Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Link in einer Mail ohne Betreff zu HCG Tropfen geklickt (https://www.trojaner-board.de/120173-link-mail-ohne-betreff-hcg-tropfen-geklickt.html)

RVD 23.07.2012 08:28
Link in einer Mail ohne Betreff zu HCG Tropfen geklickt
 
Guten Tag,

ich habe eine Email eines Verwandten bekommen. Diese Mail hatte keinen Betreff und enthielt nur einen Link. Dummerweise habe ich Blind auf diesen Link geklickt und landete auf einer Webseite von HCG Diät Tropfen. Warum auch immer habe ich auf den Shop der Seite geklickt, als ich diesen wieder verlassen wollte popte ein kleines Fenster im Firefox Browser auf und meinte das ich Irgendwelche Daten eingegeben hätte und ob ich mir sicher sei diese Seite zu verlassen. Ohne groß darüber nachzudenken Xte ich dieses Fenster und die beiden Tabs der HCG Seite. Nach einer weile kam mir dann die Idee auf eine Phishing Mail , oder etwas in der Art, reingefallen zu sein.

Der Vollscan Malwarebytes Anti-Malware ergab einen Treffer: pup.toolbardownloader.
Diese Datei wurde vom Programm erfolgreich gelöscht und in Quarantäne verschoben. Eine andere Wahl hatte ich nicht.

Ich habe also folgende Fehler begannen:

1. ich habe auf den Link in der Mail geklickt
2. ich habe auf der verlinkten Seite etwas angeklickt
3. ich habe auf die Mail geantwortet, weil ich erst dachte sie sei von meinem Verwandten

Nun habe ich mehrere Befürchtungen.
Das ich mir Viren/Trojaner eingefangen habe.
Das ich evtl. in eine Abo falle oder ähnlichem getappt bin und Bald eine Rechnung oder Ware von der Firma zu geschickt bekomme.
Das ich diese Mail an mein Adressbuch verschickt wird.

Ich ärgere mich über mich selber, wie konnte ich nur so dumm sein?

Ich bitte um eure Hilfe. Danke schon einmal.

Da ich diesen Beitrag von der Arbeit aus Sende, kann ich erst heute Abend eure Anweisungen befolgen und die Ergebnisse hier Posten.

cosinus 25.07.2012 14:49
Ohne die Logs von Malwarebytes und Co wird das hier nichts. :glaskugel:
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

RVD 25.07.2012 18:31
Danke für die Antwort.
Bislang hatte ich Antivir, ohne Befund, durchlaufen lassen und Malware mit diesem Ergebnis.

Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.22.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XXX:: XXX-PC [limitiert]

Schutz: Aktiviert


23.07.2012 00:08:53
mbam-log-2012-07-23 (00-08-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363255
Laufzeit: 43 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\Dokumente\Downloads\SoftonicDownloader_fuer_mcafee-labs-stinger.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 26.07.2012 12:09
Zitat:
XXX:: XXX-PC [limitiert]
Ohne Adminrechte ist das mal wieder grober Unfug :rolleyes:

Bitte erstmal routinemäßig einen neuen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

RVD 28.07.2012 12:40
Danke für die Antwort, hoffentlich habe ich diesmal alles richtig gemacht.

Der Malwarebytes log von Heute morgen.

Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.28.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XXX :: XXX-PC [Administrator]

Schutz: Aktiviert

28.07.2012 10:05:32
mbam-log-2012-07-28 (10-05-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 362346
Laufzeit: 32 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Der ESET Bericht von heute.
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2abea9dfba9c8e4bb0bda5db81932264
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-28 11:24:04
# local_time=2012-07-28 01:24:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 8080051 8080051 0 0
# compatibility_mode=5893 16776573 100 94 61224 95094761 0 0
# compatibility_mode=8192 67108863 100 0 111 111 0 0
# scanned=164149
# found=0
# cleaned=0
# scan_time=9733
Nun die alten Malwarebytes logs.
Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.25.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxx :: XXX-PC [Administrator]

Schutz: Aktiviert

25.07.2012 18:53:17
mbam-log-2012-07-25 (18-53-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205145
Laufzeit: 1 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.24.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxx :: xxx-PC [Administrator]

Schutz: Aktiviert

24.07.2012 19:14:54
mbam-log-2012-07-24 (19-14-54).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205174
Laufzeit: 1 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxx :: xxx-PC [Administrator]

Schutz: Aktiviert

23.07.2012 19:04:17
mbam-log-2012-07-23 (19-04-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363235
Laufzeit: 31 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxx :: xxx-PC [Administrator]

Schutz: Aktiviert

23.07.2012 18:43:36
mbam-log-2012-07-23 (18-43-36).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 204909
Laufzeit: 1 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 29.07.2012 00:25
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

RVD 29.07.2012 09:09
Hier die logs von AdwCleaner und danke für die Hilfe.

Code:
# AdwCleaner v1.703 - Logfile created 07/29/2012 at 10:05:33
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxx - xxx-PC
# Running from : C:\Users\xxx\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s3ohrbly.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [960 octets] - [29/07/2012 10:05:33]

########## EOF - C:\AdwCleaner[R1].txt - [1087 octets] ##########

cosinus 29.07.2012 16:59
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

RVD 29.07.2012 17:33
Danke, das ist diesmal dabei raus gekommen.
Code:
# AdwCleaner v1.703 - Logfile created 07/29/2012 at 18:26:28
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : xxx - xxx-PC
# Running from : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s3ohrbly.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1086 octets] - [29/07/2012 10:05:33]
AdwCleaner[S1].txt - [893 octets] - [29/07/2012 18:26:28]

########## EOF - C:\AdwCleaner[S1].txt - [1020 octets] ##########

cosinus 29.07.2012 19:51
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

RVD 29.07.2012 21:14
Es ist mir kein unterschied aufgefallen, nachdem ich auf den Link geklickt hatte. Ordner und Dateien hatte ich auch nicht vermisst. Es lief alles wie vorher. Sollte ich etwas vermissen? Danke für deine Zeit.

cosinus 30.07.2012 08:32
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

RVD 30.07.2012 18:17
So, hoffe das ist richtig, oder hätten auch einige Programme, die im Hintergrund laufen, beendet werden müssen?
Danke und Gruß

Code:

========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.05.13 11:28:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Adobe
[2012.04.25 22:19:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Avira
[2012.06.21 15:31:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2012.05.04 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DataDesign
[2012.04.25 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Identities
[2012.04.25 22:52:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Macromedia
[2012.07.23 00:07:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2011.04.12 09:54:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Media Center Programs
[2012.06.21 15:39:20 | 000,000,000 | --SD | M] -- C:\Users\xxx\AppData\Roaming\Microsoft
[2012.04.25 22:07:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mozilla
[2012.07.22 10:51:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\NVIDIA
[2012.06.28 19:09:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenArena
[2012.05.12 18:52:13 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.04.27 17:08:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Origin
[2012.04.25 23:14:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Thunderbird
[2012.04.25 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Winamp
[2012.04.25 22:26:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WinBatch
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >
Hab noch eine andere TXT datei gefunden, hoffe es ist nicht die gleiche.
OTL Logfile:
Code:
OTL logfile created on: 30.07.2012 19:00:43 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\xxx\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,47 Gb Available Physical Memory | 80,92% Memory free
16,00 Gb Paging File | 14,36 Gb Available in Paging File | 89,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,33 Gb Total Space | 383,64 Gb Free Space | 83,70% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 387,77 Gb Free Space | 83,26% Space Free | Partition Type: NTFS
Drive E: | 7,43 Gb Total Space | 0,99 Gb Free Space | 13,35% Space Free | Partition Type: NTFS
Drive G: | 1,80 Gb Total Space | 1,80 Gb Free Space | 100,00% Space Free | Partition Type: FAT
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.30 18:59:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.06.19 18:18:02 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.08 19:26:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 19:26:12 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 19:26:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.25 23:54:45 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.19 18:18:02 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.06.19 18:18:01 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.06.19 18:18:01 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012.06.19 18:18:01 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.06.19 18:18:01 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.21 13:41:29 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.19 18:18:02 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.08 19:26:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 19:26:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.05.08 19:26:13 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 19:26:13 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 001,192,448 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 7F 4C 43 BF 62 CD 01  [binary data]
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.21 13:41:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.13 11:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.21 14:26:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.21 13:41:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.13 11:26:30 | 000,000,000 | ---D | M]
 
[2012.04.25 22:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.07.25 19:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\s3ohrbly.default\extensions
[2012.07.03 21:20:33 | 000,000,000 | ---D | M] (DDBAC Plug-In) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\s3ohrbly.default\extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A}
[2012.04.25 22:42:10 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\s3ohrbly.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.05.17 12:38:08 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\s3ohrbly.default\extensions\ich@maltegoetz.de
[2012.04.25 22:58:45 | 000,005,365 | ---- | M] () -- C:\Users\xxo\AppData\Roaming\Mozilla\Firefox\Profiles\s3ohrbly.default\searchplugins\ign.xml
[2012.04.25 22:58:07 | 000,012,703 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s3ohrbly.default\searchplugins\imdb.xml
[2012.04.25 22:40:55 | 000,002,057 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s3ohrbly.default\searchplugins\youtube-videosuche.xml
[2012.06.08 10:37:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.21 13:41:29 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-500779693-2628315271-2835130382-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-500779693-2628315271-2835130382-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-500779693-2628315271-2835130382-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-500779693-2628315271-2835130382-1001\..Trusted Domains: olb.de ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://www.olb.de/olb_fb3_1867b/plugin/AXFOAM.CAB (B+S Banksysteme AG DDBAC Plug-In)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E65A079-D0AB-4761-93DC-8CC39E7A8D47}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.30 18:59:22 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.07.28 10:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.23 00:07:09 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2012.07.23 00:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.23 00:07:04 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.23 00:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.23 00:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.23 00:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2012.07.22 10:51:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\DVDFab
[2012.07.08 20:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.07.06 20:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.07.06 20:17:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012.07.06 20:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.30 18:59:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2012.07.30 18:52:04 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:52:04 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:51:40 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.30 18:51:40 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.30 18:51:40 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.30 18:51:40 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.30 18:51:40 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.30 18:44:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.30 18:44:25 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.29 10:03:18 | 000,632,049 | ---- | M] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2012.07.28 22:38:37 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft IntelliPoint installieren.lnk
[2012.07.28 14:17:28 | 000,023,850 | ---- | M] () -- C:\Users\xxx\Documents\Gamecube Spiele Sammlung.ods
[2012.07.27 23:22:12 | 000,017,582 | ---- | M] () -- C:\Users\xxx\Documents\DAnke.odt
[2012.07.23 00:08:13 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.12 14:35:50 | 000,293,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.08 20:21:36 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.07.08 20:21:36 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.07.06 20:40:05 | 000,019,731 | ---- | M] () -- C:\Users\xxx\Documents\Unbenannt 1.ods
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.07.29 10:03:12 | 000,632,049 | ---- | C] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2012.07.28 22:38:37 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft IntelliPoint installieren.lnk
[2012.07.27 16:28:48 | 000,017,582 | ---- | C] () -- C:\Users\xxx\Documents\DAnke.odt
[2012.07.23 00:07:05 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.11 20:47:13 | 000,023,850 | ---- | C] () -- C:\Users\xxx\Documents\Gamecube Spiele Sammlung.ods
[2012.07.06 20:40:02 | 000,019,731 | ---- | C] () -- C:\Users\xxx\Documents\Unbenannt 1.ods
[2012.07.06 20:17:57 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.07.06 20:17:57 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.06.27 20:40:40 | 000,151,552 | ---- | C] () -- C:\Users\xxx\WinDrv.dll
[2012.06.27 20:36:48 | 000,013,707 | ---- | C] () -- C:\Users\xxx\Default.ini
[2012.06.27 20:30:16 | 000,011,765 | ---- | C] () -- C:\Users\xxx\Engine.det
[2012.06.26 19:21:43 | 000,000,057 | ---- | C] () -- C:\Windows\sierra.ini
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.04 15:57:09 | 000,326,212 | ---- | C] () -- C:\Users\xxx\16_10_1920_pigcop.jpg
[2012.05.04 15:25:13 | 000,002,358 | ---- | C] () -- C:\Users\xxx\28020050.rdh
 
========== LOP Check ==========
 
[2012.06.21 15:31:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2012.05.04 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DataDesign
[2012.06.28 19:09:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenArena
[2012.05.12 18:52:13 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.04.27 17:08:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Origin
[2012.04.25 23:14:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Thunderbird
[2012.04.25 22:26:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WinBatch
[2012.06.19 18:17:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.05.13 11:28:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Adobe
[2012.04.25 22:19:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Avira
[2012.06.21 15:31:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2012.05.04 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DataDesign
[2012.04.25 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Identities
[2012.04.25 22:52:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Macromedia
[2012.07.23 00:07:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2011.04.12 09:54:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Media Center Programs
[2012.06.21 15:39:20 | 000,000,000 | --SD | M] -- C:\Users\xxx\AppData\Roaming\Microsoft
[2012.04.25 22:07:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mozilla
[2012.07.22 10:51:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\NVIDIA
[2012.06.28 19:09:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenArena
[2012.05.12 18:52:13 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.04.27 17:08:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Origin
[2012.04.25 23:14:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Thunderbird
[2012.04.25 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Winamp
[2012.04.25 22:26:47 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\WinBatch
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >
--- --- ---

cosinus 30.07.2012 20:37
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
FF - user.js - File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-500779693-2628315271-2835130382-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

RVD 30.07.2012 21:43
So, das ist nach dem Neustart erschienen. Danke für das Script.
Code:
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-500779693-2628315271-2835130382-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: xxx
->Temp folder emptied: 1512162232 bytes
->Temporary Internet Files folder emptied: 58493416 bytes
->Java cache emptied: 160935 bytes
->FireFox cache emptied: 1145490322 bytes
->Flash cache emptied: 19783 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 200621098 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36033391 bytes
RecycleBin emptied: 479695573 bytes
 
Total Files Cleaned = 3.274,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: xxx
->Flash cache emptied: 0 bytes
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.55.0 log created on 07302012_223529

Files\Folders moved on Reboot...
C:\Users\xxx\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\xxx\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

cosinus 31.07.2012 08:35
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

RVD 31.07.2012 18:09
Danke, ich hoffe ich habe es richtig ausgeführt. Hab folgendes Logs auf C gefunden. Da das Tool nur ein paar Sekunden lief, dachte ich es sei nicht Fertig gewesen und hab nochmal gestartet, deswegen wohl 2 Logs. Hoffentlich hab ich nichts falsch gemacht, gelöscht habe ich nichts nur immer Skip und dann Countinue.
Code:
18:58:11.0877 3520        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:58:12.0018 3520        ============================================================
18:58:12.0018 3520        Current date / time: 2012/07/31 18:58:12.0018
18:58:12.0018 3520        SystemInfo:
18:58:12.0018 3520       
18:58:12.0018 3520        OS Version: 6.1.7601 ServicePack: 1.0
18:58:12.0018 3520        Product type: Workstation
18:58:12.0018 3520        ComputerName: xxx-PC
18:58:12.0018 3520        UserName: xxx
18:58:12.0018 3520        Windows directory: C:\Windows
18:58:12.0018 3520        System windows directory: C:\Windows
18:58:12.0018 3520        Running under WOW64
18:58:12.0018 3520        Processor architecture: Intel x64
18:58:12.0018 3520        Number of processors: 4
18:58:12.0018 3520        Page size: 0x1000
18:58:12.0018 3520        Boot type: Normal boot
18:58:12.0018 3520        ============================================================
18:58:13.0016 3520        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:58:13.0016 3520        Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:58:13.0032 3520        Drive \Device\Harddisk2\DR2 - Size: 0x73500000 (1.80 Gb), SectorSize: 0x200, Cylinders: 0xEB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:58:13.0047 3520        ============================================================
18:58:13.0047 3520        \Device\Harddisk0\DR0:
18:58:13.0047 3520        MBR partitions:
18:58:13.0047 3520        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x394A84B8
18:58:13.0047 3520        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x394A84F7, BlocksNum 0xEDC74A
18:58:13.0047 3520        \Device\Harddisk1\DR1:
18:58:13.0047 3520        MBR partitions:
18:58:13.0047 3520        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:58:13.0047 3520        \Device\Harddisk2\DR2:
18:58:13.0047 3520        MBR partitions:
18:58:13.0047 3520        ============================================================
18:58:13.0063 3520        C: <-> \Device\Harddisk0\DR0\Partition0
18:58:13.0125 3520        D: <-> \Device\Harddisk1\DR1\Partition0
18:58:13.0188 3520        E: <-> \Device\Harddisk0\DR0\Partition1
18:58:13.0188 3520        ============================================================
18:58:13.0188 3520        Initialize success
18:58:13.0188 3520        ============================================================
18:58:23.0811 2644        Deinitialize success
Code:
18:59:14.0981 5084        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:59:15.0371 5084        ============================================================
18:59:15.0371 5084        Current date / time: 2012/07/31 18:59:15.0371
18:59:15.0371 5084        SystemInfo:
18:59:15.0371 5084       
18:59:15.0371 5084        OS Version: 6.1.7601 ServicePack: 1.0
18:59:15.0371 5084        Product type: Workstation
18:59:15.0371 5084        ComputerName: xxx-PC
18:59:15.0371 5084        UserName: xxx
18:59:15.0371 5084        Windows directory: C:\Windows
18:59:15.0371 5084        System windows directory: C:\Windows
18:59:15.0371 5084        Running under WOW64
18:59:15.0371 5084        Processor architecture: Intel x64
18:59:15.0371 5084        Number of processors: 4
18:59:15.0371 5084        Page size: 0x1000
18:59:15.0371 5084        Boot type: Normal boot
18:59:15.0371 5084        ============================================================
18:59:15.0839 5084        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:59:15.0839 5084        Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:59:15.0839 5084        Drive \Device\Harddisk2\DR2 - Size: 0x73500000 (1.80 Gb), SectorSize: 0x200, Cylinders: 0xEB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:59:15.0855 5084        ============================================================
18:59:15.0855 5084        \Device\Harddisk0\DR0:
18:59:15.0855 5084        MBR partitions:
18:59:15.0855 5084        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x394A84B8
18:59:15.0855 5084        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x394A84F7, BlocksNum 0xEDC74A
18:59:15.0855 5084        \Device\Harddisk1\DR1:
18:59:15.0870 5084        MBR partitions:
18:59:15.0870 5084        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:59:15.0870 5084        \Device\Harddisk2\DR2:
18:59:15.0870 5084        MBR partitions:
18:59:15.0870 5084        ============================================================
18:59:15.0886 5084        C: <-> \Device\Harddisk0\DR0\Partition0
18:59:15.0902 5084        D: <-> \Device\Harddisk1\DR1\Partition0
18:59:15.0933 5084        E: <-> \Device\Harddisk0\DR0\Partition1
18:59:15.0933 5084        ============================================================
18:59:15.0933 5084        Initialize success
18:59:15.0933 5084        ============================================================
19:00:11.0999 3696        ============================================================
19:00:11.0999 3696        Scan started
19:00:11.0999 3696        Mode: Manual; SigCheck; TDLFS;
19:00:11.0999 3696        ============================================================
19:00:12.0358 3696        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
19:00:12.0436 3696        1394ohci - ok
19:00:12.0467 3696        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:00:12.0498 3696        ACPI - ok
19:00:12.0498 3696        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:00:12.0545 3696        AcpiPmi - ok
19:00:12.0623 3696        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:00:12.0639 3696        AdobeARMservice - ok
19:00:12.0670 3696        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:00:12.0701 3696        adp94xx - ok
19:00:12.0748 3696        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:00:12.0764 3696        adpahci - ok
19:00:12.0779 3696        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:00:12.0795 3696        adpu320 - ok
19:00:12.0826 3696        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:00:12.0935 3696        AeLookupSvc - ok
19:00:12.0982 3696        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:00:13.0060 3696        AFD - ok
19:00:13.0076 3696        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:00:13.0091 3696        agp440 - ok
19:00:13.0122 3696        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:00:13.0154 3696        ALG - ok
19:00:13.0200 3696        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:00:13.0216 3696        aliide - ok
19:00:13.0216 3696        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:00:13.0232 3696        amdide - ok
19:00:13.0247 3696        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:00:13.0278 3696        AmdK8 - ok
19:00:13.0294 3696        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:00:13.0310 3696        AmdPPM - ok
19:00:13.0325 3696        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:00:13.0341 3696        amdsata - ok
19:00:13.0356 3696        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:00:13.0388 3696        amdsbs - ok
19:00:13.0388 3696        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:00:13.0403 3696        amdxata - ok
19:00:13.0481 3696        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:00:13.0481 3696        AntiVirSchedulerService - ok
19:00:13.0497 3696        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:00:13.0512 3696        AntiVirService - ok
19:00:13.0544 3696        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:00:13.0684 3696        AppID - ok
19:00:13.0700 3696        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:00:13.0746 3696        AppIDSvc - ok
19:00:13.0762 3696        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:00:13.0809 3696        Appinfo - ok
19:00:13.0840 3696        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:00:13.0856 3696        arc - ok
19:00:13.0871 3696        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:00:13.0887 3696        arcsas - ok
19:00:13.0902 3696        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:13.0949 3696        AsyncMac - ok
19:00:13.0965 3696        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:00:13.0980 3696        atapi - ok
19:00:14.0012 3696        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:00:14.0074 3696        AudioEndpointBuilder - ok
19:00:14.0074 3696        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:00:14.0121 3696        AudioSrv - ok
19:00:14.0136 3696        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:00:14.0152 3696        avgntflt - ok
19:00:14.0183 3696        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:00:14.0199 3696        avipbb - ok
19:00:14.0214 3696        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:00:14.0214 3696        avkmgr - ok
19:00:14.0246 3696        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:00:14.0277 3696        AxInstSV - ok
19:00:14.0308 3696        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:00:14.0355 3696        b06bdrv - ok
19:00:14.0386 3696        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:00:14.0417 3696        b57nd60a - ok
19:00:14.0433 3696        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:00:14.0464 3696        BDESVC - ok
19:00:14.0480 3696        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:00:14.0526 3696        Beep - ok
19:00:14.0558 3696        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:00:14.0620 3696        BFE - ok
19:00:14.0651 3696        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:00:14.0729 3696        BITS - ok
19:00:14.0760 3696        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:00:14.0792 3696        blbdrive - ok
19:00:14.0807 3696        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:00:14.0854 3696        bowser - ok
19:00:14.0870 3696        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:00:14.0885 3696        BrFiltLo - ok
19:00:14.0901 3696        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:00:14.0916 3696        BrFiltUp - ok
19:00:14.0932 3696        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:00:14.0979 3696        Browser - ok
19:00:14.0994 3696        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:00:15.0041 3696        Brserid - ok
19:00:15.0057 3696        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:00:15.0072 3696        BrSerWdm - ok
19:00:15.0072 3696        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:00:15.0104 3696        BrUsbMdm - ok
19:00:15.0119 3696        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:00:15.0135 3696        BrUsbSer - ok
19:00:15.0150 3696        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:00:15.0182 3696        BTHMODEM - ok
19:00:15.0213 3696        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:00:15.0244 3696        bthserv - ok
19:00:15.0260 3696        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:00:15.0306 3696        cdfs - ok
19:00:15.0338 3696        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:00:15.0369 3696        cdrom - ok
19:00:15.0400 3696        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:00:15.0447 3696        CertPropSvc - ok
19:00:15.0462 3696        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:00:15.0494 3696        circlass - ok
19:00:15.0509 3696        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:00:15.0540 3696        CLFS - ok
19:00:15.0587 3696        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:00:15.0587 3696        clr_optimization_v2.0.50727_32 - ok
19:00:15.0634 3696        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:00:15.0650 3696        clr_optimization_v2.0.50727_64 - ok
19:00:15.0728 3696        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:00:15.0743 3696        clr_optimization_v4.0.30319_32 - ok
19:00:15.0774 3696        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:00:15.0774 3696        clr_optimization_v4.0.30319_64 - ok
19:00:15.0806 3696        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:00:15.0821 3696        CmBatt - ok
19:00:15.0821 3696        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:00:15.0837 3696        cmdide - ok
19:00:15.0884 3696        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:00:15.0915 3696        CNG - ok
19:00:15.0930 3696        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:00:15.0946 3696        Compbatt - ok
19:00:15.0977 3696        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:00:15.0993 3696        CompositeBus - ok
19:00:16.0008 3696        COMSysApp - ok
19:00:16.0024 3696        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:00:16.0024 3696        crcdisk - ok
19:00:16.0055 3696        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:00:16.0086 3696        CryptSvc - ok
19:00:16.0133 3696        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:00:16.0196 3696        DcomLaunch - ok
19:00:16.0227 3696        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:00:16.0289 3696        defragsvc - ok
19:00:16.0305 3696        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:00:16.0352 3696        DfsC - ok
19:00:16.0383 3696        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:00:16.0430 3696        Dhcp - ok
19:00:16.0445 3696        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:00:16.0492 3696        discache - ok
19:00:16.0523 3696        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:00:16.0539 3696        Disk - ok
19:00:16.0570 3696        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:00:16.0601 3696        Dnscache - ok
19:00:16.0648 3696        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:00:16.0695 3696        dot3svc - ok
19:00:16.0726 3696        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:00:16.0757 3696        DPS - ok
19:00:16.0788 3696        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:00:16.0804 3696        drmkaud - ok
19:00:16.0866 3696        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:00:16.0882 3696        DXGKrnl - ok
19:00:16.0929 3696        e1express      (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
19:00:16.0960 3696        e1express - ok
19:00:16.0960 3696        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:00:17.0007 3696        EapHost - ok
19:00:17.0116 3696        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:00:17.0225 3696        ebdrv - ok
19:00:17.0288 3696        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:00:17.0319 3696        EFS - ok
19:00:17.0397 3696        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:00:17.0444 3696        ehRecvr - ok
19:00:17.0475 3696        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:00:17.0490 3696        ehSched - ok
19:00:17.0553 3696        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:00:17.0584 3696        elxstor - ok
19:00:17.0600 3696        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:00:17.0615 3696        ErrDev - ok
19:00:17.0646 3696        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:00:17.0709 3696        EventSystem - ok
19:00:17.0724 3696        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:00:17.0756 3696        exfat - ok
19:00:17.0771 3696        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:00:17.0818 3696        fastfat - ok
19:00:17.0865 3696        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:00:17.0912 3696        Fax - ok
19:00:17.0912 3696        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:00:17.0943 3696        fdc - ok
19:00:17.0958 3696        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:00:18.0005 3696        fdPHost - ok
19:00:18.0005 3696        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:00:18.0052 3696        FDResPub - ok
19:00:18.0161 3696        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:00:18.0161 3696        FileInfo - ok
19:00:18.0177 3696        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:00:18.0224 3696        Filetrace - ok
19:00:18.0239 3696        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:00:18.0255 3696        flpydisk - ok
19:00:18.0317 3696        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:00:18.0348 3696        FltMgr - ok
19:00:18.0395 3696        FontCache      (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
19:00:18.0458 3696        FontCache - ok
19:00:18.0536 3696        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:00:18.0536 3696        FontCache3.0.0.0 - ok
19:00:18.0582 3696        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:00:18.0582 3696        FsDepends - ok
19:00:18.0598 3696        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:00:18.0614 3696        Fs_Rec - ok
19:00:18.0629 3696        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:00:18.0660 3696        fvevol - ok
19:00:18.0676 3696        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:00:18.0692 3696        gagp30kx - ok
19:00:18.0723 3696        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:00:18.0785 3696        gpsvc - ok
19:00:18.0863 3696        HCW85BDA        (9e308d0bc9a9cf6e50aa25639c9cccb3) C:\Windows\system32\drivers\HCW85BDA.sys
19:00:18.0910 3696        HCW85BDA - ok
19:00:18.0926 3696        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:00:18.0941 3696        hcw85cir - ok
19:00:18.0972 3696        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:00:19.0004 3696        HdAudAddService - ok
19:00:19.0019 3696        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:00:19.0050 3696        HDAudBus - ok
19:00:19.0066 3696        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:00:19.0082 3696        HidBatt - ok
19:00:19.0097 3696        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:00:19.0113 3696        HidBth - ok
19:00:19.0144 3696        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:00:19.0160 3696        HidIr - ok
19:00:19.0175 3696        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:00:19.0206 3696        hidserv - ok
19:00:19.0253 3696        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:00:19.0269 3696        HidUsb - ok
19:00:19.0284 3696        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:00:19.0331 3696        hkmsvc - ok
19:00:19.0347 3696        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:00:19.0394 3696        HomeGroupListener - ok
19:00:19.0409 3696        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:00:19.0440 3696        HomeGroupProvider - ok
19:00:19.0456 3696        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:00:19.0456 3696        HpSAMD - ok
19:00:19.0503 3696        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:00:19.0565 3696        HTTP - ok
19:00:19.0565 3696        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:00:19.0581 3696        hwpolicy - ok
19:00:19.0596 3696        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:00:19.0612 3696        i8042prt - ok
19:00:19.0674 3696        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:00:19.0690 3696        iaStorV - ok
19:00:19.0784 3696        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:00:19.0815 3696        idsvc - ok
19:00:19.0846 3696        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:00:19.0846 3696        iirsp - ok
19:00:19.0893 3696        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:00:19.0971 3696        IKEEXT - ok
19:00:19.0986 3696        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:00:19.0986 3696        intelide - ok
19:00:20.0018 3696        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:00:20.0033 3696        intelppm - ok
19:00:20.0033 3696        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:00:20.0080 3696        IPBusEnum - ok
19:00:20.0096 3696        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:00:20.0142 3696        IpFilterDriver - ok
19:00:20.0174 3696        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:00:20.0236 3696        iphlpsvc - ok
19:00:20.0236 3696        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:00:20.0252 3696        IPMIDRV - ok
19:00:20.0267 3696        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:00:20.0314 3696        IPNAT - ok
19:00:20.0330 3696        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:00:20.0361 3696        IRENUM - ok
19:00:20.0376 3696        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:00:20.0392 3696        isapnp - ok
19:00:20.0408 3696        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:00:20.0423 3696        iScsiPrt - ok
19:00:20.0454 3696        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:00:20.0454 3696        kbdclass - ok
19:00:20.0470 3696        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:00:20.0501 3696        kbdhid - ok
19:00:20.0517 3696        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:00:20.0517 3696        KeyIso - ok
19:00:20.0564 3696        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:00:20.0579 3696        KSecDD - ok
19:00:20.0595 3696        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:00:20.0610 3696        KSecPkg - ok
19:00:20.0610 3696        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:00:20.0657 3696        ksthunk - ok
19:00:20.0688 3696        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:00:20.0735 3696        KtmRm - ok
19:00:20.0766 3696        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:00:20.0813 3696        LanmanServer - ok
19:00:20.0829 3696        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:00:20.0876 3696        LanmanWorkstation - ok
19:00:20.0954 3696        LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:00:20.0954 3696        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:00:20.0954 3696        LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:00:20.0985 3696        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:00:21.0032 3696        lltdio - ok
19:00:21.0047 3696        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:00:21.0110 3696        lltdsvc - ok
19:00:21.0110 3696        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:00:21.0156 3696        lmhosts - ok
19:00:21.0172 3696        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:00:21.0188 3696        LSI_FC - ok
19:00:21.0203 3696        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:00:21.0219 3696        LSI_SAS - ok
19:00:21.0234 3696        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:00:21.0250 3696        LSI_SAS2 - ok
19:00:21.0266 3696        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:00:21.0281 3696        LSI_SCSI - ok
19:00:21.0297 3696        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:00:21.0344 3696        luafv - ok
19:00:21.0375 3696        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:00:21.0375 3696        MBAMProtector - ok
19:00:21.0437 3696        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:00:21.0453 3696        MBAMService - ok
19:00:21.0515 3696        McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
19:00:21.0531 3696        McComponentHostService - ok
19:00:21.0546 3696        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:00:21.0578 3696        Mcx2Svc - ok
19:00:21.0593 3696        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:00:21.0593 3696        megasas - ok
19:00:21.0624 3696        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:00:21.0656 3696        MegaSR - ok
19:00:21.0687 3696        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:00:21.0734 3696        MMCSS - ok
19:00:21.0734 3696        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:00:21.0780 3696        Modem - ok
19:00:21.0796 3696        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:00:21.0827 3696        monitor - ok
19:00:21.0843 3696        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:00:21.0843 3696        mouclass - ok
19:00:21.0874 3696        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:00:21.0890 3696        mouhid - ok
19:00:21.0905 3696        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:00:21.0905 3696        mountmgr - ok
19:00:21.0952 3696        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:00:21.0968 3696        MozillaMaintenance - ok
19:00:21.0983 3696        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:00:21.0999 3696        mpio - ok
19:00:22.0014 3696        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:00:22.0046 3696        mpsdrv - ok
19:00:22.0092 3696        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:00:22.0139 3696        MpsSvc - ok
19:00:22.0170 3696        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:00:22.0202 3696        MRxDAV - ok
19:00:22.0217 3696        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:00:22.0248 3696        mrxsmb - ok
19:00:22.0280 3696        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:00:22.0311 3696        mrxsmb10 - ok
19:00:22.0342 3696        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:00:22.0358 3696        mrxsmb20 - ok
19:00:22.0358 3696        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:00:22.0373 3696        msahci - ok
19:00:22.0389 3696        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:00:22.0404 3696        msdsm - ok
19:00:22.0420 3696        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:00:22.0451 3696        MSDTC - ok
19:00:22.0467 3696        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:00:22.0514 3696        Msfs - ok
19:00:22.0514 3696        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:00:22.0560 3696        mshidkmdf - ok
19:00:22.0576 3696        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:00:22.0576 3696        msisadrv - ok
19:00:22.0607 3696        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:00:22.0654 3696        MSiSCSI - ok
19:00:22.0670 3696        msiserver - ok
19:00:22.0685 3696        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:00:22.0716 3696        MSKSSRV - ok
19:00:22.0732 3696        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:00:22.0763 3696        MSPCLOCK - ok
19:00:22.0779 3696        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:00:22.0810 3696        MSPQM - ok
19:00:22.0841 3696        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:00:22.0872 3696        MsRPC - ok
19:00:22.0888 3696        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:00:22.0888 3696        mssmbios - ok
19:00:22.0904 3696        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:00:22.0950 3696        MSTEE - ok
19:00:22.0950 3696        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:00:22.0966 3696        MTConfig - ok
19:00:22.0982 3696        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:00:22.0997 3696        Mup - ok
19:00:23.0028 3696        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:00:23.0075 3696        napagent - ok
19:00:23.0122 3696        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:00:23.0153 3696        NativeWifiP - ok
19:00:23.0231 3696        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:00:23.0262 3696        NDIS - ok
19:00:23.0278 3696        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:00:23.0309 3696        NdisCap - ok
19:00:23.0325 3696        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:00:23.0356 3696        NdisTapi - ok
19:00:23.0372 3696        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:00:23.0418 3696        Ndisuio - ok
19:00:23.0434 3696        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:00:23.0481 3696        NdisWan - ok
19:00:23.0496 3696        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:00:23.0528 3696        NDProxy - ok
19:00:23.0543 3696        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:00:23.0590 3696        NetBIOS - ok
19:00:23.0621 3696        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:00:23.0652 3696        NetBT - ok
19:00:23.0684 3696        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:00:23.0684 3696        Netlogon - ok
19:00:23.0730 3696        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:00:23.0777 3696        Netman - ok
19:00:23.0793 3696        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:00:23.0855 3696        netprofm - ok
19:00:23.0902 3696        netr7364        (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
19:00:23.0933 3696        netr7364 - ok
19:00:23.0996 3696        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:00:24.0011 3696        NetTcpPortSharing - ok
19:00:24.0027 3696        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:00:24.0042 3696        nfrd960 - ok
19:00:24.0074 3696        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:00:24.0120 3696        NlaSvc - ok
19:00:24.0152 3696        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:00:24.0183 3696        Npfs - ok
19:00:24.0198 3696        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:00:24.0245 3696        nsi - ok
19:00:24.0245 3696        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:00:24.0292 3696        nsiproxy - ok
19:00:24.0370 3696        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:00:24.0417 3696        Ntfs - ok
19:00:24.0495 3696        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:00:24.0526 3696        Null - ok
19:00:24.0557 3696        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
19:00:24.0573 3696        NVHDA - ok
19:00:25.0088 3696        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:00:25.0322 3696        nvlddmkm - ok
19:00:25.0384 3696        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:00:25.0400 3696        nvraid - ok
19:00:25.0415 3696        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:00:25.0431 3696        nvstor - ok
19:00:25.0478 3696        nvsvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
19:00:25.0509 3696        nvsvc - ok
19:00:25.0587 3696        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:00:25.0618 3696        nvUpdatusService - ok
19:00:25.0712 3696        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:00:25.0727 3696        nv_agp - ok
19:00:25.0743 3696        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:00:25.0758 3696        ohci1394 - ok
19:00:25.0790 3696        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:00:25.0821 3696        p2pimsvc - ok
19:00:25.0852 3696        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:00:25.0883 3696        p2psvc - ok
19:00:25.0899 3696        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:00:25.0930 3696        Parport - ok
19:00:25.0961 3696        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:00:25.0961 3696        partmgr - ok
19:00:25.0992 3696        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:00:26.0024 3696        PcaSvc - ok
19:00:26.0039 3696        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:00:26.0055 3696        pci - ok
19:00:26.0070 3696        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:00:26.0086 3696        pciide - ok
19:00:26.0102 3696        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:00:26.0133 3696        pcmcia - ok
19:00:26.0133 3696        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:00:26.0148 3696        pcw - ok
19:00:26.0180 3696        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:00:26.0226 3696        PEAUTH - ok
19:00:26.0289 3696        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:00:26.0304 3696        PerfHost - ok
19:00:26.0382 3696        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:00:26.0460 3696        pla - ok
19:00:26.0492 3696        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:00:26.0523 3696        PlugPlay - ok
19:00:26.0538 3696        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:00:26.0554 3696        PNRPAutoReg - ok
19:00:26.0585 3696        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:00:26.0601 3696        PNRPsvc - ok
19:00:26.0632 3696        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:00:26.0694 3696        PolicyAgent - ok
19:00:26.0710 3696        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:00:26.0757 3696        Power - ok
19:00:26.0804 3696        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:00:26.0850 3696        PptpMiniport - ok
19:00:26.0866 3696        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:00:26.0882 3696        Processor - ok
19:00:26.0913 3696        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:00:26.0944 3696        ProfSvc - ok
19:00:26.0975 3696        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:00:26.0975 3696        ProtectedStorage - ok
19:00:27.0006 3696        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:00:27.0053 3696        Psched - ok
19:00:27.0116 3696        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:00:27.0178 3696        ql2300 - ok
19:00:27.0272 3696        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:00:27.0287 3696        ql40xx - ok
19:00:27.0318 3696        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:00:27.0350 3696        QWAVE - ok
19:00:27.0365 3696        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:00:27.0396 3696        QWAVEdrv - ok
19:00:27.0396 3696        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:00:27.0443 3696        RasAcd - ok
19:00:27.0459 3696        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:00:27.0506 3696        RasAgileVpn - ok
19:00:27.0521 3696        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:00:27.0568 3696        RasAuto - ok
19:00:27.0584 3696        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:00:27.0630 3696        Rasl2tp - ok
19:00:27.0662 3696        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:00:27.0708 3696        RasMan - ok
19:00:27.0724 3696        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:00:27.0771 3696        RasPppoe - ok
19:00:27.0786 3696        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:00:27.0849 3696        RasSstp - ok
19:00:27.0864 3696        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:00:27.0911 3696        rdbss - ok
19:00:27.0927 3696        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:00:27.0942 3696        rdpbus - ok
19:00:27.0958 3696        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:00:28.0005 3696        RDPCDD - ok
19:00:28.0020 3696        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:00:28.0067 3696        RDPENCDD - ok
19:00:28.0083 3696        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:00:28.0114 3696        RDPREFMP - ok
19:00:28.0145 3696        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:00:28.0223 3696        RDPWD - ok
19:00:28.0582 3696        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:00:28.0613 3696        rdyboost - ok
19:00:28.0660 3696        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:00:28.0707 3696        RemoteAccess - ok
19:00:28.0738 3696        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:00:28.0785 3696        RemoteRegistry - ok
19:00:28.0800 3696        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:00:28.0847 3696        RpcEptMapper - ok
19:00:28.0863 3696        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:00:28.0894 3696        RpcLocator - ok
19:00:28.0941 3696        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:00:28.0972 3696        RpcSs - ok
19:00:29.0003 3696        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:00:29.0034 3696        rspndr - ok
19:00:29.0066 3696        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:00:29.0081 3696        SamSs - ok
19:00:29.0097 3696        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:00:29.0112 3696        sbp2port - ok
19:00:29.0128 3696        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:00:29.0175 3696        SCardSvr - ok
19:00:29.0190 3696        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:00:29.0237 3696        scfilter - ok
19:00:29.0284 3696        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:00:29.0362 3696        Schedule - ok
19:00:29.0378 3696        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:00:29.0409 3696        SCPolicySvc - ok
19:00:29.0440 3696        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:00:29.0471 3696        SDRSVC - ok
19:00:29.0502 3696        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:00:29.0549 3696        secdrv - ok
19:00:29.0565 3696        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:00:29.0596 3696        seclogon - ok
19:00:29.0612 3696        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:00:29.0658 3696        SENS - ok
19:00:29.0674 3696        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:00:29.0705 3696        SensrSvc - ok
19:00:29.0736 3696        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:00:29.0752 3696        Serenum - ok
19:00:29.0783 3696        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:00:29.0799 3696        Serial - ok
19:00:29.0814 3696        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:00:29.0830 3696        sermouse - ok
19:00:29.0861 3696        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:00:29.0908 3696        SessionEnv - ok
19:00:29.0924 3696        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:00:29.0939 3696        sffdisk - ok
19:00:29.0955 3696        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:00:29.0986 3696        sffp_mmc - ok
19:00:29.0986 3696        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:00:30.0017 3696        sffp_sd - ok
19:00:30.0017 3696        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:00:30.0048 3696        sfloppy - ok
19:00:30.0080 3696        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:00:30.0126 3696        SharedAccess - ok
19:00:30.0158 3696        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:00:30.0204 3696        ShellHWDetection - ok
19:00:30.0220 3696        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:00:30.0236 3696        SiSRaid2 - ok
19:00:30.0251 3696        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:00:30.0267 3696        SiSRaid4 - ok
19:00:30.0282 3696        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:00:30.0329 3696        Smb - ok
19:00:30.0360 3696        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:00:30.0392 3696        SNMPTRAP - ok
19:00:30.0423 3696        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:00:30.0438 3696        spldr - ok
19:00:30.0470 3696        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:00:30.0516 3696        Spooler - ok
19:00:30.0657 3696        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:00:30.0797 3696        sppsvc - ok
19:00:30.0891 3696        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:00:30.0922 3696        sppuinotify - ok
19:00:30.0984 3696        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:00:31.0031 3696        srv - ok
19:00:31.0062 3696        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:00:31.0109 3696        srv2 - ok
19:00:31.0218 3696        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:00:31.0234 3696        srvnet - ok
19:00:31.0281 3696        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:00:31.0328 3696        SSDPSRV - ok
19:00:31.0343 3696        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:00:31.0374 3696        SstpSvc - ok
19:00:31.0421 3696        Steam Client Service - ok
19:00:31.0484 3696        Stereo Service  (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:00:31.0499 3696        Stereo Service - ok
19:00:31.0515 3696        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:00:31.0530 3696        stexstor - ok
19:00:31.0577 3696        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:00:31.0624 3696        stisvc - ok
19:00:31.0624 3696        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:00:31.0640 3696        swenum - ok
19:00:31.0671 3696        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:00:31.0741 3696        swprv - ok
19:00:31.0817 3696        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:00:31.0879 3696        SysMain - ok
19:00:31.0924 3696        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:00:31.0948 3696        TabletInputService - ok
19:00:31.0967 3696        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:00:32.0020 3696        TapiSrv - ok
19:00:32.0038 3696        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:00:32.0074 3696        TBS - ok
19:00:32.0167 3696        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:00:32.0234 3696        Tcpip - ok
19:00:32.0333 3696        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:00:32.0371 3696        TCPIP6 - ok
19:00:32.0428 3696        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:00:32.0478 3696        tcpipreg - ok
19:00:32.0493 3696        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:00:32.0521 3696        TDPIPE - ok
19:00:32.0534 3696        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:00:32.0553 3696        TDTCP - ok
19:00:32.0577 3696        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:00:32.0616 3696        tdx - ok
19:00:32.0632 3696        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:00:32.0644 3696        TermDD - ok
19:00:32.0688 3696        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:00:32.0742 3696        TermService - ok
19:00:32.0755 3696        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:00:32.0774 3696        Themes - ok
19:00:32.0795 3696        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:00:32.0830 3696        THREADORDER - ok
19:00:32.0846 3696        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:00:32.0893 3696        TrkWks - ok
19:00:32.0924 3696        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:00:32.0967 3696        TrustedInstaller - ok
19:00:32.0976 3696        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:00:33.0014 3696        tssecsrv - ok
19:00:33.0030 3696        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:00:33.0048 3696        TsUsbFlt - ok
19:00:33.0063 3696        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:00:33.0080 3696        TsUsbGD - ok
19:00:33.0111 3696        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:00:33.0157 3696        tunnel - ok
19:00:33.0168 3696        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:00:33.0182 3696        uagp35 - ok
19:00:33.0206 3696        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:00:33.0259 3696        udfs - ok
19:00:33.0286 3696        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:00:33.0306 3696        UI0Detect - ok
19:00:33.0323 3696        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:00:33.0335 3696        uliagpkx - ok
19:00:33.0347 3696        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:00:33.0372 3696        umbus - ok
19:00:33.0381 3696        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:00:33.0398 3696        UmPass - ok
19:00:33.0421 3696        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:00:33.0470 3696        upnphost - ok
19:00:33.0495 3696        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:00:33.0524 3696        usbccgp - ok
19:00:33.0540 3696        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:00:33.0560 3696        usbcir - ok
19:00:33.0571 3696        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:00:33.0590 3696        usbehci - ok
19:00:33.0629 3696        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:00:33.0657 3696        usbhub - ok
19:00:33.0672 3696        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:00:33.0692 3696        usbohci - ok
19:00:33.0700 3696        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:00:33.0720 3696        usbprint - ok
19:00:33.0735 3696        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:00:33.0770 3696        USBSTOR - ok
19:00:33.0786 3696        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:00:33.0805 3696        usbuhci - ok
19:00:33.0823 3696        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:00:33.0871 3696        UxSms - ok
19:00:33.0889 3696        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:00:33.0901 3696        VaultSvc - ok
19:00:33.0927 3696        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:00:33.0938 3696        vdrvroot - ok
19:00:33.0968 3696        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:00:34.0027 3696        vds - ok
19:00:34.0051 3696        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:00:34.0066 3696        vga - ok
19:00:34.0083 3696        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:00:34.0126 3696        VgaSave - ok
19:00:34.0148 3696        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:00:34.0176 3696        vhdmp - ok
19:00:34.0190 3696        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:00:34.0202 3696        viaide - ok
19:00:34.0214 3696        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:00:34.0227 3696        volmgr - ok
19:00:34.0251 3696        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:00:34.0278 3696        volmgrx - ok
19:00:34.0293 3696        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:00:34.0312 3696        volsnap - ok
19:00:34.0325 3696        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:00:34.0340 3696        vsmraid - ok
19:00:34.0402 3696        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:00:34.0474 3696        VSS - ok
19:00:34.0551 3696        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:00:34.0574 3696        vwifibus - ok
19:00:34.0590 3696        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:00:34.0621 3696        vwififlt - ok
19:00:34.0721 3696        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:00:34.0770 3696        W32Time - ok
19:00:34.0793 3696        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:00:34.0814 3696        WacomPen - ok
19:00:34.0842 3696        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:34.0889 3696        WANARP - ok
19:00:34.0920 3696        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:34.0951 3696        Wanarpv6 - ok
19:00:35.0029 3696        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:00:35.0092 3696        wbengine - ok
19:00:35.0170 3696        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:00:35.0201 3696        WbioSrvc - ok
19:00:35.0232 3696        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:00:35.0263 3696        wcncsvc - ok
19:00:35.0295 3696        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:00:35.0326 3696        WcsPlugInService - ok
19:00:35.0357 3696        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:00:35.0373 3696        Wd - ok
19:00:35.0404 3696        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:00:35.0435 3696        Wdf01000 - ok
19:00:35.0451 3696        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:00:35.0544 3696        WdiServiceHost - ok
19:00:35.0544 3696        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:00:35.0560 3696        WdiSystemHost - ok
19:00:35.0591 3696        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:00:35.0622 3696        WebClient - ok
19:00:35.0653 3696        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:00:35.0716 3696        Wecsvc - ok
19:00:35.0731 3696        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:00:35.0763 3696        wercplsupport - ok
19:00:35.0794 3696        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:00:35.0825 3696        WerSvc - ok
19:00:35.0872 3696        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:00:35.0903 3696        WfpLwf - ok
19:00:35.0919 3696        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:00:35.0934 3696        WIMMount - ok
19:00:35.0950 3696        WinDefend - ok
19:00:35.0965 3696        WinHttpAutoProxySvc - ok
19:00:35.0997 3696        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:00:36.0043 3696        Winmgmt - ok
19:00:36.0137 3696        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:00:36.0215 3696        WinRM - ok
19:00:36.0309 3696        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:00:36.0355 3696        Wlansvc - ok
19:00:36.0387 3696        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:00:36.0418 3696        WmiAcpi - ok
19:00:36.0449 3696        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:00:36.0496 3696        wmiApSrv - ok
19:00:36.0527 3696        WMPNetworkSvc - ok
19:00:36.0558 3696        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:00:36.0574 3696        WPCSvc - ok
19:00:36.0589 3696        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:00:36.0605 3696        WPDBusEnum - ok
19:00:36.0621 3696        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:00:36.0652 3696        ws2ifsl - ok
19:00:36.0667 3696        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:00:36.0699 3696        wscsvc - ok
19:00:36.0699 3696        WSearch - ok
19:00:36.0808 3696        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:00:36.0886 3696        wuauserv - ok
19:00:36.0979 3696        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:00:37.0026 3696        WudfPf - ok
19:00:37.0057 3696        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:00:37.0089 3696        WUDFRd - ok
19:00:37.0120 3696        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:00:37.0151 3696        wudfsvc - ok
19:00:37.0245 3696        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:00:37.0291 3696        WwanSvc - ok
19:00:37.0338 3696        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:00:37.0541 3696        \Device\Harddisk0\DR0 - ok
19:00:37.0541 3696        MBR (0x1B8)    (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR1
19:00:38.0399 3696        \Device\Harddisk1\DR1 - ok
19:00:38.0399 3696        MBR (0x1B8)    (2c84430d22ebe55c07661c61d78dc5af) \Device\Harddisk2\DR2
19:00:42.0595 3696        \Device\Harddisk2\DR2 - ok
19:00:42.0595 3696        Boot (0x1200)  (d9b27ab29df1e2e36058251ba6eecfe0) \Device\Harddisk0\DR0\Partition0
19:00:42.0595 3696        \Device\Harddisk0\DR0\Partition0 - ok
19:00:42.0611 3696        Boot (0x1200)  (90d59aec98d98cfa6572de241c8f564f) \Device\Harddisk0\DR0\Partition1
19:00:42.0611 3696        \Device\Harddisk0\DR0\Partition1 - ok
19:00:42.0627 3696        Boot (0x1200)  (160f47f4d3004a4d86d9dfd80b20f147) \Device\Harddisk1\DR1\Partition0
19:00:42.0627 3696        \Device\Harddisk1\DR1\Partition0 - ok
19:00:42.0627 3696        ============================================================
19:00:42.0627 3696        Scan finished
19:00:42.0627 3696        ============================================================
19:00:42.0642 2840        Detected object count: 1
19:00:42.0642 2840        Actual detected object count: 1
19:00:49.0615 2840        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:49.0615 2840        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:00:55.0840 4116        ============================================================
19:00:55.0840 4116        Scan started
19:00:55.0840 4116        Mode: Manual; SigCheck; TDLFS;
19:00:55.0840 4116        ============================================================
19:00:56.0651 4116        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
19:00:56.0682 4116        1394ohci - ok
19:00:56.0698 4116        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:00:56.0713 4116        ACPI - ok
19:00:56.0729 4116        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:00:56.0745 4116        AcpiPmi - ok
19:00:56.0791 4116        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:00:56.0807 4116        AdobeARMservice - ok
19:00:56.0838 4116        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:00:56.0854 4116        adp94xx - ok
19:00:56.0885 4116        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:00:56.0901 4116        adpahci - ok
19:00:56.0916 4116        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:00:56.0932 4116        adpu320 - ok
19:00:56.0947 4116        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:00:56.0994 4116        AeLookupSvc - ok
19:00:57.0025 4116        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:00:57.0041 4116        AFD - ok
19:00:57.0057 4116        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:00:57.0057 4116        agp440 - ok
19:00:57.0072 4116        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:00:57.0088 4116        ALG - ok
19:00:57.0103 4116        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:00:57.0119 4116        aliide - ok
19:00:57.0119 4116        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:00:57.0135 4116        amdide - ok
19:00:57.0135 4116        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:00:57.0150 4116        AmdK8 - ok
19:00:57.0150 4116        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:00:57.0166 4116        AmdPPM - ok
19:00:57.0197 4116        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:00:57.0197 4116        amdsata - ok
19:00:57.0228 4116        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:00:57.0244 4116        amdsbs - ok
19:00:57.0244 4116        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:00:57.0259 4116        amdxata - ok
19:00:57.0322 4116        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:00:57.0337 4116        AntiVirSchedulerService - ok
19:00:57.0337 4116        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:00:57.0353 4116        AntiVirService - ok
19:00:57.0369 4116        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:00:57.0400 4116        AppID - ok
19:00:57.0415 4116        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:00:57.0447 4116        AppIDSvc - ok
19:00:57.0462 4116        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:00:57.0493 4116        Appinfo - ok
19:00:57.0509 4116        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:00:57.0525 4116        arc - ok
19:00:57.0540 4116        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:00:57.0540 4116        arcsas - ok
19:00:57.0556 4116        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:57.0603 4116        AsyncMac - ok
19:00:57.0603 4116        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:00:57.0618 4116        atapi - ok
19:00:57.0649 4116        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:00:57.0681 4116        AudioEndpointBuilder - ok
19:00:57.0696 4116        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:00:57.0727 4116        AudioSrv - ok
19:00:57.0743 4116        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:00:57.0759 4116        avgntflt - ok
19:00:57.0774 4116        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:00:57.0790 4116        avipbb - ok
19:00:57.0790 4116        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:00:57.0805 4116        avkmgr - ok
19:00:57.0821 4116        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:00:57.0837 4116        AxInstSV - ok
19:00:57.0868 4116        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:00:57.0883 4116        b06bdrv - ok
19:00:57.0915 4116        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:00:57.0930 4116        b57nd60a - ok
19:00:57.0946 4116        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:00:57.0961 4116        BDESVC - ok
19:00:57.0961 4116        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:00:57.0993 4116        Beep - ok
19:00:58.0039 4116        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:00:58.0086 4116        BFE - ok
19:00:58.0117 4116        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:00:58.0164 4116        BITS - ok
19:00:58.0195 4116        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:00:58.0195 4116        blbdrive - ok
19:00:58.0227 4116        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:00:58.0242 4116        bowser - ok
19:00:58.0242 4116        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:00:58.0258 4116        BrFiltLo - ok
19:00:58.0258 4116        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:00:58.0273 4116        BrFiltUp - ok
19:00:58.0289 4116        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:00:58.0336 4116        Browser - ok
19:00:58.0351 4116        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:00:58.0367 4116        Brserid - ok
19:00:58.0383 4116        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:00:58.0398 4116        BrSerWdm - ok
19:00:58.0398 4116        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:00:58.0414 4116        BrUsbMdm - ok
19:00:58.0414 4116        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:00:58.0429 4116        BrUsbSer - ok
19:00:58.0445 4116        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:00:58.0461 4116        BTHMODEM - ok
19:00:58.0476 4116        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:00:58.0507 4116        bthserv - ok
19:00:58.0523 4116        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:00:58.0554 4116        cdfs - ok
19:00:58.0570 4116        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:00:58.0585 4116        cdrom - ok
19:00:58.0601 4116        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:00:58.0632 4116        CertPropSvc - ok
19:00:58.0632 4116        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:00:58.0648 4116        circlass - ok
19:00:58.0679 4116        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:00:58.0695 4116        CLFS - ok
19:00:58.0741 4116        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:00:58.0741 4116        clr_optimization_v2.0.50727_32 - ok
19:00:58.0788 4116        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:00:58.0804 4116        clr_optimization_v2.0.50727_64 - ok
19:00:58.0851 4116        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:00:58.0866 4116        clr_optimization_v4.0.30319_32 - ok
19:00:58.0882 4116        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:00:58.0882 4116        clr_optimization_v4.0.30319_64 - ok
19:00:58.0913 4116        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:00:58.0913 4116        CmBatt - ok
19:00:58.0929 4116        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:00:58.0929 4116        cmdide - ok
19:00:58.0975 4116        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:00:59.0007 4116        CNG - ok
19:00:59.0022 4116        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:00:59.0038 4116        Compbatt - ok
19:00:59.0038 4116        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:00:59.0053 4116        CompositeBus - ok
19:00:59.0053 4116        COMSysApp - ok
19:00:59.0069 4116        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:00:59.0085 4116        crcdisk - ok
19:00:59.0100 4116        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:00:59.0116 4116        CryptSvc - ok
19:00:59.0147 4116        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:00:59.0194 4116        DcomLaunch - ok
19:00:59.0209 4116        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:00:59.0256 4116        defragsvc - ok
19:00:59.0272 4116        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:00:59.0303 4116        DfsC - ok
19:00:59.0319 4116        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:00:59.0350 4116        Dhcp - ok
19:00:59.0365 4116        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:00:59.0397 4116        discache - ok
19:00:59.0412 4116        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:00:59.0412 4116        Disk - ok
19:00:59.0443 4116        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:00:59.0459 4116        Dnscache - ok
19:00:59.0490 4116        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:00:59.0521 4116        dot3svc - ok
19:00:59.0537 4116        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:00:59.0568 4116        DPS - ok
19:00:59.0584 4116        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:00:59.0599 4116        drmkaud - ok
19:00:59.0631 4116        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:00:59.0662 4116        DXGKrnl - ok
19:00:59.0677 4116        e1express      (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
19:00:59.0693 4116        e1express - ok
19:00:59.0709 4116        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:00:59.0740 4116        EapHost - ok
19:00:59.0865 4116        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:00:59.0911 4116        ebdrv - ok
19:00:59.0974 4116        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:00:59.0989 4116        EFS - ok
19:01:00.0052 4116        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:01:00.0083 4116        ehRecvr - ok
19:01:00.0099 4116        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:01:00.0114 4116        ehSched - ok
19:01:00.0161 4116        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:01:00.0177 4116        elxstor - ok
19:01:00.0192 4116        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:01:00.0208 4116        ErrDev - ok
19:01:00.0239 4116        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:01:00.0270 4116        EventSystem - ok
19:01:00.0286 4116        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:01:00.0317 4116        exfat - ok
19:01:00.0333 4116        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:01:00.0364 4116        fastfat - ok
19:01:00.0395 4116        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:01:00.0411 4116        Fax - ok
19:01:00.0426 4116        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:01:00.0442 4116        fdc - ok
19:01:00.0457 4116        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:01:00.0489 4116        fdPHost - ok
19:01:00.0489 4116        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:01:00.0520 4116        FDResPub - ok
19:01:00.0535 4116        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:01:00.0551 4116        FileInfo - ok
19:01:00.0567 4116        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:01:00.0598 4116        Filetrace - ok
19:01:00.0613 4116        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:01:00.0613 4116        flpydisk - ok
19:01:00.0629 4116        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:01:00.0645 4116        FltMgr - ok
19:01:00.0691 4116        FontCache      (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
19:01:00.0738 4116        FontCache - ok
19:01:00.0816 4116        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:01:00.0832 4116        FontCache3.0.0.0 - ok
19:01:00.0863 4116        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:01:00.0879 4116        FsDepends - ok
19:01:00.0894 4116        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:01:00.0910 4116        Fs_Rec - ok
19:01:00.0925 4116        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:01:00.0941 4116        fvevol - ok
19:01:00.0957 4116        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:01:00.0972 4116        gagp30kx - ok
19:01:01.0003 4116        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:01:01.0050 4116        gpsvc - ok
19:01:01.0113 4116        HCW85BDA        (9e308d0bc9a9cf6e50aa25639c9cccb3) C:\Windows\system32\drivers\HCW85BDA.sys
19:01:01.0144 4116        HCW85BDA - ok
19:01:01.0144 4116        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:01:01.0159 4116        hcw85cir - ok
19:01:01.0191 4116        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:01:01.0206 4116        HdAudAddService - ok
19:01:01.0222 4116        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:01.0237 4116        HDAudBus - ok
19:01:01.0300 4116        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:01:01.0315 4116        HidBatt - ok
19:01:01.0331 4116        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:01:01.0347 4116        HidBth - ok
19:01:01.0362 4116        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:01:01.0362 4116        HidIr - ok
19:01:01.0378 4116        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:01:01.0409 4116        hidserv - ok
19:01:01.0425 4116        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:01:01.0440 4116        HidUsb - ok
19:01:01.0456 4116        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:01:01.0487 4116        hkmsvc - ok
19:01:01.0518 4116        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:01:01.0518 4116        HomeGroupListener - ok
19:01:01.0549 4116        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:01:01.0565 4116        HomeGroupProvider - ok
19:01:01.0565 4116        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:01:01.0581 4116        HpSAMD - ok
19:01:01.0627 4116        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:01:01.0659 4116        HTTP - ok
19:01:01.0674 4116        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:01:01.0690 4116        hwpolicy - ok
19:01:01.0705 4116        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:01:01.0721 4116        i8042prt - ok
19:01:01.0752 4116        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:01:01.0768 4116        iaStorV - ok
19:01:01.0861 4116        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:01:01.0893 4116        idsvc - ok
19:01:01.0908 4116        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:01:01.0908 4116        iirsp - ok
19:01:01.0955 4116        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:01:02.0002 4116        IKEEXT - ok
19:01:02.0017 4116        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:01:02.0033 4116        intelide - ok
19:01:02.0049 4116        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:01:02.0049 4116        intelppm - ok
19:01:02.0064 4116        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:01:02.0095 4116        IPBusEnum - ok
19:01:02.0111 4116        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:02.0142 4116        IpFilterDriver - ok
19:01:02.0173 4116        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:01:02.0220 4116        iphlpsvc - ok
19:01:02.0220 4116        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:01:02.0236 4116        IPMIDRV - ok
19:01:02.0251 4116        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:01:02.0283 4116        IPNAT - ok
19:01:02.0298 4116        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:01:02.0314 4116        IRENUM - ok
19:01:02.0314 4116        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:01:02.0329 4116        isapnp - ok
19:01:02.0361 4116        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:01:02.0376 4116        iScsiPrt - ok
19:01:02.0392 4116        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:02.0392 4116        kbdclass - ok
19:01:02.0407 4116        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:02.0423 4116        kbdhid - ok
19:01:02.0439 4116        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:01:02.0454 4116        KeyIso - ok
19:01:02.0485 4116        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:01:02.0501 4116        KSecDD - ok
19:01:02.0517 4116        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:01:02.0532 4116        KSecPkg - ok
19:01:02.0532 4116        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:01:02.0563 4116        ksthunk - ok
19:01:02.0610 4116        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:01:02.0641 4116        KtmRm - ok
19:01:02.0673 4116        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:01:02.0704 4116        LanmanServer - ok
19:01:02.0719 4116        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:01:02.0751 4116        LanmanWorkstation - ok
19:01:02.0813 4116        LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:01:02.0829 4116        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:01:02.0829 4116        LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:01:02.0844 4116        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:01:02.0875 4116        lltdio - ok
19:01:02.0907 4116        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:01:02.0938 4116        lltdsvc - ok
19:01:02.0938 4116        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:01:02.0969 4116        lmhosts - ok
19:01:02.0985 4116        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:01:03.0000 4116        LSI_FC - ok
19:01:03.0016 4116        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:01:03.0031 4116        LSI_SAS - ok
19:01:03.0047 4116        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:01:03.0047 4116        LSI_SAS2 - ok
19:01:03.0063 4116        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:01:03.0078 4116        LSI_SCSI - ok
19:01:03.0094 4116        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:01:03.0125 4116        luafv - ok
19:01:03.0156 4116        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:01:03.0156 4116        MBAMProtector - ok
19:01:03.0219 4116        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:01:03.0234 4116        MBAMService - ok
19:01:03.0281 4116        McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
19:01:03.0297 4116        McComponentHostService - ok
19:01:03.0312 4116        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:01:03.0328 4116        Mcx2Svc - ok
19:01:03.0343 4116        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:01:03.0359 4116        megasas - ok
19:01:03.0375 4116        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:01:03.0390 4116        MegaSR - ok
19:01:03.0421 4116        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:01:03.0453 4116        MMCSS - ok
19:01:03.0453 4116        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:01:03.0499 4116        Modem - ok
19:01:03.0499 4116        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:01:03.0515 4116        monitor - ok
19:01:03.0531 4116        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:01:03.0546 4116        mouclass - ok
19:01:03.0562 4116        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:01:03.0562 4116        mouhid - ok
19:01:03.0577 4116        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:01:03.0593 4116        mountmgr - ok
19:01:03.0624 4116        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:01:03.0624 4116        MozillaMaintenance - ok
19:01:03.0640 4116        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:01:03.0655 4116        mpio - ok
19:01:03.0671 4116        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:01:03.0702 4116        mpsdrv - ok
19:01:03.0733 4116        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:01:03.0780 4116        MpsSvc - ok
19:01:03.0796 4116        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:01:03.0811 4116        MRxDAV - ok
19:01:03.0843 4116        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:03.0843 4116        mrxsmb - ok
19:01:03.0874 4116        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:03.0889 4116        mrxsmb10 - ok
19:01:03.0905 4116        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:03.0921 4116        mrxsmb20 - ok
19:01:03.0921 4116        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:01:03.0936 4116        msahci - ok
19:01:03.0952 4116        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:01:03.0967 4116        msdsm - ok
19:01:03.0983 4116        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:01:03.0999 4116        MSDTC - ok
19:01:04.0014 4116        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:01:04.0045 4116        Msfs - ok
19:01:04.0045 4116        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:01:04.0092 4116        mshidkmdf - ok
19:01:04.0092 4116        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:01:04.0108 4116        msisadrv - ok
19:01:04.0123 4116        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:01:04.0155 4116        MSiSCSI - ok
19:01:04.0155 4116        msiserver - ok
19:01:04.0170 4116        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:01:04.0201 4116        MSKSSRV - ok
19:01:04.0201 4116        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:04.0233 4116        MSPCLOCK - ok
19:01:04.0233 4116        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:01:04.0264 4116        MSPQM - ok
19:01:04.0295 4116        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:01:04.0311 4116        MsRPC - ok
19:01:04.0311 4116        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:01:04.0326 4116        mssmbios - ok
19:01:04.0326 4116        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:01:04.0357 4116        MSTEE - ok
19:01:04.0373 4116        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:01:04.0389 4116        MTConfig - ok
19:01:04.0389 4116        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:01:04.0404 4116        Mup - ok
19:01:04.0435 4116        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:01:04.0467 4116        napagent - ok
19:01:04.0498 4116        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:01:04.0513 4116        NativeWifiP - ok
19:01:04.0560 4116        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:01:04.0591 4116        NDIS - ok
19:01:04.0607 4116        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:04.0638 4116        NdisCap - ok
19:01:04.0638 4116        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:04.0669 4116        NdisTapi - ok
19:01:04.0685 4116        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:04.0716 4116        Ndisuio - ok
19:01:04.0732 4116        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:04.0763 4116        NdisWan - ok
19:01:04.0779 4116        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:01:04.0810 4116        NDProxy - ok
19:01:04.0810 4116        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:01:04.0841 4116        NetBIOS - ok
19:01:04.0857 4116        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:01:04.0888 4116        NetBT - ok
19:01:04.0903 4116        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:01:04.0919 4116        Netlogon - ok
19:01:04.0950 4116        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:01:04.0981 4116        Netman - ok
19:01:05.0013 4116        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:01:05.0044 4116        netprofm - ok
19:01:05.0091 4116        netr7364        (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
19:01:05.0106 4116        netr7364 - ok
19:01:05.0184 4116        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:01:05.0200 4116        NetTcpPortSharing - ok
19:01:05.0200 4116        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:01:05.0215 4116        nfrd960 - ok
19:01:05.0231 4116        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:01:05.0278 4116        NlaSvc - ok
19:01:05.0278 4116        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:01:05.0309 4116        Npfs - ok
19:01:05.0325 4116        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:01:05.0356 4116        nsi - ok
19:01:05.0371 4116        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:01:05.0403 4116        nsiproxy - ok
19:01:05.0481 4116        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:01:05.0512 4116        Ntfs - ok
19:01:05.0683 4116        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:01:05.0715 4116        Null - ok
19:01:05.0793 4116        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
19:01:05.0808 4116        NVHDA - ok
19:01:06.0276 4116        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:01:06.0479 4116        nvlddmkm - ok
19:01:06.0541 4116        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:01:06.0557 4116        nvraid - ok
19:01:06.0573 4116        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:01:06.0588 4116        nvstor - ok
19:01:06.0651 4116        nvsvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
19:01:06.0666 4116        nvsvc - ok
19:01:06.0744 4116        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:01:06.0760 4116        nvUpdatusService - ok
19:01:06.0822 4116        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:01:06.0838 4116        nv_agp - ok
19:01:06.0853 4116        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:01:06.0869 4116        ohci1394 - ok
19:01:06.0885 4116        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:01:06.0900 4116        p2pimsvc - ok
19:01:06.0931 4116        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:01:06.0947 4116        p2psvc - ok
19:01:06.0963 4116        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:01:06.0963 4116        Parport - ok
19:01:06.0994 4116        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:01:07.0009 4116        partmgr - ok
19:01:07.0025 4116        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:01:07.0041 4116        PcaSvc - ok
19:01:07.0056 4116        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:01:07.0072 4116        pci - ok
19:01:07.0072 4116        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:01:07.0087 4116        pciide - ok
19:01:07.0103 4116        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:01:07.0119 4116        pcmcia - ok
19:01:07.0134 4116        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:01:07.0150 4116        pcw - ok
19:01:07.0165 4116        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:01:07.0212 4116        PEAUTH - ok
19:01:07.0259 4116        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:01:07.0275 4116        PerfHost - ok
19:01:07.0337 4116        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:01:07.0384 4116        pla - ok
19:01:07.0431 4116        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:01:07.0446 4116        PlugPlay - ok
19:01:07.0462 4116        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:01:07.0462 4116        PNRPAutoReg - ok
19:01:07.0493 4116        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:01:07.0509 4116        PNRPsvc - ok
19:01:07.0540 4116        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:01:07.0571 4116        PolicyAgent - ok
19:01:07.0602 4116        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:01:07.0633 4116        Power - ok
19:01:07.0665 4116        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:01:07.0711 4116        PptpMiniport - ok
19:01:07.0711 4116        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:01:07.0727 4116        Processor - ok
19:01:07.0758 4116        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:01:07.0758 4116        ProfSvc - ok
19:01:07.0774 4116        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:01:07.0789 4116        ProtectedStorage - ok
19:01:07.0805 4116        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:01:07.0836 4116        Psched - ok
19:01:07.0899 4116        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:01:07.0930 4116        ql2300 - ok
19:01:07.0992 4116        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:01:08.0023 4116        ql40xx - ok
19:01:08.0055 4116        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:01:08.0070 4116        QWAVE - ok
19:01:08.0086 4116        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:01:08.0101 4116        QWAVEdrv - ok
19:01:08.0101 4116        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:01:08.0148 4116        RasAcd - ok
19:01:08.0148 4116        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:01:08.0195 4116        RasAgileVpn - ok
19:01:08.0211 4116        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:01:08.0242 4116        RasAuto - ok
19:01:08.0257 4116        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:08.0289 4116        Rasl2tp - ok
19:01:08.0304 4116        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:01:08.0351 4116        RasMan - ok
19:01:08.0367 4116        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:08.0398 4116        RasPppoe - ok
19:01:08.0398 4116        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:01:08.0429 4116        RasSstp - ok
19:01:08.0460 4116        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:01:08.0491 4116        rdbss - ok
19:01:08.0491 4116        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:01:08.0507 4116        rdpbus - ok
19:01:08.0523 4116        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:08.0554 4116        RDPCDD - ok
19:01:08.0554 4116        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:01:08.0585 4116        RDPENCDD - ok
19:01:08.0601 4116        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:01:08.0632 4116        RDPREFMP - ok
19:01:08.0663 4116        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:01:08.0679 4116        RDPWD - ok
19:01:08.0679 4116        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:01:08.0694 4116        rdyboost - ok
19:01:08.0725 4116        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:01:08.0772 4116        RemoteAccess - ok
19:01:08.0788 4116        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:01:08.0819 4116        RemoteRegistry - ok
19:01:08.0835 4116        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:01:08.0866 4116        RpcEptMapper - ok
19:01:08.0881 4116        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:01:08.0897 4116        RpcLocator - ok
19:01:08.0913 4116        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:01:08.0959 4116        RpcSs - ok
19:01:08.0975 4116        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:01:09.0006 4116        rspndr - ok
19:01:09.0022 4116        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:01:09.0037 4116        SamSs - ok
19:01:09.0053 4116        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:01:09.0053 4116        sbp2port - ok
19:01:09.0084 4116        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:01:09.0115 4116        SCardSvr - ok
19:01:09.0131 4116        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:01:09.0162 4116        scfilter - ok
19:01:09.0209 4116        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:01:09.0256 4116        Schedule - ok
19:01:09.0271 4116        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:01:09.0303 4116        SCPolicySvc - ok
19:01:09.0334 4116        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:01:09.0349 4116        SDRSVC - ok
19:01:09.0365 4116        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:01:09.0396 4116        secdrv - ok
19:01:09.0412 4116        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:01:09.0443 4116        seclogon - ok
19:01:09.0443 4116        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:01:09.0490 4116        SENS - ok
19:01:09.0490 4116        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:01:09.0505 4116        SensrSvc - ok
19:01:09.0521 4116        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:01:09.0521 4116        Serenum - ok
19:01:09.0537 4116        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:01:09.0552 4116        Serial - ok
19:01:09.0552 4116        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:01:09.0568 4116        sermouse - ok
19:01:09.0583 4116        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:01:09.0630 4116        SessionEnv - ok
19:01:09.0630 4116        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:01:09.0646 4116        sffdisk - ok
19:01:09.0661 4116        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:01:09.0677 4116        sffp_mmc - ok
19:01:09.0693 4116        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:01:09.0708 4116        sffp_sd - ok
19:01:09.0708 4116        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:01:09.0724 4116        sfloppy - ok
19:01:09.0755 4116        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:01:09.0786 4116        SharedAccess - ok
19:01:09.0817 4116        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:01:09.0849 4116        ShellHWDetection - ok
19:01:09.0864 4116        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:01:09.0880 4116        SiSRaid2 - ok
19:01:09.0895 4116        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:01:09.0895 4116        SiSRaid4 - ok
19:01:09.0911 4116        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:01:09.0942 4116        Smb - ok
19:01:09.0958 4116        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:01:09.0973 4116        SNMPTRAP - ok
19:01:09.0989 4116        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:01:10.0005 4116        spldr - ok
19:01:10.0036 4116        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:01:10.0067 4116        Spooler - ok
19:01:10.0192 4116        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:01:10.0270 4116        sppsvc - ok
19:01:10.0317 4116        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:01:10.0348 4116        sppuinotify - ok
19:01:10.0395 4116        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:01:10.0410 4116        srv - ok
19:01:10.0441 4116        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:01:10.0457 4116        srv2 - ok
19:01:10.0473 4116        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:01:10.0488 4116        srvnet - ok
19:01:10.0504 4116        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:01:10.0535 4116        SSDPSRV - ok
19:01:10.0551 4116        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:01:10.0582 4116        SstpSvc - ok
19:01:10.0613 4116        Steam Client Service - ok
19:01:10.0707 4116        Stereo Service  (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:01:10.0722 4116        Stereo Service - ok
19:01:10.0769 4116        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:01:10.0785 4116        stexstor - ok
19:01:10.0831 4116        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:01:10.0863 4116        stisvc - ok
19:01:10.0863 4116        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:01:10.0878 4116        swenum - ok
19:01:10.0909 4116        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:01:10.0956 4116        swprv - ok
19:01:11.0019 4116        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:01:11.0050 4116        SysMain - ok
19:01:11.0097 4116        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:01:11.0112 4116        TabletInputService - ok
19:01:11.0143 4116        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:01:11.0175 4116        TapiSrv - ok
19:01:11.0190 4116        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:01:11.0221 4116        TBS - ok
19:01:11.0315 4116        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:01:11.0362 4116        Tcpip - ok
19:01:11.0455 4116        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:01:11.0502 4116        TCPIP6 - ok
19:01:11.0549 4116        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:01:11.0580 4116        tcpipreg - ok
19:01:11.0596 4116        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:01:11.0596 4116        TDPIPE - ok
19:01:11.0611 4116        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:01:11.0627 4116        TDTCP - ok
19:01:11.0643 4116        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:01:11.0674 4116        tdx - ok
19:01:11.0689 4116        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:01:11.0705 4116        TermDD - ok
19:01:11.0752 4116        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:01:11.0783 4116        TermService - ok
19:01:11.0799 4116        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:01:11.0814 4116        Themes - ok
19:01:11.0845 4116        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:01:11.0877 4116        THREADORDER - ok
19:01:11.0892 4116        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:01:11.0923 4116        TrkWks - ok
19:01:11.0955 4116        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:01:11.0986 4116        TrustedInstaller - ok
19:01:12.0002 4116        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:12.0033 4116        tssecsrv - ok
19:01:12.0048 4116        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:01:12.0064 4116        TsUsbFlt - ok
19:01:12.0064 4116        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:01:12.0080 4116        TsUsbGD - ok
19:01:12.0095 4116        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:01:12.0126 4116        tunnel - ok
19:01:12.0126 4116        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:01:12.0142 4116        uagp35 - ok
19:01:12.0173 4116        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:01:12.0204 4116        udfs - ok
19:01:12.0220 4116        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:01:12.0236 4116        UI0Detect - ok
19:01:12.0251 4116        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:01:12.0267 4116        uliagpkx - ok
19:01:12.0282 4116        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:01:12.0298 4116        umbus - ok
19:01:12.0298 4116        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:01:12.0314 4116        UmPass - ok
19:01:12.0329 4116        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:01:12.0376 4116        upnphost - ok
19:01:12.0392 4116        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:12.0407 4116        usbccgp - ok
19:01:12.0423 4116        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:01:12.0438 4116        usbcir - ok
19:01:12.0438 4116        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:01:12.0454 4116        usbehci - ok
19:01:12.0485 4116        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:01:12.0501 4116        usbhub - ok
19:01:12.0516 4116        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:01:12.0516 4116        usbohci - ok
19:01:12.0532 4116        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:01:12.0548 4116        usbprint - ok
19:01:12.0563 4116        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:12.0563 4116        USBSTOR - ok
19:01:12.0579 4116        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:01:12.0579 4116        usbuhci - ok
19:01:12.0594 4116        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:01:12.0626 4116        UxSms - ok
19:01:12.0641 4116        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:01:12.0657 4116        VaultSvc - ok
19:01:12.0672 4116        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:01:12.0672 4116        vdrvroot - ok
19:01:12.0704 4116        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:01:12.0750 4116        vds - ok
19:01:12.0750 4116        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:12.0766 4116        vga - ok
19:01:12.0782 4116        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:01:12.0813 4116        VgaSave - ok
19:01:12.0844 4116        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:01:12.0860 4116        vhdmp - ok
19:01:12.0860 4116        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:01:12.0875 4116        viaide - ok
19:01:12.0891 4116        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:01:12.0906 4116        volmgr - ok
19:01:12.0922 4116        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:01:12.0953 4116        volmgrx - ok
19:01:12.0969 4116        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:01:12.0984 4116        volsnap - ok
19:01:12.0984 4116        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:01:13.0000 4116        vsmraid - ok
19:01:13.0078 4116        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:01:13.0125 4116        VSS - ok
19:01:13.0203 4116        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:01:13.0234 4116        vwifibus - ok
19:01:13.0234 4116        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:01:13.0250 4116        vwififlt - ok
19:01:13.0281 4116        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:01:13.0328 4116        W32Time - ok
19:01:13.0328 4116        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:01:13.0343 4116        WacomPen - ok
19:01:13.0359 4116        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:13.0390 4116        WANARP - ok
19:01:13.0390 4116        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:13.0437 4116        Wanarpv6 - ok
19:01:13.0484 4116        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:01:13.0515 4116        wbengine - ok
19:01:13.0577 4116        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:01:13.0593 4116        WbioSrvc - ok
19:01:13.0624 4116        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:01:13.0655 4116        wcncsvc - ok
19:01:13.0655 4116        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:01:13.0671 4116        WcsPlugInService - ok
19:01:13.0702 4116        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:01:13.0718 4116        Wd - ok
19:01:13.0733 4116        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:01:13.0764 4116        Wdf01000 - ok
19:01:13.0764 4116        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:01:13.0796 4116        WdiServiceHost - ok
19:01:13.0796 4116        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:01:13.0811 4116        WdiSystemHost - ok
19:01:13.0827 4116        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:01:13.0858 4116        WebClient - ok
19:01:13.0874 4116        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:01:13.0905 4116        Wecsvc - ok
19:01:13.0920 4116        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:01:13.0967 4116        wercplsupport - ok
19:01:13.0967 4116        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:01:13.0998 4116        WerSvc - ok
19:01:14.0014 4116        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:01:14.0045 4116        WfpLwf - ok
19:01:14.0045 4116        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:01:14.0061 4116        WIMMount - ok
19:01:14.0092 4116        WinDefend - ok
19:01:14.0092 4116        WinHttpAutoProxySvc - ok
19:01:14.0123 4116        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:01:14.0170 4116        Winmgmt - ok
19:01:14.0248 4116        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:01:14.0310 4116        WinRM - ok
19:01:14.0373 4116        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:01:14.0404 4116        Wlansvc - ok
19:01:14.0420 4116        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:01:14.0435 4116        WmiAcpi - ok
19:01:14.0466 4116        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:01:14.0482 4116        wmiApSrv - ok
19:01:14.0498 4116        WMPNetworkSvc - ok
19:01:14.0498 4116        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:01:14.0513 4116        WPCSvc - ok
19:01:14.0529 4116        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:01:14.0544 4116        WPDBusEnum - ok
19:01:14.0560 4116        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:01:14.0591 4116        ws2ifsl - ok
19:01:14.0607 4116        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:01:14.0622 4116        wscsvc - ok
19:01:14.0622 4116        WSearch - ok
19:01:14.0732 4116        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:01:14.0778 4116        wuauserv - ok
19:01:14.0841 4116        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:01:14.0888 4116        WudfPf - ok
19:01:14.0903 4116        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:01:14.0934 4116        WUDFRd - ok
19:01:14.0950 4116        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:01:14.0981 4116        wudfsvc - ok
19:01:15.0012 4116        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:01:15.0028 4116        WwanSvc - ok
19:01:15.0044 4116        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:01:15.0231 4116        \Device\Harddisk0\DR0 - ok
19:01:15.0246 4116        MBR (0x1B8)    (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR1
19:01:16.0089 4116        \Device\Harddisk1\DR1 - ok
19:01:16.0089 4116        MBR (0x1B8)    (2c84430d22ebe55c07661c61d78dc5af) \Device\Harddisk2\DR2
19:01:20.0426 4116        \Device\Harddisk2\DR2 - ok
19:01:20.0441 4116        Boot (0x1200)  (d9b27ab29df1e2e36058251ba6eecfe0) \Device\Harddisk0\DR0\Partition0
19:01:20.0441 4116        \Device\Harddisk0\DR0\Partition0 - ok
19:01:20.0457 4116        Boot (0x1200)  (90d59aec98d98cfa6572de241c8f564f) \Device\Harddisk0\DR0\Partition1
19:01:20.0472 4116        \Device\Harddisk0\DR0\Partition1 - ok
19:01:20.0472 4116        Boot (0x1200)  (160f47f4d3004a4d86d9dfd80b20f147) \Device\Harddisk1\DR1\Partition0
19:01:20.0472 4116        \Device\Harddisk1\DR1\Partition0 - ok
19:01:20.0472 4116        ============================================================
19:01:20.0472 4116        Scan finished
19:01:20.0472 4116        ============================================================
19:01:20.0488 2488        Detected object count: 1
19:01:20.0488 2488        Actual detected object count: 1
19:01:28.0241 2488        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:01:28.0241 2488        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:01:41.0111 3900        Deinitialize success

cosinus 01.08.2012 18:27
Ziemlich unauffällig alles bisher.
Noch Probleme?

RVD 01.08.2012 18:40
Hi,
nein bisher ist mir nichts aufgefallen. Hatte nur ein wenig Panik nachdem ich so dumm war und auf den Link geklickt hatte. Habe ich evtl. Glück und es war nichts schlimmes dahinter und nur eine einfache Spam Mail? Den Link habe ich noch gespeichert, für den Fall das er von Interesse sein könnte.

cosinus 02.08.2012 14:29
Ok, dann sollten wir auch nicht mehr tiefer buddeln :D

Abschließend poste ich noch meinen Updateleitfaden! :)

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => Adobe Flash Player Distribution | Adobe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

RVD 02.08.2012 18:11
Danke nochmals für deine Hilfe. Wurde etwas gefunden, ist der PC jetzt sauber,?
Welche Programme sollte ich nun immer laufen haben? Reichen Antivir und Malwarebytes?

Eine Sache ist mir doch aufgefallen, ich bekommen nun mehrere Spammails auf das Mailkonto.

Danke und Gruß
RVD

cosinus 03.08.2012 15:54
Zitat:
Reichen Antivir und Malwarebytes?
Die Frage - welcher Virenscanner oder ob der installierte reicht - taucht ständig auf.
Der Virenscanner - egal welcher - kann und wird niemals 100% Schutz bieten können. Neue/unbekannte Schädlinge können immer durch die Lappen gehen. Geld ausgeben muss man nicht für einen Scanner, sowas wie Avast oder Microsoft Security Essentials sind für die privaten Gebrauch völlig ausreichend.
Abgesehen davon nutzen verschiedene Virenscanner unterschiedliche Signaturen und Techniken, das führt dazu, dass zB Scanner1 Schädling X entdeckt, aber Schädling Y übersieht. Scanner2 erkennt Schädling Y, dafür aber Schädling X nicht...
Wichtiger ist, dass du dich an Regeln hälst. Der beste Virenscanner bringt nichts, wenn du dich falsch verhälst und fahrlässig/unvorsichtig bist. Airbag und Sicherheitsgurt im Auto sind ja auch keine Gründe dafür auf die Verkehrsregeln zu pfeifen.

Halte Dich am besten grob an diese Regeln:
  1. Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!!
  2. Halte Windows und alle verwendeten Programme immer aktuell - unterstützen kann dich dabei Secunia PSI
  3. Führe regelmäßig Backups auf externe Medien durch
  4. Arbeite mit eingeschränkten Rechten
  5. Nutze sicherere Programme wie zB Opera oder Firefox zum Surfen statt den IE, zum Mailen Thunderbird statt Outlook Express - E-Mails nur als reinen text anzeigen lassen
  6. automatische Wiedergabe von allen Laufwerken komplett deaktivieren, denn das ist ein unnötiges Sicherheitsrisiko
  7. Bei der Installation von Software möglichst darauf achten, dass die Setups aus offiziellen Quellen stammen und du bei der Installation nach Möglichkeit die benutzerdefinierte Methode wählst - dann hast du die Möglichkeit etwaigen Schrott (wie Toolbars oder sowas wie RegistryBooster) abzuwählen, welcher sonst einfach mitinstalliert wird.
  8. Bösartige bzw. ungewollte Sites von vornherein blockieren lassen mit Hilfe der MVPS Hosts File => Blocking Unwanted Parasites with a Hosts File
  9. Finger weg von: TuneUp, Registry-Cleanern aller Art, Softonic sowie illegalen Cracks/Keygens oder anderen "Tools" um ein kommerzielles Programm ohne Lizenz nutzen zu können
  10. dubiose Seiten bzw. Kinofilm-Streaming-Portale ebenfalls sein lassen, erstens handelt man sich dort schnell Malware ein oder kann in Abofallen geraten und zweitens bewegen sich diese Seiten in einer rechtlichen Grauzone.


Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?


Zitat:
Eine Sache ist mir doch aufgefallen, ich bekommen nun mehrere Spammails auf das Mailkonto.
Ja warum wohl!
Wenn du auf SPAM Mails klickst und auch noch die Links darin öffnest bestätigst du damit den Spammer, dass diese Adresse existiert und und noch genutzt wird! Wer SPAM anklickt bekommt mehr SPAM ist doch logisch!


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55