676        usbuhci        (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
16:44:21.0130 2676        usbuhci - ok
16:44:21.0208 2676        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:44:21.0286 2676        usbvideo - ok
16:44:21.0379 2676        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
16:44:21.0442 2676        UxSms - ok
16:44:21.0535 2676        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
16:44:21.0645 2676        vds - ok
16:44:21.0707 2676        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
16:44:21.0754 2676        vga - ok
16:44:21.0832 2676        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:44:21.0879 2676        VgaSave - ok
16:44:21.0910 2676        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
16:44:21.0941 2676        viaagp - ok
16:44:21.0957 2676        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
16:44:22.0081 2676        ViaC7 - ok
16:44:22.0097 2676        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
16:44:22.0113 2676        viaide - ok
16:44:22.0175 2676        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:44:22.0191 2676        volmgr - ok
16:44:22.0300 2676        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
16:44:22.0331 2676        volmgrx - ok
16:44:22.0378 2676        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
16:44:22.0409 2676        volsnap - ok
16:44:22.0440 2676        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
16:44:22.0456 2676        vsmraid - ok
16:44:22.0627 2676        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
16:44:22.0768 2676        VSS - ok
16:44:23.0002 2676        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
16:44:23.0080 2676        W32Time - ok
16:44:23.0173 2676        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:44:23.0236 2676        WacomPen - ok
16:44:23.0298 2676        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:44:23.0345 2676        Wanarp - ok
16:44:23.0345 2676        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:44:23.0376 2676        Wanarpv6 - ok
16:44:23.0470 2676        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
16:44:23.0501 2676        wcncsvc - ok
16:44:23.0563 2676        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:44:23.0595 2676        WcsPlugInService - ok
16:44:23.0626 2676        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
16:44:23.0641 2676        Wd - ok
16:44:23.0797 2676        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:44:23.0829 2676        Wdf01000 - ok
16:44:23.0922 2676        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:44:24.0000 2676        WdiServiceHost - ok
16:44:24.0016 2676        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:44:24.0063 2676        WdiSystemHost - ok
16:44:24.0125 2676        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
16:44:24.0187 2676        WebClient - ok
16:44:24.0250 2676        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:44:24.0297 2676        Wecsvc - ok
16:44:24.0375 2676        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:44:24.0437 2676        wercplsupport - ok
16:44:24.0499 2676        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
16:44:24.0546 2676        WerSvc - ok
16:44:24.0702 2676        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:44:24.0733 2676        WinDefend - ok
16:44:24.0733 2676        WinHttpAutoProxySvc - ok
16:44:24.0843 2676        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
16:44:24.0874 2676        Winmgmt - ok
16:44:25.0123 2676        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:44:25.0233 2676        WinRM - ok
16:44:25.0326 2676        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
16:44:25.0404 2676        Wlansvc - ok
16:44:25.0529 2676        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
16:44:25.0623 2676        WmiAcpi - ok
16:44:25.0763 2676        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
16:44:25.0810 2676        wmiApSrv - ok
16:44:26.0013 2676        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:44:26.0106 2676        WMPNetworkSvc - ok
16:44:26.0184 2676        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
16:44:26.0247 2676        WPCSvc - ok
16:44:26.0293 2676        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
16:44:26.0340 2676        WPDBusEnum - ok
16:44:26.0465 2676        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
16:44:26.0481 2676        WpdUsb - ok
16:44:26.0824 2676        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:44:26.0886 2676        WPFFontCache_v0400 - ok
16:44:26.0933 2676        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:44:26.0980 2676        ws2ifsl - ok
16:44:27.0042 2676        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
16:44:27.0073 2676        wscsvc - ok
16:44:27.0120 2676        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:44:27.0151 2676        WSDPrintDevice - ok
16:44:27.0214 2676        WSDScan        (65d1ff8aaff4a7d8f787a290e5087816) C:\Windows\system32\DRIVERS\WSDScan.sys
16:44:27.0261 2676        WSDScan - ok
16:44:27.0261 2676        WSearch - ok
16:44:27.0666 2676        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:44:27.0822 2676        wuauserv - ok
16:44:28.0197 2676        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:44:28.0275 2676        WUDFRd - ok
16:44:28.0321 2676        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:44:28.0384 2676        wudfsvc - ok
16:44:28.0462 2676        yukonwlh        (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
16:44:28.0509 2676        yukonwlh - ok
16:44:28.0540 2676        MBR (0x1B8)    (61a349592c4728853f4a90ff78f7628e) \Device\Harddisk0\DR0
16:44:29.0367 2676        \Device\Harddisk0\DR0 - ok
16:44:29.0398 2676        Boot (0x1200)  (2d3c8d6b7dd7b6f8b97b0afa65d62e88) \Device\Harddisk0\DR0\Partition0
16:44:29.0476 2676        \Device\Harddisk0\DR0\Partition0 - ok
16:44:29.0507 2676        Boot (0x1200)  (c9074faa7fa3743eae28f3b181586712) \Device\Harddisk0\DR0\Partition1
16:44:29.0507 2676        \Device\Harddisk0\DR0\Partition1 - ok
16:44:29.0507 2676        ============================================================
16:44:29.0507 2676        Scan finished
16:44:29.0507 2676        ============================================================
16:44:29.0523 5184        Detected object count: 3
16:44:29.0523 5184        Actual detected object count: 3
16:54:22.0115 5184        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:22.0115 5184        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:22.0130 5184        RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:22.0130 5184        RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:22.0130 5184        Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:22.0130 5184        Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:24.0580 5604        Deinitialize success

cosinus 18.07.2012 20:21
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

mirhannah 18.07.2012 21:08
[code] Combofix Logfile:
Code:
ComboFix 12-07-18.04 - Hannah 18.07.2012  21:42:41.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.1789.1044 [GMT 2:00]
ausgeführt von:: c:\users\Hannah\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-18 bis 2012-07-18  ))))))))))))))))))))))))))))))
.
.
2012-07-18 19:50 . 2012-07-18 19:50        --------        d-----w-        c:\users\Hannah\AppData\Local\temp
2012-07-18 19:50 . 2012-07-18 19:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-18 19:21 . 2012-07-18 19:21        29904        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A8B69E6-D14B-4251-86AD-81D2D8D607EE}\MpKsl73129b21.sys
2012-07-18 19:21 . 2012-07-18 19:21        56200        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A8B69E6-D14B-4251-86AD-81D2D8D607EE}\offreg.dll
2012-07-18 18:54 . 2012-06-29 08:44        6891424        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A8B69E6-D14B-4251-86AD-81D2D8D607EE}\mpengine.dll
2012-07-17 14:45 . 2012-06-29 08:44        6891424        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-17 14:30 . 2012-07-17 14:36        --------        d-----w-        c:\programdata\Avira
2012-07-13 20:49 . 2012-07-13 20:49        --------        d-----w-        C:\_OTL
2012-07-12 08:02 . 2012-07-12 08:02        --------        d-----w-        c:\users\Hannah\AppData\Local\Macromedia
2012-07-12 07:14 . 2012-07-12 07:18        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-07-11 17:29 . 2012-06-13 13:40        2047488        ----a-w-        c:\windows\system32\win32k.sys
2012-07-11 07:08 . 2012-04-23 16:00        984064        ----a-w-        c:\windows\system32\crypt32.dll
2012-07-11 07:08 . 2012-04-23 16:00        133120        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-07-11 07:08 . 2012-04-23 16:00        98304        ----a-w-        c:\windows\system32\cryptnet.dll
2012-07-11 07:07 . 2012-06-05 16:47        708608        ----a-w-        c:\program files\Common Files\System\ado\msado15.dll
2012-07-11 07:07 . 2012-06-05 16:47        1401856        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-11 07:07 . 2012-06-05 16:47        1248768        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-11 07:07 . 2012-06-04 15:26        440704        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-07-11 07:07 . 2012-06-02 00:04        278528        ----a-w-        c:\windows\system32\schannel.dll
2012-07-11 07:07 . 2012-06-02 00:03        204288        ----a-w-        c:\windows\system32\ncrypt.dll
2012-07-05 19:51 . 2012-07-05 19:51        --------        d-----w-        c:\program files\ESET
2012-07-05 15:54 . 2012-07-05 15:54        --------        d-----w-        c:\programdata\regid.1986-12.com.adobe
2012-07-04 19:18 . 2012-07-05 15:49        --------        d-----w-        c:\program files\PC Tools
2012-07-04 19:13 . 2012-05-11 09:14        203088        ----a-w-        c:\windows\system32\drivers\PCTSD.sys
2012-07-04 19:13 . 2012-07-05 15:49        --------        d-----w-        c:\program files\Common Files\PC Tools
2012-07-04 19:13 . 2012-07-05 15:46        --------        d-----w-        c:\programdata\PC Tools
2012-07-04 19:13 . 2012-07-04 19:13        --------        d-----w-        c:\users\Hannah\AppData\Roaming\TestApp
2012-07-04 14:55 . 2012-07-04 14:55        --------        d-----w-        c:\users\Hannah\AppData\Roaming\Malwarebytes
2012-07-04 14:54 . 2012-07-04 14:54        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-04 14:54 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-07-04 14:54 . 2012-07-13 18:11        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-07-04 11:35 . 2012-05-03 06:37        713784        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E001C7F-B8AB-40BD-A366-5A2C054C0228}\gapaengine.dll
2012-07-02 15:01 . 2012-07-02 15:01        --------        d-----w-        c:\programdata\Premium
2012-07-02 15:00 . 2012-07-02 15:01        --------        d-----w-        c:\programdata\InstallMate
2012-06-22 07:24 . 2012-06-02 22:19        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-22 07:24 . 2012-06-02 22:19        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-22 07:24 . 2012-06-02 22:19        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-22 07:24 . 2012-06-02 22:12        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-22 07:24 . 2012-06-02 22:19        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-22 07:24 . 2012-06-02 22:12        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-22 07:24 . 2012-06-02 22:19        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-22 07:24 . 2012-06-02 13:19        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-22 07:24 . 2012-06-02 13:12        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-19 11:22 . 2012-06-19 11:22        421200        ----a-w-        c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-19 11:22 . 2012-06-19 11:22        770384        ----a-w-        c:\program files\Mozilla Firefox\msvcr100.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 07:18 . 2011-06-14 05:25        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-04 17:29 . 2012-06-16 17:25        772504        ----a-w-        c:\windows\system32\npDeployJava1.dll
2012-05-04 17:29 . 2010-06-18 18:38        687504        ----a-w-        c:\windows\system32\deployJava1.dll
2012-05-03 06:37 . 2012-05-03 06:41        713784        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-05-01 14:03 . 2012-06-13 06:12        180736        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-06-19 11:23 . 2011-05-10 20:45        85472        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-13 4489216]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-23 857648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"FLMOFFICE4DMOUSE"="c:\program files\Browser MOUSE\mouse32a.exe" [2010-09-21 360448]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-24 723760]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-18 22:38        1008184        ----a-w-        c:\program files\Windows Defender\MSASCui.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL73129B21
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 07:18]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 13:39]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 13:39]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;<local>
IE: Free YouTube Download - c:\users\Hannah\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Hannah\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\x6b6u5gh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zeit.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\users\Hannah\AppData\Local\Akamai\netsession_win.exe
HKLM-Run-IMBooster - c:\program files\Iminent\IMBooster\imbooster.exe
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe
AddRemove-kikin Plugin (NO23 Edition) - c:\program files\kikin\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-18 21:50
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4400)
c:\windows\system32\btmmhook.dll
c:\program files\Browser MOUSE\MOUDL32A.DLL
.
Zeit der Fertigstellung: 2012-07-18  21:55:54
ComboFix-quarantined-files.txt  2012-07-18 19:55
.
Vor Suchlauf: 10 Verzeichnis(se), 23.656.595.456 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 23.610.908.672 Bytes frei
.
- - End Of File - - ADF26F2117576DF4918142E5DAB90DE7
--- --- ---

cosinus 19.07.2012 16:28
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

mirhannah 19.07.2012 18:10
habe weder winrar noch 7zip, geht auch was anderes?

cosinus 19.07.2012 20:06
Nein geht nicht. Was hindert dich daran 7zip zu installieren :confused:

mirhannah 19.07.2012 21:49
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-19 22:46:24
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542516K9A300 rev.BBCOC32P
Running: gmer.exe; Driver: C:\Users\Hannah\AppData\Local\Temp\uwdirpog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg            HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00027875488f                     
Reg            HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00027875585f                     
Reg            HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000278755861                     
Reg            HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000278755ef5                     
Reg            HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00027875488f (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00027875585f (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000278755861 (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000278755ef5 (not active ControlSet) 

---- EOF - GMER 1.0.15 ----
--- --- ---


OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:10:20 on 19.07.2012

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 14.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\Users\Hannah\AppData\Local\Temp\catchme.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"MpKslcb5983fd" (MpKslcb5983fd) - "Microsoft Corporation" - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81679C99-B663-4D0E-AD63-48A8CD7A770C}\MpKslcb5983fd.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"uwdirpog" (uwdirpog) - ? - C:\Users\Hannah\AppData\Local\Temp\uwdirpog.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - c:\PROGRA~1\MI239C~1\shellext.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -  (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} "ClsidExtension" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OSA.EXE  (Shortcut exists | File exists)
"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"Adobe Acrobat Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"CanonMyPrinter" - "CANON INC." - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu" - "CANON INC." - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"FLMOFFICE4DMOUSE" - ? - C:\Program Files\Browser MOUSE\mouse32a.exe
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"MSC" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"StartCCC" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  (File found, but it contains no detailed information)
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port Monitor" - "Adobe Systems Inc" - C:\Windows\system32\AdobePDF.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe  (File found, but it contains no detailed information)
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

cosinus 20.07.2012 08:46
Was ist mit aswMBR?


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:53 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131