Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virus / unzählige Fenster öffnen sich (https://www.trojaner-board.de/129136-virus-unzaehlige-fenster-oeffnen.html)

herbcyy 07.01.2013 10:58
Virus / unzählige Fenster öffnen sich
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,
ich habe ein Problem mit einem vermutlichem Virus. Sobald ich meinen PC starte, öffnet sich immer ein kleines Fenster.Eigentlich wollte ich einen Screenshot davon posten, allerdings geht dieses im abgesichertem Modus leider nicht. Dieses Fenster öffnet sich immer wieder und das im Vordergrund, sodass ich erst wieder des Desktop anklicken muss um weiter arbeiten zu können. Das Fenster öffnet sich immer wieder, sodass ich nach einiger Zeit hunderte davon offen habe.

Ich werde nun meinen PC normal starten und versuchen den Screenshot hochzuladen.

Vielen Dank schonmal im Vorraus für die Hilfe :)

Hier ist der Screenshot. Im Moment öffnet sich der Virus nicht, aber ich möchte noch erwähnen, dass ich das gleiche Problem vor einem Monat schonmal hatte, aber plötzlich öffneten sich keine Fenster und ich dachte es wäre vorbei.

markusg 07.01.2013 15:48
Hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

herbcyy 07.01.2013 18:53
Vielen Danke ! Allerdings hat sich nach dem Scan nur dir OTL.txt Datei geöffnet ?

OTL.text :

OTL Logfile:
Code:
OTL logfile created on: 07.01.2013 18:40:17 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\jonas\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 70,66% Memory free
7,99 Gb Paging File | 6,84 Gb Available in Paging File | 85,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 581,91 Gb Free Space | 62,47% Space Free | Partition Type: NTFS
Drive D: | 59,53 Gb Total Space | 41,71 Gb Free Space | 70,08% Space Free | Partition Type: NTFS
 
Computer Name: JONAS-PC | User Name: jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\jonas\Downloads\OTL.exe (OldTimer Tools)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (BITCOMET_HELPER_SERVICE) -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech)
DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=115303&tt=4412_4&babsrc=HP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=115303&tt=4412_4&babsrc=HP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 EC 9D 12 CD 6B CC 01  [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=115303&tt=4412_4&babsrc=SP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "InnoGames Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=115303&tt=4412_4&babsrc=HP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@Facemoods.com:1.4.1
FF - prefs.js..extensions.enabledAddons: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.29
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.7
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.22
FF - prefs.js..extensions.enabledAddons: {c7478d43-2bd5-4844-98b8-c2a6aa9ed677}:3.14.1.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledAddons: {9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}:1.0
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jonas\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jonas\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.09 20:39:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.01 18:38:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.28 12:57:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\jonas\AppData\Roaming\08001.071 [2012.09.15 20:18:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.11.04 10:12:25 | 000,000,000 | ---D | M]
 
[2011.07.29 19:22:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonas\AppData\Roaming\mozilla\Extensions
[2012.11.04 10:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions
[2011.09.05 16:09:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.09.23 14:43:38 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012.04.15 15:52:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.08.08 16:06:53 | 000,000,000 | ---D | M] (InnoGames Community Toolbar) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}
[2012.08.08 16:06:58 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.08.31 17:00:02 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\ffxtlbr@babylon.com
[2011.09.23 14:36:22 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\jonas\AppData\Roaming\mozilla\Firefox\Profiles\6jszngmt.default\extensions\ffxtlbr@Facemoods.com
[2012.02.17 09:56:13 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\jonas\AppData\Roaming\mozilla\firefox\profiles\6jszngmt.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.11.04 10:12:22 | 000,002,536 | ---- | M] () -- C:\Users\jonas\AppData\Roaming\mozilla\firefox\profiles\6jszngmt.default\searchplugins\browsemngr.xml
[2011.08.14 13:54:48 | 000,000,921 | ---- | M] () -- C:\Users\jonas\AppData\Roaming\mozilla\firefox\profiles\6jszngmt.default\searchplugins\conduit.xml
[2012.08.07 19:09:27 | 000,001,056 | ---- | M] () -- C:\Users\jonas\AppData\Roaming\mozilla\firefox\profiles\6jszngmt.default\searchplugins\icqplugin.xml
[2012.10.28 12:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.02 23:26:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.28 12:57:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.11.04 10:12:25 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.796.11\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012.09.15 20:18:14 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\JONAS\APPDATA\ROAMING\08001.071
[2011.12.01 18:38:27 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.09 05:49:04 | 001,037,112 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011.10.06 21:03:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.04 10:11:53 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.10.06 21:03:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.06 21:03:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.23 14:36:22 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.10.06 21:03:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.06 21:03:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.06 21:03:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=115303&tt=4412_4&babsrc=HP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://search.babylon.com/?affID=115303&tt=4412_4&babsrc=HP_ss&mntrId=5ac8997b0000000000001c6f653cf6f2
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jonas\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jonas\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jonas\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\jonas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Skype Click to Call = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Settings Protector = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [RfxSrvTray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [Spotify] C:\Users\jonas\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\jonas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB700AE6-4404-40A4-BC45-1687876A2E26}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{16705ae7-e788-11e1-a022-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{16705ae7-e788-11e1-a022-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Password.exe
O33 - MountPoints2\{9227689c-ba0d-11e0-9971-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9227689c-ba0d-11e0-9971-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\start.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^Users^jonas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Logitech G35 - hkey= - key= - C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
MsConfig:64bit - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
MsConfig:64bit - StartUpReg: LWS - hkey= - key= - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: rfxsrvtray - hkey= - key= - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
MsConfig:64bit - StartUpReg: SpeedUpMyPC - hkey= - key= - C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe (Uniblue Systems Ltd)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\jonas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: UseerSideBar - hkey= - key= - C:\Users\jonas\AppData\Roaming\prapproxy32.exe ()
MsConfig:64bit - StartUpReg: Windows Mobile-based device management - hkey= - key= - C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.21 12:36:17 | 000,000,000 | ---D | C] -- C:\Users\jonas\Desktop\Musik
[2012.12.20 14:32:03 | 000,000,000 | ---D | C] -- C:\Users\jonas\AppData\Local\{1FD00A7B-6C45-40E1-AF54-7903324B5E40}
[2012.12.11 14:56:23 | 000,000,000 | ---D | C] -- C:\Users\jonas\AppData\Local\{5A75AAA3-31C7-43C1-82E7-90019E9CA8C5}
[2012.12.09 10:24:17 | 000,000,000 | ---D | C] -- C:\Users\jonas\AppData\Local\{2CEEF8B3-BABA-4B8E-B7F0-2975A584D21E}
[3 C:\Users\jonas\Documents\*.tmp files -> C:\Users\jonas\Documents\*.tmp -> ]
[2 C:\Users\jonas\Desktop\*.tmp files -> C:\Users\jonas\Desktop\*.tmp -> ]
[2 C:\Users\jonas\AppData\Roaming\*.tmp files -> C:\Users\jonas\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.07 18:37:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.07 18:37:45 | 3218,493,440 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.07 18:13:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4186555144-3616624444-2202780133-1001UA.job
[2013.01.07 11:07:51 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 11:07:51 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 11:06:12 | 001,549,010 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.07 11:06:12 | 000,672,042 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.07 11:06:12 | 000,631,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.07 11:06:12 | 000,138,338 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.07 11:06:12 | 000,114,044 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.07 11:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012.12.21 15:21:08 | 716,298,358 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.20 21:26:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4186555144-3616624444-2202780133-1001Core.job
[2012.12.16 16:17:22 | 000,002,495 | ---- | M] () -- C:\Users\jonas\Desktop\Google Chrome.lnk
[2012.12.09 09:14:45 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.09 09:14:45 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.09 09:06:59 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.08 21:27:55 | 000,001,630 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[3 C:\Users\jonas\Documents\*.tmp files -> C:\Users\jonas\Documents\*.tmp -> ]
[2 C:\Users\jonas\Desktop\*.tmp files -> C:\Users\jonas\Desktop\*.tmp -> ]
[2 C:\Users\jonas\AppData\Roaming\*.tmp files -> C:\Users\jonas\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.18 18:18:09 | 001,525,968 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.27 10:12:28 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.09.21 20:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 20:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 20:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.07.03 21:14:18 | 000,017,408 | ---- | C] () -- C:\Users\jonas\AppData\Local\WebpageIcons.db
[2012.04.16 20:01:30 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2012.01.07 13:43:34 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011.12.22 16:13:44 | 000,127,372 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.09.23 22:06:27 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.09.10 20:54:29 | 046,633,004 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_09_10_21_54_28.wav
[2011.09.10 20:48:24 | 029,589,164 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_09_10_21_48_23.wav
[2011.09.10 20:47:29 | 003,776,684 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_09_10_21_47_27.wav
[2011.09.10 20:22:09 | 007,013,804 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_09_10_21_22_8.wav
[2011.09.10 20:21:45 | 004,005,164 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_09_10_21_21_43.wav
[2011.09.07 19:15:51 | 000,004,096 | -H-- | C] () -- C:\Users\jonas\AppData\Local\keyfile3.drm
[2011.08.30 09:58:06 | 000,000,000 | ---- | C] () -- C:\Users\jonas\AppData\Local\{9208B311-DAF0-4471-B85E-7A06354BB445}
[2011.08.24 12:21:11 | 000,606,764 | ---- | C] () -- C:\Users\jonas\ts3_recording_11_08_24_13_21_10.wav
[2011.08.09 19:46:05 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.07.29 20:15:50 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.07.29 20:15:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.07.29 20:04:38 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.07.29 20:04:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.29 19:29:30 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2011.07.29 19:24:39 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.10.31 11:08:11 | 000,123,840 | RHS- | C] () -- C:\Users\jonas\AppData\Roaming\prapproxy32.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.08.07 19:08:52 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\08001.066
[2012.08.08 11:04:05 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\08001.067
[2012.08.18 18:22:33 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\08001.069
[2012.08.30 16:21:05 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\08001.070
[2012.09.15 20:18:14 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\08001.071
[2012.01.07 13:43:24 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Babylon
[2012.02.12 22:06:45 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\BitComet
[2012.02.05 19:50:21 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Dropbox
[2011.12.25 15:25:02 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\DVDVideoSoft
[2011.09.05 16:09:42 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.01.07 11:00:32 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\ICQ
[2012.08.07 19:08:28 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\kock
[2011.07.29 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Leadertech
[2011.11.11 19:36:09 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\LolClient
[2012.05.24 09:26:17 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\LolClient2
[2011.08.03 14:16:45 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Notepad++
[2011.09.11 17:34:12 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\OpenCandy
[2011.09.13 12:51:14 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\OpenOffice.org
[2013.01.07 07:32:54 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Spotify
[2011.07.30 14:31:33 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\TeamViewer
[2011.08.25 00:04:24 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Teeworlds
[2012.04.16 20:02:07 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Tobit
[2012.12.20 19:25:37 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\TS3Client
[2012.09.13 19:31:32 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\UAs
[2012.11.04 10:27:37 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\Uniblue
[2012.09.14 17:20:14 | 000,000,000 | ---D | M] -- C:\Users\jonas\AppData\Roaming\xmldm
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.12.03 11:12:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.07.29 18:36:28 | 000,000,000 | ---D | M] -- C:\691c3f809b605f3c6e7c
[2012.11.18 18:20:24 | 000,000,000 | ---D | M] -- C:\9066f772310511bdab
[2011.07.29 19:39:22 | 000,000,000 | ---D | M] -- C:\AMD
[2012.12.08 21:29:06 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.07.29 19:15:39 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.11.10 10:06:54 | 000,000,000 | ---D | M] -- C:\Downloads
[2012.11.27 20:20:35 | 000,000,000 | -HSD | M] -- C:\found.000
[2012.11.29 19:47:27 | 000,000,000 | -HSD | M] -- C:\found.001
[2012.10.28 16:11:16 | 000,000,000 | ---D | M] -- C:\Fraps
[2011.07.29 20:07:35 | 000,000,000 | ---D | M] -- C:\ICQ7.5
[2012.03.08 21:29:48 | 000,000,000 | ---D | M] -- C:\LeagueOfLegends
[2011.08.09 12:10:48 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.04 10:13:52 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.21 16:35:51 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.18 18:51:00 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.07.29 19:15:40 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.22 00:48:25 | 000,000,000 | ---D | M] -- C:\RaidTool
[2011.07.29 19:15:40 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.03.08 21:30:24 | 000,000,000 | ---D | M] -- C:\Riot Games
[2013.01.07 12:43:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.07.29 19:15:48 | 000,000,000 | R--D | M] -- C:\Users
[2013.01.07 10:47:11 | 000,000,000 | ---D | M] -- C:\Windows
[2011.07.29 19:56:02 | 000,000,000 | ---D | M] -- C:\Windows.old
[2011.07.29 20:07:42 | 000,000,000 | ---D | M] -- C:\Xfire
[2012.08.09 16:11:33 | 000,000,000 | ---D | M] -- C:\xmldm
[2012.02.07 20:27:53 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.09.11 17:34:45 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\DriverScanner.job
[2012.02.17 09:58:14 | 000,001,068 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4186555144-3616624444-2202780133-1001Core.job
[2012.02.17 09:58:15 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4186555144-3616624444-2202780133-1001UA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.01.07 18:36:51 | 004,194,304 | -HS- | M] () -- C:\Users\jonas\ntuser.dat
[2013.01.07 18:36:51 | 000,262,144 | -HS- | M] () -- C:\Users\jonas\ntuser.dat.LOG1
[2011.07.29 19:15:51 | 000,000,000 | -HS- | M] () -- C:\Users\jonas\ntuser.dat.LOG2
[2011.07.29 19:26:29 | 000,065,536 | -HS- | M] () -- C:\Users\jonas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.07.29 19:26:29 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.07.29 19:26:29 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.09.04 20:43:11 | 000,065,536 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{282dec55-f6c2-11e1-8a9e-1c6f653cf6f2}.TM.blf
[2012.09.04 20:43:11 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{282dec55-f6c2-11e1-8a9e-1c6f653cf6f2}.TMContainer00000000000000000001.regtrans-ms
[2012.09.04 20:43:11 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{282dec55-f6c2-11e1-8a9e-1c6f653cf6f2}.TMContainer00000000000000000002.regtrans-ms
[2012.10.19 22:22:11 | 000,065,536 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6a28fc16-1a1e-11e2-b1a6-1c6f653cf6f2}.TM.blf
[2012.10.19 22:22:11 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6a28fc16-1a1e-11e2-b1a6-1c6f653cf6f2}.TMContainer00000000000000000001.regtrans-ms
[2012.10.19 22:22:11 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6a28fc16-1a1e-11e2-b1a6-1c6f653cf6f2}.TMContainer00000000000000000002.regtrans-ms
[2012.01.21 01:12:27 | 000,065,536 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6d3f5921-43bf-11e1-930a-1c6f653cf6f2}.TM.blf
[2012.01.21 01:12:27 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6d3f5921-43bf-11e1-930a-1c6f653cf6f2}.TMContainer00000000000000000001.regtrans-ms
[2012.01.21 01:12:27 | 000,524,288 | -HS- | M] () -- C:\Users\jonas\ntuser.dat{6d3f5921-43bf-11e1-930a-1c6f653cf6f2}.TMContainer00000000000000000002.regtrans-ms
[2011.07.29 19:15:51 | 000,000,020 | -HS- | M] () -- C:\Users\jonas\ntuser.ini
[2011.08.24 12:21:15 | 000,606,764 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_08_24_13_21_10.wav
[2011.09.10 20:22:06 | 004,005,164 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_09_10_21_21_43.wav
[2011.09.10 20:22:46 | 007,013,804 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_09_10_21_22_8.wav
[2011.09.10 20:47:49 | 003,776,684 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_09_10_21_47_27.wav
[2011.09.10 20:50:58 | 029,589,164 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_09_10_21_48_23.wav
[2011.09.10 20:58:32 | 046,633,004 | ---- | M] () -- C:\Users\jonas\ts3_recording_11_09_10_21_54_28.wav
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<          >

< End of report >
--- --- ---

markusg 07.01.2013 19:33
hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
[2009.10.31 11:08:11 | 000,123,840 | RHS- | C] () -- C:\Users\jonas\AppData\Roaming\prapproxy32.exe
 :Files
:Commands
[EMPTYFLASH]
[emptytemp]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.


Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

herbcyy 07.01.2013 19:49
Ist das die richtige Datei ?
Hoffs mal ;-)
Beim Upload gabs keine Probleme

Zitat:
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183

markusg 07.01.2013 19:56
Hi,
upload war erfolgreich, danke
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

herbcyy 07.01.2013 20:04
Hier der Log:

Zitat:
20:00:58.0330 1540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:00:58.0449 1540 ============================================================
20:00:58.0449 1540 Current date / time: 2013/01/07 20:00:58.0449
20:00:58.0449 1540 SystemInfo:
20:00:58.0449 1540
20:00:58.0449 1540 OS Version: 6.1.7601 ServicePack: 1.0
20:00:58.0449 1540 Product type: Workstation
20:00:58.0449 1540 ComputerName: JONAS-PC
20:00:58.0449 1540 UserName: jonas
20:00:58.0449 1540 Windows directory: C:\Windows
20:00:58.0449 1540 System windows directory: C:\Windows
20:00:58.0449 1540 Running under WOW64
20:00:58.0449 1540 Processor architecture: Intel x64
20:00:58.0449 1540 Number of processors: 6
20:00:58.0449 1540 Page size: 0x1000
20:00:58.0449 1540 Boot type: Safe boot with network
20:00:58.0449 1540 ============================================================
20:00:59.0249 1540 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:00:59.0257 1540 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:00:59.0260 1540 ============================================================
20:00:59.0260 1540 \Device\Harddisk0\DR0:
20:00:59.0260 1540 MBR partitions:
20:00:59.0260 1540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:00:59.0260 1540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D000
20:00:59.0260 1540 \Device\Harddisk1\DR1:
20:00:59.0260 1540 MBR partitions:
20:00:59.0260 1540 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:00:59.0260 1540 ============================================================
20:00:59.0280 1540 C: <-> \Device\Harddisk1\DR1\Partition1
20:00:59.0281 1540 D: <-> \Device\Harddisk0\DR0\Partition2
20:00:59.0281 1540 ============================================================
20:00:59.0281 1540 Initialize success
20:00:59.0281 1540 ============================================================
20:01:28.0310 1568 ============================================================
20:01:28.0310 1568 Scan started
20:01:28.0310 1568 Mode: Manual; SigCheck; TDLFS;
20:01:28.0310 1568 ============================================================
20:01:28.0527 1568 ================ Scan system memory ========================
20:01:28.0527 1568 System memory - ok
20:01:28.0527 1568 ================ Scan services =============================
20:01:28.0645 1568 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:01:28.0670 1568 1394ohci - ok
20:01:28.0706 1568 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:01:28.0715 1568 ACPI - ok
20:01:28.0727 1568 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:01:28.0735 1568 AcpiPmi - ok
20:01:28.0856 1568 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:01:28.0862 1568 AdobeARMservice - ok
20:01:28.0882 1568 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:01:28.0893 1568 adp94xx - ok
20:01:28.0906 1568 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:01:28.0915 1568 adpahci - ok
20:01:28.0922 1568 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:01:28.0929 1568 adpu320 - ok
20:01:28.0953 1568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:01:28.0975 1568 AeLookupSvc - ok
20:01:29.0020 1568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:01:29.0029 1568 AFD - ok
20:01:29.0040 1568 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:01:29.0046 1568 agp440 - ok
20:01:29.0057 1568 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:01:29.0064 1568 ALG - ok
20:01:29.0074 1568 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:01:29.0080 1568 aliide - ok
20:01:29.0115 1568 [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:01:29.0125 1568 AMD External Events Utility - ok
20:01:29.0141 1568 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:01:29.0147 1568 amdide - ok
20:01:29.0165 1568 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:01:29.0171 1568 AmdK8 - ok
20:01:29.0298 1568 [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:01:29.0359 1568 amdkmdag - ok
20:01:29.0375 1568 [ 20B63276A1920B41E1C56720B395049B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:01:29.0375 1568 amdkmdap - ok
20:01:29.0390 1568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:01:29.0406 1568 AmdPPM - ok
20:01:29.0437 1568 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:01:29.0453 1568 amdsata - ok
20:01:29.0468 1568 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:01:29.0484 1568 amdsbs - ok
20:01:29.0500 1568 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:01:29.0500 1568 amdxata - ok
20:01:29.0578 1568 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:01:29.0593 1568 AntiVirSchedulerService - ok
20:01:29.0624 1568 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:01:29.0624 1568 AntiVirService - ok
20:01:29.0656 1568 AODDriver - ok
20:01:29.0702 1568 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:01:29.0718 1568 AppID - ok
20:01:29.0734 1568 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:01:29.0765 1568 AppIDSvc - ok
20:01:29.0780 1568 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:01:29.0812 1568 Appinfo - ok
20:01:29.0890 1568 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:01:29.0890 1568 Apple Mobile Device - ok
20:01:29.0905 1568 [ 301AA64F9643BC453D90A66C4C0E7204 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
20:01:29.0905 1568 AppleCharger - ok
20:01:29.0921 1568 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
20:01:29.0921 1568 AppleChargerSrv - ok
20:01:29.0936 1568 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:01:29.0936 1568 arc - ok
20:01:29.0952 1568 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:01:29.0952 1568 arcsas - ok
20:01:30.0061 1568 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:01:30.0061 1568 aspnet_state - ok
20:01:30.0077 1568 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:01:30.0092 1568 AsyncMac - ok
20:01:30.0155 1568 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:01:30.0155 1568 atapi - ok
20:01:30.0186 1568 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:01:30.0202 1568 AtiPcie - ok
20:01:30.0233 1568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:01:30.0264 1568 AudioEndpointBuilder - ok
20:01:30.0264 1568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:01:30.0295 1568 AudioSrv - ok
20:01:30.0295 1568 [ B1224E6B086CD6548315B04AB575A23E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:01:30.0311 1568 avgntflt - ok
20:01:30.0311 1568 [ ED45F12CFA62B83765C9C1496758CC87 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:01:30.0326 1568 avipbb - ok
20:01:30.0362 1568 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:01:30.0372 1568 AxInstSV - ok
20:01:30.0399 1568 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:01:30.0408 1568 b06bdrv - ok
20:01:30.0429 1568 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:01:30.0437 1568 b57nd60a - ok
20:01:30.0460 1568 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:01:30.0467 1568 BDESVC - ok
20:01:30.0486 1568 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:01:30.0507 1568 Beep - ok
20:01:30.0553 1568 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:01:30.0578 1568 BFE - ok
20:01:30.0641 1568 BITCOMET_HELPER_SERVICE - ok
20:01:30.0659 1568 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:01:30.0686 1568 BITS - ok
20:01:30.0702 1568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:01:30.0708 1568 blbdrive - ok
20:01:30.0756 1568 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:01:30.0765 1568 Bonjour Service - ok
20:01:30.0802 1568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:01:30.0809 1568 bowser - ok
20:01:30.0818 1568 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:01:30.0826 1568 BrFiltLo - ok
20:01:30.0840 1568 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:01:30.0848 1568 BrFiltUp - ok
20:01:30.0882 1568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:01:30.0889 1568 Browser - ok
20:01:30.0985 1568 [ 52BE156F6C23B2995AFACE7091D18493 ] Browser Manager C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
20:01:31.0012 1568 Browser Manager - ok
20:01:31.0027 1568 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:01:31.0035 1568 Brserid - ok
20:01:31.0046 1568 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:01:31.0054 1568 BrSerWdm - ok
20:01:31.0060 1568 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:01:31.0068 1568 BrUsbMdm - ok
20:01:31.0078 1568 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:01:31.0084 1568 BrUsbSer - ok
20:01:31.0093 1568 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:01:31.0101 1568 BTHMODEM - ok
20:01:31.0114 1568 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:01:31.0135 1568 bthserv - ok
20:01:31.0150 1568 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:01:31.0171 1568 cdfs - ok
20:01:31.0238 1568 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:01:31.0245 1568 cdrom - ok
20:01:31.0275 1568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:01:31.0296 1568 CertPropSvc - ok
20:01:31.0308 1568 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:01:31.0316 1568 circlass - ok
20:01:31.0342 1568 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:01:31.0351 1568 CLFS - ok
20:01:31.0391 1568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:31.0397 1568 clr_optimization_v2.0.50727_32 - ok
20:01:31.0428 1568 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:01:31.0434 1568 clr_optimization_v2.0.50727_64 - ok
20:01:31.0497 1568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:31.0503 1568 clr_optimization_v4.0.30319_32 - ok
20:01:31.0509 1568 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:01:31.0515 1568 clr_optimization_v4.0.30319_64 - ok
20:01:31.0530 1568 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:01:31.0536 1568 CmBatt - ok
20:01:31.0556 1568 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:01:31.0556 1568 cmdide - ok
20:01:31.0602 1568 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:01:31.0618 1568 CNG - ok
20:01:31.0634 1568 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:01:31.0634 1568 Compbatt - ok
20:01:31.0649 1568 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:01:31.0665 1568 CompositeBus - ok
20:01:31.0665 1568 COMSysApp - ok
20:01:31.0665 1568 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:01:31.0680 1568 crcdisk - ok
20:01:31.0712 1568 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:01:31.0712 1568 CryptSvc - ok
20:01:31.0758 1568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:01:31.0774 1568 DcomLaunch - ok
20:01:31.0790 1568 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:01:31.0821 1568 defragsvc - ok
20:01:31.0852 1568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:01:31.0883 1568 DfsC - ok
20:01:31.0914 1568 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:01:31.0930 1568 dg_ssudbus - ok
20:01:31.0946 1568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:01:31.0961 1568 Dhcp - ok
20:01:31.0961 1568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:01:31.0992 1568 discache - ok
20:01:32.0008 1568 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:01:32.0008 1568 Disk - ok
20:01:32.0055 1568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:01:32.0055 1568 Dnscache - ok
20:01:32.0086 1568 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:01:32.0102 1568 dot3svc - ok
20:01:32.0133 1568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:01:32.0148 1568 DPS - ok
20:01:32.0164 1568 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:01:32.0180 1568 drmkaud - ok
20:01:32.0211 1568 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:01:32.0226 1568 DXGKrnl - ok
20:01:32.0258 1568 EagleX64 - ok
20:01:32.0273 1568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:01:32.0304 1568 EapHost - ok
20:01:32.0351 1568 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:01:32.0380 1568 ebdrv - ok
20:01:32.0406 1568 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:01:32.0412 1568 EFS - ok
20:01:32.0433 1568 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:01:32.0444 1568 elxstor - ok
20:01:32.0453 1568 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:01:32.0459 1568 ErrDev - ok
20:01:32.0521 1568 [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
20:01:32.0526 1568 ES lite Service - ok
20:01:32.0554 1568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:01:32.0578 1568 EventSystem - ok
20:01:32.0597 1568 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:01:32.0620 1568 exfat - ok
20:01:32.0633 1568 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:01:32.0656 1568 fastfat - ok
20:01:32.0670 1568 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:01:32.0676 1568 fdc - ok
20:01:32.0697 1568 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:01:32.0718 1568 fdPHost - ok
20:01:32.0723 1568 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:01:32.0745 1568 FDResPub - ok
20:01:32.0754 1568 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:01:32.0760 1568 FileInfo - ok
20:01:32.0772 1568 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:01:32.0794 1568 Filetrace - ok
20:01:32.0801 1568 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:01:32.0807 1568 flpydisk - ok
20:01:32.0836 1568 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:01:32.0845 1568 FltMgr - ok
20:01:32.0886 1568 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:01:32.0900 1568 FontCache - ok
20:01:32.0954 1568 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:01:32.0959 1568 FontCache3.0.0.0 - ok
20:01:32.0975 1568 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:01:32.0981 1568 FsDepends - ok
20:01:33.0016 1568 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:01:33.0022 1568 Fs_Rec - ok
20:01:33.0058 1568 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:01:33.0069 1568 fvevol - ok
20:01:33.0088 1568 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:01:33.0095 1568 gagp30kx - ok
20:01:33.0117 1568 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
20:01:33.0122 1568 gdrv - ok
20:01:33.0164 1568 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:01:33.0169 1568 GEARAspiWDM - ok
20:01:33.0223 1568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:01:33.0249 1568 gpsvc - ok
20:01:33.0265 1568 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
20:01:33.0271 1568 GVTDrv64 - ok
20:01:33.0284 1568 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:01:33.0290 1568 hcw85cir - ok
20:01:33.0336 1568 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:01:33.0346 1568 HdAudAddService - ok
20:01:33.0367 1568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:01:33.0376 1568 HDAudBus - ok
20:01:33.0379 1568 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:01:33.0379 1568 HidBatt - ok
20:01:33.0395 1568 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:01:33.0411 1568 HidBth - ok
20:01:33.0411 1568 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:01:33.0426 1568 HidIr - ok
20:01:33.0442 1568 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:01:33.0457 1568 hidserv - ok
20:01:33.0489 1568 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:01:33.0489 1568 HidUsb - ok
20:01:33.0520 1568 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:01:33.0535 1568 hkmsvc - ok
20:01:33.0567 1568 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:01:33.0582 1568 HomeGroupListener - ok
20:01:33.0613 1568 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:01:33.0613 1568 HomeGroupProvider - ok
20:01:33.0645 1568 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:01:33.0660 1568 HpSAMD - ok
20:01:33.0691 1568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:01:33.0707 1568 HTTP - ok
20:01:33.0723 1568 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:01:33.0723 1568 hwpolicy - ok
20:01:33.0754 1568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:01:33.0769 1568 i8042prt - ok
20:01:33.0769 1568 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:01:33.0785 1568 iaStorV - ok
20:01:33.0847 1568 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:01:33.0847 1568 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:01:33.0847 1568 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:01:33.0879 1568 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:01:33.0894 1568 idsvc - ok
20:01:33.0925 1568 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:01:33.0925 1568 iirsp - ok
20:01:33.0941 1568 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:01:33.0972 1568 IKEEXT - ok
20:01:34.0024 1568 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:01:34.0052 1568 IntcAzAudAddService - ok
20:01:34.0061 1568 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:01:34.0068 1568 intelide - ok
20:01:34.0088 1568 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:01:34.0095 1568 intelppm - ok
20:01:34.0115 1568 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:01:34.0137 1568 IPBusEnum - ok
20:01:34.0162 1568 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:34.0183 1568 IpFilterDriver - ok
20:01:34.0205 1568 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:01:34.0215 1568 iphlpsvc - ok
20:01:34.0235 1568 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:01:34.0242 1568 IPMIDRV - ok
20:01:34.0253 1568 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:01:34.0275 1568 IPNAT - ok
20:01:34.0334 1568 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:01:34.0348 1568 iPod Service - ok
20:01:34.0364 1568 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:01:34.0373 1568 IRENUM - ok
20:01:34.0376 1568 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:01:34.0382 1568 isapnp - ok
20:01:34.0397 1568 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:01:34.0406 1568 iScsiPrt - ok
20:01:34.0448 1568 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
20:01:34.0454 1568 JMB36X - ok
20:01:34.0495 1568 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
20:01:34.0501 1568 JRAID - ok
20:01:34.0528 1568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:01:34.0534 1568 kbdclass - ok
20:01:34.0550 1568 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:01:34.0557 1568 kbdhid - ok
20:01:34.0567 1568 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:01:34.0573 1568 KeyIso - ok
20:01:34.0585 1568 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:01:34.0592 1568 KSecDD - ok
20:01:34.0626 1568 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:01:34.0633 1568 KSecPkg - ok
20:01:34.0641 1568 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:01:34.0662 1568 ksthunk - ok
20:01:34.0686 1568 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:01:34.0710 1568 KtmRm - ok
20:01:34.0744 1568 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
20:01:34.0749 1568 LADF_DHP2 - ok
20:01:34.0769 1568 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
20:01:34.0776 1568 LADF_SBVM - ok
20:01:34.0807 1568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:01:34.0830 1568 LanmanServer - ok
20:01:34.0857 1568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:01:34.0879 1568 LanmanWorkstation - ok
20:01:34.0901 1568 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:01:34.0922 1568 lltdio - ok
20:01:34.0942 1568 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:01:34.0965 1568 lltdsvc - ok
20:01:34.0977 1568 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:01:34.0999 1568 lmhosts - ok
20:01:35.0023 1568 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:01:35.0030 1568 LSI_FC - ok
20:01:35.0035 1568 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:01:35.0042 1568 LSI_SAS - ok
20:01:35.0047 1568 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:01:35.0054 1568 LSI_SAS2 - ok
20:01:35.0062 1568 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:01:35.0069 1568 LSI_SCSI - ok
20:01:35.0085 1568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:01:35.0107 1568 luafv - ok
20:01:35.0129 1568 [ A401CFF74982D8DF851F20307C806073 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:01:35.0138 1568 LVRS64 - ok
20:01:35.0210 1568 [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:01:35.0261 1568 LVUVC64 - ok
20:01:35.0276 1568 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:01:35.0282 1568 megasas - ok
20:01:35.0297 1568 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:01:35.0306 1568 MegaSR - ok
20:01:35.0307 1568 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:01:35.0322 1568 MMCSS - ok
20:01:35.0348 1568 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:01:35.0370 1568 Modem - ok
20:01:35.0382 1568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:01:35.0390 1568 monitor - ok
20:01:35.0413 1568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:01:35.0420 1568 mouclass - ok
20:01:35.0469 1568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:01:35.0475 1568 mouhid - ok
20:01:35.0511 1568 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:01:35.0518 1568 mountmgr - ok
20:01:35.0547 1568 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:01:35.0555 1568 mpio - ok
20:01:35.0564 1568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:01:35.0586 1568 mpsdrv - ok
20:01:35.0622 1568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:01:35.0648 1568 MpsSvc - ok
20:01:35.0681 1568 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:01:35.0691 1568 MRxDAV - ok
20:01:35.0724 1568 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:01:35.0731 1568 mrxsmb - ok
20:01:35.0762 1568 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:01:35.0770 1568 mrxsmb10 - ok
20:01:35.0779 1568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:01:35.0786 1568 mrxsmb20 - ok
20:01:35.0813 1568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:01:35.0819 1568 msahci - ok
20:01:35.0830 1568 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:01:35.0837 1568 msdsm - ok
20:01:35.0849 1568 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:01:35.0857 1568 MSDTC - ok
20:01:35.0877 1568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:01:35.0898 1568 Msfs - ok
20:01:35.0908 1568 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:01:35.0929 1568 mshidkmdf - ok
20:01:35.0932 1568 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:01:35.0938 1568 msisadrv - ok
20:01:35.0956 1568 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:01:35.0979 1568 MSiSCSI - ok
20:01:35.0982 1568 msiserver - ok
20:01:36.0002 1568 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:01:36.0023 1568 MSKSSRV - ok
20:01:36.0029 1568 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:01:36.0050 1568 MSPCLOCK - ok
20:01:36.0057 1568 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:01:36.0078 1568 MSPQM - ok
20:01:36.0113 1568 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:01:36.0122 1568 MsRPC - ok
20:01:36.0125 1568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:01:36.0132 1568 mssmbios - ok
20:01:36.0139 1568 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:01:36.0161 1568 MSTEE - ok
20:01:36.0173 1568 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:01:36.0179 1568 MTConfig - ok
20:01:36.0187 1568 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:01:36.0193 1568 Mup - ok
20:01:36.0225 1568 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:01:36.0249 1568 napagent - ok
20:01:36.0268 1568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:01:36.0279 1568 NativeWifiP - ok
20:01:36.0316 1568 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:01:36.0322 1568 NDIS - ok
20:01:36.0338 1568 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:01:36.0353 1568 NdisCap - ok
20:01:36.0369 1568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:01:36.0384 1568 NdisTapi - ok
20:01:36.0416 1568 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:01:36.0447 1568 Ndisuio - ok
20:01:36.0462 1568 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:36.0494 1568 NdisWan - ok
20:01:36.0509 1568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:01:36.0540 1568 NDProxy - ok
20:01:36.0540 1568 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:01:36.0556 1568 NetBIOS - ok
20:01:36.0603 1568 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:01:36.0618 1568 NetBT - ok
20:01:36.0634 1568 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:01:36.0650 1568 Netlogon - ok
20:01:36.0681 1568 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:01:36.0696 1568 Netman - ok
20:01:36.0774 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:01:36.0774 1568 NetMsmqActivator - ok
20:01:36.0790 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:01:36.0790 1568 NetPipeActivator - ok
20:01:36.0821 1568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:01:36.0837 1568 netprofm - ok
20:01:36.0852 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:01:36.0852 1568 NetTcpActivator - ok
20:01:36.0868 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:01:36.0868 1568 NetTcpPortSharing - ok
20:01:36.0884 1568 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:01:36.0884 1568 nfrd960 - ok
20:01:36.0915 1568 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:01:36.0930 1568 NlaSvc - ok
20:01:36.0930 1568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:01:36.0946 1568 Npfs - ok
20:01:36.0977 1568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:01:36.0993 1568 nsi - ok
20:01:37.0008 1568 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:01:37.0024 1568 nsiproxy - ok
20:01:37.0071 1568 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:01:37.0086 1568 Ntfs - ok
20:01:37.0102 1568 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:01:37.0118 1568 Null - ok
20:01:37.0149 1568 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:01:37.0164 1568 nusb3hub - ok
20:01:37.0196 1568 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:01:37.0196 1568 nusb3xhc - ok
20:01:37.0227 1568 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:01:37.0227 1568 nvraid - ok
20:01:37.0242 1568 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:01:37.0242 1568 nvstor - ok
20:01:37.0274 1568 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:01:37.0274 1568 nv_agp - ok
20:01:37.0289 1568 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:01:37.0289 1568 ohci1394 - ok
20:01:37.0336 1568 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:37.0352 1568 ose - ok
20:01:37.0367 1568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:01:37.0367 1568 p2pimsvc - ok
20:01:37.0383 1568 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:01:37.0398 1568 p2psvc - ok
20:01:37.0414 1568 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:01:37.0414 1568 Parport - ok
20:01:37.0445 1568 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:01:37.0445 1568 partmgr - ok
20:01:37.0461 1568 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:01:37.0461 1568 PcaSvc - ok
20:01:37.0476 1568 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:01:37.0492 1568 pci - ok
20:01:37.0492 1568 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:01:37.0492 1568 pciide - ok
20:01:37.0508 1568 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:01:37.0523 1568 pcmcia - ok
20:01:37.0523 1568 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:01:37.0539 1568 pcw - ok
20:01:37.0554 1568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:01:37.0570 1568 PEAUTH - ok
20:01:37.0601 1568 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:01:37.0601 1568 PerfHost - ok
20:01:37.0648 1568 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:01:37.0679 1568 pla - ok
20:01:37.0726 1568 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:01:37.0726 1568 PlugPlay - ok
20:01:37.0726 1568 PnkBstrA - ok
20:01:37.0742 1568 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:01:37.0757 1568 PNRPAutoReg - ok
20:01:37.0757 1568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:01:37.0773 1568 PNRPsvc - ok
20:01:37.0788 1568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:01:37.0804 1568 PolicyAgent - ok
20:01:37.0835 1568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:01:37.0851 1568 Power - ok
20:01:37.0882 1568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:01:37.0913 1568 PptpMiniport - ok
20:01:37.0913 1568 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:01:37.0929 1568 Processor - ok
20:01:37.0960 1568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:01:37.0960 1568 ProfSvc - ok
20:01:37.0976 1568 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:01:37.0976 1568 ProtectedStorage - ok
20:01:38.0007 1568 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:01:38.0022 1568 Psched - ok
20:01:38.0054 1568 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:01:38.0069 1568 ql2300 - ok
20:01:38.0085 1568 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:01:38.0100 1568 ql40xx - ok
20:01:38.0116 1568 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:01:38.0132 1568 QWAVE - ok
20:01:38.0132 1568 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:01:38.0147 1568 QWAVEdrv - ok
20:01:38.0272 1568 [ B40AA9BE30D62B288DBF4AAA83FB2A49 ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
20:01:38.0319 1568 Radio.fx - ok
20:01:38.0366 1568 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:01:38.0366 1568 RapiMgr - ok
20:01:38.0386 1568 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:01:38.0407 1568 RasAcd - ok
20:01:38.0425 1568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:01:38.0446 1568 RasAgileVpn - ok
20:01:38.0457 1568 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:01:38.0482 1568 RasAuto - ok
20:01:38.0493 1568 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:01:38.0515 1568 Rasl2tp - ok
20:01:38.0552 1568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:01:38.0575 1568 RasMan - ok
20:01:38.0584 1568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:01:38.0606 1568 RasPppoe - ok
20:01:38.0616 1568 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:01:38.0638 1568 RasSstp - ok
20:01:38.0675 1568 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:01:38.0697 1568 rdbss - ok
20:01:38.0709 1568 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:01:38.0717 1568 rdpbus - ok
20:01:38.0720 1568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:01:38.0741 1568 RDPCDD - ok
20:01:38.0766 1568 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:01:38.0787 1568 RDPENCDD - ok
20:01:38.0795 1568 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:01:38.0816 1568 RDPREFMP - ok
20:01:38.0843 1568 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:01:38.0851 1568 RDPWD - ok
20:01:38.0878 1568 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:01:38.0887 1568 rdyboost - ok
20:01:38.0902 1568 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:01:38.0924 1568 RemoteAccess - ok
20:01:38.0940 1568 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:01:38.0963 1568 RemoteRegistry - ok
20:01:38.0983 1568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:01:39.0005 1568 RpcEptMapper - ok
20:01:39.0016 1568 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:01:39.0023 1568 RpcLocator - ok
20:01:39.0053 1568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:01:39.0077 1568 RpcSs - ok
20:01:39.0096 1568 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:01:39.0118 1568 rspndr - ok
20:01:39.0158 1568 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
20:01:39.0165 1568 RTHDMIAzAudService - ok
20:01:39.0212 1568 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:01:39.0220 1568 RTL8167 - ok
20:01:39.0228 1568 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:01:39.0234 1568 SamSs - ok
20:01:39.0268 1568 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:01:39.0275 1568 sbp2port - ok
20:01:39.0295 1568 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:01:39.0318 1568 SCardSvr - ok
20:01:39.0338 1568 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:01:39.0358 1568 scfilter - ok
20:01:39.0385 1568 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:01:39.0416 1568 Schedule - ok
20:01:39.0447 1568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:01:39.0463 1568 SCPolicySvc - ok
20:01:39.0494 1568 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:01:39.0510 1568 SDRSVC - ok
20:01:39.0510 1568 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:01:39.0541 1568 secdrv - ok
20:01:39.0557 1568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:01:39.0572 1568 seclogon - ok
20:01:39.0588 1568 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:01:39.0603 1568 SENS - ok
20:01:39.0635 1568 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:01:39.0650 1568 SensrSvc - ok
20:01:39.0666 1568 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:01:39.0666 1568 Serenum - ok
20:01:39.0681 1568 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:01:39.0681 1568 Serial - ok
20:01:39.0713 1568 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:01:39.0713 1568 sermouse - ok
20:01:39.0744 1568 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:01:39.0775 1568 SessionEnv - ok
20:01:39.0775 1568 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:01:39.0791 1568 sffdisk - ok
20:01:39.0791 1568 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:01:39.0806 1568 sffp_mmc - ok
20:01:39.0822 1568 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:01:39.0822 1568 sffp_sd - ok
20:01:39.0837 1568 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:01:39.0837 1568 sfloppy - ok
20:01:39.0869 1568 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:01:39.0884 1568 SharedAccess - ok
20:01:39.0915 1568 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:01:39.0931 1568 ShellHWDetection - ok
20:01:39.0962 1568 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:01:39.0962 1568 SiSRaid2 - ok
20:01:39.0978 1568 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:01:39.0978 1568 SiSRaid4 - ok
20:01:40.0071 1568 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:01:40.0071 1568 SkypeUpdate - ok
20:01:40.0103 1568 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:01:40.0118 1568 Smb - ok
20:01:40.0134 1568 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:01:40.0149 1568 SNMPTRAP - ok
20:01:40.0165 1568 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:01:40.0165 1568 spldr - ok
20:01:40.0196 1568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:01:40.0212 1568 Spooler - ok
20:01:40.0274 1568 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:01:40.0321 1568 sppsvc - ok
20:01:40.0337 1568 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:01:40.0352 1568 sppuinotify - ok
20:01:40.0402 1568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:01:40.0411 1568 srv - ok
20:01:40.0420 1568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:01:40.0429 1568 srv2 - ok
20:01:40.0440 1568 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:01:40.0447 1568 srvnet - ok
20:01:40.0475 1568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:01:40.0498 1568 SSDPSRV - ok
20:01:40.0508 1568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:01:40.0530 1568 SstpSvc - ok
20:01:40.0564 1568 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:01:40.0571 1568 ssudmdm - ok
20:01:40.0602 1568 Steam Client Service - ok
20:01:40.0620 1568 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:01:40.0626 1568 stexstor - ok
20:01:40.0670 1568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:01:40.0684 1568 stisvc - ok
20:01:40.0715 1568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:01:40.0721 1568 swenum - ok
20:01:40.0741 1568 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:01:40.0766 1568 swprv - ok
20:01:40.0816 1568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:01:40.0839 1568 SysMain - ok
20:01:40.0872 1568 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:01:40.0883 1568 TabletInputService - ok
20:01:40.0896 1568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:01:40.0918 1568 TapiSrv - ok
20:01:40.0941 1568 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:01:40.0963 1568 TBS - ok
20:01:41.0016 1568 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:01:41.0041 1568 Tcpip - ok
20:01:41.0068 1568 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:01:41.0092 1568 TCPIP6 - ok
20:01:41.0128 1568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:01:41.0134 1568 tcpipreg - ok
20:01:41.0143 1568 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:01:41.0149 1568 TDPIPE - ok
20:01:41.0173 1568 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:01:41.0178 1568 TDTCP - ok
20:01:41.0215 1568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:01:41.0236 1568 tdx - ok
20:01:41.0248 1568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:01:41.0255 1568 TermDD - ok
20:01:41.0292 1568 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:01:41.0318 1568 TermService - ok
20:01:41.0331 1568 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:01:41.0341 1568 Themes - ok
20:01:41.0368 1568 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:01:41.0390 1568 THREADORDER - ok
20:01:41.0417 1568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:01:41.0440 1568 TrkWks - ok
20:01:41.0470 1568 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:01:41.0492 1568 TrustedInstaller - ok
20:01:41.0531 1568 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:01:41.0551 1568 tssecsrv - ok
20:01:41.0574 1568 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:01:41.0580 1568 TsUsbFlt - ok
20:01:41.0621 1568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:01:41.0642 1568 tunnel - ok
20:01:41.0656 1568 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:01:41.0663 1568 uagp35 - ok
20:01:41.0698 1568 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:01:41.0720 1568 udfs - ok
20:01:41.0736 1568 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:01:41.0744 1568 UI0Detect - ok
20:01:41.0755 1568 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:01:41.0762 1568 uliagpkx - ok
20:01:41.0774 1568 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:01:41.0780 1568 umbus - ok
20:01:41.0793 1568 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:01:41.0799 1568 UmPass - ok
20:01:41.0824 1568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:01:41.0848 1568 upnphost - ok
20:01:41.0911 1568 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:01:41.0917 1568 USBAAPL64 - ok
20:01:41.0950 1568 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:01:41.0958 1568 usbaudio - ok
20:01:41.0992 1568 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:01:41.0998 1568 usbccgp - ok
20:01:42.0031 1568 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:01:42.0039 1568 usbcir - ok
20:01:42.0051 1568 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:01:42.0057 1568 usbehci - ok
20:01:42.0098 1568 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
20:01:42.0104 1568 usbfilter - ok
20:01:42.0123 1568 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:01:42.0131 1568 usbhub - ok
20:01:42.0144 1568 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:01:42.0150 1568 usbohci - ok
20:01:42.0178 1568 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:01:42.0185 1568 usbprint - ok
20:01:42.0214 1568 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:01:42.0222 1568 usbscan - ok
20:01:42.0230 1568 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:01:42.0236 1568 USBSTOR - ok
20:01:42.0247 1568 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:01:42.0254 1568 usbuhci - ok
20:01:42.0299 1568 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:01:42.0305 1568 usb_rndisx - ok
20:01:42.0317 1568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:01:42.0339 1568 UxSms - ok
20:01:42.0349 1568 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:01:42.0356 1568 VaultSvc - ok
20:01:42.0364 1568 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:01:42.0370 1568 vdrvroot - ok
20:01:42.0401 1568 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:01:42.0417 1568 vds - ok
20:01:42.0432 1568 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:01:42.0432 1568 vga - ok
20:01:42.0448 1568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:01:42.0463 1568 VgaSave - ok
20:01:42.0479 1568 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:01:42.0495 1568 vhdmp - ok
20:01:42.0526 1568 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:01:42.0526 1568 viaide - ok
20:01:42.0541 1568 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:01:42.0541 1568 volmgr - ok
20:01:42.0573 1568 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:01:42.0588 1568 volmgrx - ok
20:01:42.0604 1568 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:01:42.0604 1568 volsnap - ok
20:01:42.0635 1568 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:01:42.0635 1568 vsmraid - ok
20:01:42.0682 1568 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:01:42.0713 1568 VSS - ok
20:01:42.0729 1568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:01:42.0729 1568 vwifibus - ok
20:01:42.0744 1568 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:01:42.0775 1568 W32Time - ok
20:01:42.0775 1568 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:01:42.0791 1568 WacomPen - ok
20:01:42.0822 1568 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:01:42.0838 1568 WANARP - ok
20:01:42.0853 1568 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:01:42.0869 1568 Wanarpv6 - ok
20:01:42.0900 1568 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:01:42.0916 1568 wbengine - ok
20:01:42.0931 1568 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:01:42.0947 1568 WbioSrvc - ok
20:01:42.0994 1568 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:01:42.0994 1568 WcesComm - ok
20:01:43.0009 1568 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:01:43.0025 1568 wcncsvc - ok
20:01:43.0056 1568 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:01:43.0056 1568 WcsPlugInService - ok
20:01:43.0056 1568 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:01:43.0072 1568 Wd - ok
20:01:43.0103 1568 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:01:43.0119 1568 Wdf01000 - ok
20:01:43.0134 1568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:01:43.0134 1568 WdiServiceHost - ok
20:01:43.0134 1568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:01:43.0150 1568 WdiSystemHost - ok
20:01:43.0181 1568 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:01:43.0197 1568 WebClient - ok
20:01:43.0197 1568 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:01:43.0228 1568 Wecsvc - ok
20:01:43.0228 1568 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:01:43.0259 1568 wercplsupport - ok
20:01:43.0275 1568 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:01:43.0290 1568 WerSvc - ok
20:01:43.0306 1568 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:01:43.0321 1568 WfpLwf - ok
20:01:43.0337 1568 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:01:43.0353 1568 WIMMount - ok
20:01:43.0353 1568 WinDefend - ok
20:01:43.0368 1568 WinHttpAutoProxySvc - ok
20:01:43.0399 1568 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:01:43.0431 1568 Winmgmt - ok
20:01:43.0509 1568 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
20:01:43.0524 1568 WinRing0_1_2_0 - ok
20:01:43.0540 1568 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:01:43.0571 1568 WinRM - ok
20:01:43.0618 1568 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:01:43.0633 1568 WinUsb - ok
20:01:43.0665 1568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:01:43.0680 1568 Wlansvc - ok
20:01:43.0758 1568 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:01:43.0789 1568 wlidsvc - ok
20:01:43.0805 1568 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:01:43.0821 1568 WmiAcpi - ok
20:01:43.0836 1568 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:01:43.0836 1568 wmiApSrv - ok
20:01:43.0852 1568 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:01:43.0852 1568 WPCSvc - ok
20:01:43.0883 1568 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:01:43.0883 1568 WPDBusEnum - ok
20:01:43.0899 1568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:01:43.0930 1568 ws2ifsl - ok
20:01:43.0930 1568 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:01:43.0945 1568 wscsvc - ok
20:01:44.0008 1568 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:01:44.0039 1568 wuauserv - ok
20:01:44.0055 1568 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:01:44.0070 1568 WudfPf - ok
20:01:44.0101 1568 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:44.0101 1568 WUDFRd - ok
20:01:44.0133 1568 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:01:44.0133 1568 wudfsvc - ok
20:01:44.0148 1568 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:01:44.0148 1568 WwanSvc - ok
20:01:44.0164 1568 ================ Scan global ===============================
20:01:44.0195 1568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:01:44.0226 1568 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:01:44.0226 1568 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:01:44.0242 1568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:01:44.0257 1568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:01:44.0273 1568 [Global] - ok
20:01:44.0273 1568 ================ Scan MBR ==================================
20:01:44.0273 1568 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:01:44.0320 1568 \Device\Harddisk0\DR0 - ok
20:01:44.0335 1568 [ 3F217AA00F5333EE4FC0F117341604AE ] \Device\Harddisk1\DR1
20:01:44.0504 1568 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
20:01:44.0504 1568 \Device\Harddisk1\DR1 - detected TDSS File System (1)
20:01:44.0505 1568 ================ Scan VBR ==================================
20:01:44.0506 1568 [ 16B3F20A8E4DA619376AB550FDD8FAFA ] \Device\Harddisk0\DR0\Partition1
20:01:44.0507 1568 \Device\Harddisk0\DR0\Partition1 - ok
20:01:44.0509 1568 [ DD9154D684E6B5DF850E4C2312795C00 ] \Device\Harddisk0\DR0\Partition2
20:01:44.0510 1568 \Device\Harddisk0\DR0\Partition2 - ok
20:01:44.0537 1568 [ 3AFB5538021C88D7E1F82354EDC288CC ] \Device\Harddisk1\DR1\Partition1
20:01:44.0538 1568 \Device\Harddisk1\DR1\Partition1 - ok
20:01:44.0538 1568 ============================================================
20:01:44.0538 1568 Scan finished
20:01:44.0538 1568 ============================================================
20:01:44.0544 1004 Detected object count: 2
20:01:44.0544 1004 Actual detected object count: 2
20:03:10.0210 1004 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:10.0210 1004 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:10.0210 1004 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
20:03:10.0210 1004 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip

markusg 07.01.2013 20:14
Hab ich mir fast gedacht...
bitte starte den TDSS killer mit den Parametern von oben.
bei dem Eintrag:
TDSS File System
wähle cure bzw delete.
Starte neu, starte den TDSS killer mit den Parametern von oben, und erstelle und poste ein neues Log

herbcyy 07.01.2013 20:20
Neuer Post:

Zitat:
20:19:14.0492 1536 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:19:14.0664 1536 ============================================================
20:19:14.0664 1536 Current date / time: 2013/01/07 20:19:14.0664
20:19:14.0664 1536 SystemInfo:
20:19:14.0664 1536
20:19:14.0664 1536 OS Version: 6.1.7601 ServicePack: 1.0
20:19:14.0664 1536 Product type: Workstation
20:19:14.0664 1536 ComputerName: JONAS-PC
20:19:14.0664 1536 UserName: jonas
20:19:14.0664 1536 Windows directory: C:\Windows
20:19:14.0664 1536 System windows directory: C:\Windows
20:19:14.0664 1536 Running under WOW64
20:19:14.0664 1536 Processor architecture: Intel x64
20:19:14.0664 1536 Number of processors: 6
20:19:14.0664 1536 Page size: 0x1000
20:19:14.0664 1536 Boot type: Safe boot with network
20:19:14.0664 1536 ============================================================
20:19:15.0693 1536 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:15.0693 1536 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:15.0693 1536 ============================================================
20:19:15.0693 1536 \Device\Harddisk0\DR0:
20:19:15.0709 1536 MBR partitions:
20:19:15.0709 1536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:19:15.0709 1536 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D000
20:19:15.0709 1536 \Device\Harddisk1\DR1:
20:19:15.0709 1536 MBR partitions:
20:19:15.0709 1536 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:19:15.0709 1536 ============================================================
20:19:15.0724 1536 C: <-> \Device\Harddisk1\DR1\Partition1
20:19:15.0724 1536 D: <-> \Device\Harddisk0\DR0\Partition2
20:19:15.0724 1536 ============================================================
20:19:15.0724 1536 Initialize success
20:19:15.0724 1536 ============================================================
20:19:30.0127 1888 ============================================================
20:19:30.0127 1888 Scan started
20:19:30.0127 1888 Mode: Manual;
20:19:30.0127 1888 ============================================================
20:19:30.0867 1888 ================ Scan system memory ========================
20:19:30.0867 1888 System memory - ok
20:19:30.0867 1888 ================ Scan services =============================
20:19:31.0164 1888 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:19:31.0164 1888 1394ohci - ok
20:19:31.0211 1888 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:19:31.0211 1888 ACPI - ok
20:19:31.0211 1888 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:19:31.0211 1888 AcpiPmi - ok
20:19:31.0320 1888 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:31.0320 1888 AdobeARMservice - ok
20:19:31.0351 1888 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:19:31.0351 1888 adp94xx - ok
20:19:31.0367 1888 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:19:31.0367 1888 adpahci - ok
20:19:31.0382 1888 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:19:31.0382 1888 adpu320 - ok
20:19:31.0398 1888 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:31.0398 1888 AeLookupSvc - ok
20:19:31.0429 1888 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:19:31.0445 1888 AFD - ok
20:19:31.0445 1888 Scan interrupted by user!
20:19:31.0445 1888 ================ Scan global ===============================
20:19:31.0445 1888 Scan interrupted by user!
20:19:31.0445 1888 ================ Scan MBR ==================================
20:19:31.0445 1888 Scan interrupted by user!
20:19:31.0445 1888 ================ Scan VBR ==================================
20:19:31.0445 1888 Scan interrupted by user!
20:19:31.0445 1888 ============================================================
20:19:31.0445 1888 Scan finished
20:19:31.0445 1888 ============================================================
20:19:31.0445 0144 Detected object count: 0
20:19:31.0445 0144 Actual detected object count: 0
20:19:36.0452 1876 ============================================================
20:19:36.0452 1876 Scan started
20:19:36.0452 1876 Mode: Manual; SigCheck; TDLFS;
20:19:36.0452 1876 ============================================================
20:19:36.0733 1876 ================ Scan system memory ========================
20:19:36.0733 1876 System memory - ok
20:19:36.0733 1876 ================ Scan services =============================
20:19:36.0764 1876 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:19:37.0014 1876 1394ohci - ok
20:19:37.0014 1876 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:19:37.0029 1876 ACPI - ok
20:19:37.0029 1876 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:19:37.0092 1876 AcpiPmi - ok
20:19:37.0092 1876 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:37.0092 1876 AdobeARMservice - ok
20:19:37.0107 1876 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:19:37.0107 1876 adp94xx - ok
20:19:37.0123 1876 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:19:37.0123 1876 adpahci - ok
20:19:37.0139 1876 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:19:37.0139 1876 adpu320 - ok
20:19:37.0154 1876 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:37.0232 1876 AeLookupSvc - ok
20:19:37.0248 1876 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:19:37.0295 1876 AFD - ok
20:19:37.0295 1876 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:19:37.0310 1876 agp440 - ok
20:19:37.0326 1876 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:19:37.0373 1876 ALG - ok
20:19:37.0388 1876 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:19:37.0388 1876 aliide - ok
20:19:37.0419 1876 [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:19:37.0497 1876 AMD External Events Utility - ok
20:19:37.0497 1876 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:19:37.0513 1876 amdide - ok
20:19:37.0529 1876 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:19:37.0575 1876 AmdK8 - ok
20:19:37.0700 1876 [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:19:37.0809 1876 amdkmdag - ok
20:19:37.0825 1876 [ 20B63276A1920B41E1C56720B395049B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:19:37.0856 1876 amdkmdap - ok
20:19:37.0872 1876 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:19:37.0903 1876 AmdPPM - ok
20:19:37.0950 1876 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:19:37.0950 1876 amdsata - ok
20:19:37.0981 1876 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:19:37.0997 1876 amdsbs - ok
20:19:37.0997 1876 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:19:37.0997 1876 amdxata - ok
20:19:38.0075 1876 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:19:38.0075 1876 AntiVirSchedulerService - ok
20:19:38.0121 1876 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:19:38.0137 1876 AntiVirService - ok
20:19:38.0184 1876 AODDriver - ok
20:19:38.0231 1876 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:19:38.0324 1876 AppID - ok
20:19:38.0340 1876 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:19:38.0387 1876 AppIDSvc - ok
20:19:38.0402 1876 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:19:38.0433 1876 Appinfo - ok
20:19:38.0527 1876 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:38.0543 1876 Apple Mobile Device - ok
20:19:38.0574 1876 [ 301AA64F9643BC453D90A66C4C0E7204 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
20:19:38.0574 1876 AppleCharger - ok
20:19:38.0589 1876 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
20:19:38.0589 1876 AppleChargerSrv - ok
20:19:38.0605 1876 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:19:38.0621 1876 arc - ok
20:19:38.0621 1876 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:19:38.0636 1876 arcsas - ok
20:19:38.0730 1876 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:19:38.0792 1876 aspnet_state - ok
20:19:38.0808 1876 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:19:38.0839 1876 AsyncMac - ok
20:19:38.0886 1876 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:19:38.0901 1876 atapi - ok
20:19:38.0933 1876 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:19:38.0933 1876 AtiPcie - ok
20:19:38.0964 1876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:19:39.0011 1876 AudioEndpointBuilder - ok
20:19:39.0026 1876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:19:39.0057 1876 AudioSrv - ok
20:19:39.0073 1876 [ B1224E6B086CD6548315B04AB575A23E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:19:39.0073 1876 avgntflt - ok
20:19:39.0104 1876 [ ED45F12CFA62B83765C9C1496758CC87 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:19:39.0120 1876 avipbb - ok
20:19:39.0151 1876 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:19:39.0213 1876 AxInstSV - ok
20:19:39.0245 1876 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:19:39.0291 1876 b06bdrv - ok
20:19:39.0307 1876 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:19:39.0323 1876 b57nd60a - ok
20:19:39.0354 1876 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:19:39.0369 1876 BDESVC - ok
20:19:39.0385 1876 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:19:39.0432 1876 Beep - ok
20:19:39.0479 1876 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:19:39.0510 1876 BFE - ok
20:19:39.0541 1876 BITCOMET_HELPER_SERVICE - ok
20:19:39.0572 1876 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:19:39.0603 1876 BITS - ok
20:19:39.0635 1876 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:19:39.0650 1876 blbdrive - ok
20:19:39.0728 1876 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:19:39.0744 1876 Bonjour Service - ok
20:19:39.0775 1876 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:19:39.0806 1876 bowser - ok
20:19:39.0837 1876 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:19:39.0884 1876 BrFiltLo - ok
20:19:39.0900 1876 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:19:39.0900 1876 BrFiltUp - ok
20:19:39.0931 1876 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:19:39.0947 1876 Browser - ok
20:19:40.0071 1876 [ 52BE156F6C23B2995AFACE7091D18493 ] Browser Manager C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
20:19:40.0103 1876 Browser Manager - ok
20:19:40.0118 1876 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:19:40.0165 1876 Brserid - ok
20:19:40.0165 1876 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:19:40.0181 1876 BrSerWdm - ok
20:19:40.0212 1876 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:19:40.0227 1876 BrUsbMdm - ok
20:19:40.0243 1876 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:19:40.0259 1876 BrUsbSer - ok
20:19:40.0274 1876 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:19:40.0305 1876 BTHMODEM - ok
20:19:40.0321 1876 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:19:40.0352 1876 bthserv - ok
20:19:40.0368 1876 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:19:40.0399 1876 cdfs - ok
20:19:40.0461 1876 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:19:40.0477 1876 cdrom - ok
20:19:40.0524 1876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:19:40.0539 1876 CertPropSvc - ok
20:19:40.0571 1876 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:19:40.0571 1876 circlass - ok
20:19:40.0602 1876 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:19:40.0602 1876 CLFS - ok
20:19:40.0649 1876 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:40.0649 1876 clr_optimization_v2.0.50727_32 - ok
20:19:40.0680 1876 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:19:40.0695 1876 clr_optimization_v2.0.50727_64 - ok
20:19:40.0758 1876 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:19:40.0836 1876 clr_optimization_v4.0.30319_32 - ok
20:19:40.0851 1876 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:19:40.0898 1876 clr_optimization_v4.0.30319_64 - ok
20:19:40.0929 1876 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:19:40.0945 1876 CmBatt - ok
20:19:40.0961 1876 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:19:40.0976 1876 cmdide - ok
20:19:41.0007 1876 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:19:41.0039 1876 CNG - ok
20:19:41.0054 1876 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:19:41.0070 1876 Compbatt - ok
20:19:41.0085 1876 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:19:41.0117 1876 CompositeBus - ok
20:19:41.0117 1876 COMSysApp - ok
20:19:41.0132 1876 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:19:41.0132 1876 crcdisk - ok
20:19:41.0179 1876 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:19:41.0226 1876 CryptSvc - ok
20:19:41.0257 1876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:19:41.0288 1876 DcomLaunch - ok
20:19:41.0351 1876 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:19:41.0413 1876 defragsvc - ok
20:19:41.0585 1876 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:19:41.0631 1876 DfsC - ok
20:19:41.0959 1876 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:19:41.0959 1876 dg_ssudbus - ok
20:19:41.0975 1876 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:19:42.0006 1876 Dhcp - ok
20:19:42.0021 1876 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:19:42.0053 1876 discache - ok
20:19:42.0068 1876 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:19:42.0084 1876 Disk - ok
20:19:42.0115 1876 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:19:42.0146 1876 Dnscache - ok
20:19:42.0177 1876 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:19:42.0209 1876 dot3svc - ok
20:19:42.0240 1876 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:19:42.0271 1876 DPS - ok
20:19:42.0349 1876 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:19:42.0396 1876 drmkaud - ok
20:19:42.0567 1876 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:19:42.0583 1876 DXGKrnl - ok
20:19:42.0677 1876 EagleX64 - ok
20:19:42.0692 1876 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:19:42.0755 1876 EapHost - ok
20:19:43.0285 1876 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:19:43.0347 1876 ebdrv - ok
20:19:43.0363 1876 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:19:43.0410 1876 EFS - ok
20:19:43.0425 1876 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:19:43.0441 1876 elxstor - ok
20:19:43.0457 1876 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:19:43.0472 1876 ErrDev - ok
20:19:43.0503 1876 [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
20:19:43.0519 1876 ES lite Service - ok
20:19:43.0535 1876 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:19:43.0581 1876 EventSystem - ok
20:19:43.0597 1876 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:19:43.0628 1876 exfat - ok
20:19:43.0644 1876 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:19:43.0675 1876 fastfat - ok
20:19:43.0706 1876 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:19:43.0722 1876 fdc - ok
20:19:43.0737 1876 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:19:43.0769 1876 fdPHost - ok
20:19:43.0784 1876 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:19:43.0831 1876 FDResPub - ok
20:19:43.0847 1876 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:19:43.0847 1876 FileInfo - ok
20:19:43.0862 1876 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:19:43.0893 1876 Filetrace - ok
20:19:43.0925 1876 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:19:43.0925 1876 flpydisk - ok
20:19:43.0956 1876 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:19:43.0971 1876 FltMgr - ok
20:19:44.0018 1876 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:19:44.0065 1876 FontCache - ok
20:19:44.0112 1876 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:19:44.0112 1876 FontCache3.0.0.0 - ok
20:19:44.0127 1876 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:19:44.0143 1876 FsDepends - ok
20:19:44.0174 1876 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:19:44.0174 1876 Fs_Rec - ok
20:19:44.0221 1876 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:19:44.0237 1876 fvevol - ok
20:19:44.0252 1876 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:19:44.0252 1876 gagp30kx - ok
20:19:44.0283 1876 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
20:19:44.0283 1876 gdrv - ok
20:19:44.0330 1876 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:19:44.0330 1876 GEARAspiWDM - ok
20:19:44.0361 1876 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:19:44.0408 1876 gpsvc - ok
20:19:44.0424 1876 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
20:19:44.0424 1876 GVTDrv64 - ok
20:19:44.0439 1876 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:19:44.0471 1876 hcw85cir - ok
20:19:44.0517 1876 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:19:44.0533 1876 HdAudAddService - ok
20:19:44.0564 1876 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:19:44.0564 1876 HDAudBus - ok
20:19:44.0580 1876 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:19:44.0595 1876 HidBatt - ok
20:19:44.0611 1876 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:19:44.0627 1876 HidBth - ok
20:19:44.0642 1876 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:19:44.0642 1876 HidIr - ok
20:19:44.0658 1876 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:19:44.0689 1876 hidserv - ok
20:19:44.0751 1876 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:19:44.0751 1876 HidUsb - ok
20:19:44.0767 1876 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:19:44.0783 1876 hkmsvc - ok
20:19:44.0814 1876 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:19:44.0829 1876 HomeGroupListener - ok
20:19:44.0861 1876 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:19:44.0876 1876 HomeGroupProvider - ok
20:19:44.0923 1876 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:19:44.0939 1876 HpSAMD - ok
20:19:44.0970 1876 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:19:45.0001 1876 HTTP - ok
20:19:45.0017 1876 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:19:45.0017 1876 hwpolicy - ok
20:19:45.0063 1876 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:19:45.0063 1876 i8042prt - ok
20:19:45.0079 1876 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:19:45.0095 1876 iaStorV - ok
20:19:45.0141 1876 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:19:45.0157 1876 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:19:45.0157 1876 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:19:45.0188 1876 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:19:45.0204 1876 idsvc - ok
20:19:45.0235 1876 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:19:45.0235 1876 iirsp - ok
20:19:45.0266 1876 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:19:45.0297 1876 IKEEXT - ok
20:19:45.0360 1876 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:19:45.0391 1876 IntcAzAudAddService - ok
20:19:45.0407 1876 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:19:45.0407 1876 intelide - ok
20:19:45.0422 1876 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:19:45.0453 1876 intelppm - ok
20:19:45.0469 1876 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:19:45.0500 1876 IPBusEnum - ok
20:19:45.0531 1876 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:19:45.0578 1876 IpFilterDriver - ok
20:19:45.0609 1876 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:19:45.0641 1876 iphlpsvc - ok
20:19:45.0672 1876 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:19:45.0687 1876 IPMIDRV - ok
20:19:45.0687 1876 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:19:45.0734 1876 IPNAT - ok
20:19:45.0797 1876 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:19:45.0812 1876 iPod Service - ok
20:19:45.0812 1876 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:19:45.0859 1876 IRENUM - ok
20:19:45.0875 1876 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:19:45.0875 1876 isapnp - ok
20:19:45.0906 1876 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:19:45.0921 1876 iScsiPrt - ok
20:19:45.0984 1876 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
20:19:45.0984 1876 JMB36X - ok
20:19:46.0015 1876 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
20:19:46.0031 1876 JRAID - ok
20:19:46.0062 1876 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:19:46.0077 1876 kbdclass - ok
20:19:46.0077 1876 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:19:46.0093 1876 kbdhid - ok
20:19:46.0093 1876 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:19:46.0109 1876 KeyIso - ok
20:19:46.0140 1876 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:19:46.0140 1876 KSecDD - ok
20:19:46.0171 1876 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:19:46.0187 1876 KSecPkg - ok
20:19:46.0202 1876 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:19:46.0233 1876 ksthunk - ok
20:19:46.0249 1876 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:19:46.0280 1876 KtmRm - ok
20:19:46.0327 1876 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
20:19:46.0327 1876 LADF_DHP2 - ok
20:19:46.0343 1876 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
20:19:46.0358 1876 LADF_SBVM - ok
20:19:46.0389 1876 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:19:46.0436 1876 LanmanServer - ok
20:19:46.0452 1876 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:19:46.0483 1876 LanmanWorkstation - ok
20:19:46.0514 1876 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:19:46.0530 1876 lltdio - ok
20:19:46.0561 1876 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:19:46.0592 1876 lltdsvc - ok
20:19:46.0608 1876 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:19:46.0623 1876 lmhosts - ok
20:19:46.0655 1876 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:19:46.0655 1876 LSI_FC - ok
20:19:46.0670 1876 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:19:46.0686 1876 LSI_SAS - ok
20:19:46.0701 1876 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:19:46.0701 1876 LSI_SAS2 - ok
20:19:46.0717 1876 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:19:46.0717 1876 LSI_SCSI - ok
20:19:46.0733 1876 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:19:46.0748 1876 luafv - ok
20:19:46.0779 1876 [ A401CFF74982D8DF851F20307C806073 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:19:46.0795 1876 LVRS64 - ok
20:19:46.0857 1876 [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:19:46.0935 1876 LVUVC64 - ok
20:19:46.0951 1876 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:19:46.0951 1876 megasas - ok
20:19:46.0967 1876 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:19:46.0982 1876 MegaSR - ok
20:19:46.0998 1876 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:19:47.0045 1876 MMCSS - ok
20:19:47.0060 1876 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:19:47.0091 1876 Modem - ok
20:19:47.0107 1876 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:19:47.0123 1876 monitor - ok
20:19:47.0169 1876 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:19:47.0169 1876 mouclass - ok
20:19:47.0185 1876 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:19:47.0201 1876 mouhid - ok
20:19:47.0232 1876 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:19:47.0247 1876 mountmgr - ok
20:19:47.0263 1876 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:19:47.0279 1876 mpio - ok
20:19:47.0279 1876 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:19:47.0310 1876 mpsdrv - ok
20:19:47.0341 1876 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:19:47.0388 1876 MpsSvc - ok
20:19:47.0419 1876 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:19:47.0419 1876 MRxDAV - ok
20:19:47.0450 1876 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:19:47.0466 1876 mrxsmb - ok
20:19:47.0513 1876 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:19:47.0528 1876 mrxsmb10 - ok
20:19:47.0544 1876 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:19:47.0559 1876 mrxsmb20 - ok
20:19:47.0591 1876 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:19:47.0591 1876 msahci - ok
20:19:47.0606 1876 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:19:47.0606 1876 msdsm - ok
20:19:47.0622 1876 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:19:47.0622 1876 MSDTC - ok
20:19:47.0653 1876 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:19:47.0669 1876 Msfs - ok
20:19:47.0684 1876 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:19:47.0715 1876 mshidkmdf - ok
20:19:47.0731 1876 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:19:47.0747 1876 msisadrv - ok
20:19:47.0762 1876 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:19:47.0793 1876 MSiSCSI - ok
20:19:47.0793 1876 msiserver - ok
20:19:47.0825 1876 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:19:47.0856 1876 MSKSSRV - ok
20:19:47.0871 1876 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:19:47.0887 1876 MSPCLOCK - ok
20:19:47.0903 1876 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:19:47.0934 1876 MSPQM - ok
20:19:47.0965 1876 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:19:47.0981 1876 MsRPC - ok
20:19:47.0981 1876 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:19:47.0981 1876 mssmbios - ok
20:19:47.0996 1876 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:19:48.0043 1876 MSTEE - ok
20:19:48.0059 1876 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:19:48.0074 1876 MTConfig - ok
20:19:48.0090 1876 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:19:48.0090 1876 Mup - ok
20:19:48.0121 1876 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:19:48.0168 1876 napagent - ok
20:19:48.0183 1876 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:19:48.0215 1876 NativeWifiP - ok
20:19:48.0277 1876 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:19:48.0293 1876 NDIS - ok
20:19:48.0308 1876 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:19:48.0324 1876 NdisCap - ok
20:19:48.0339 1876 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:19:48.0371 1876 NdisTapi - ok
20:19:48.0402 1876 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:19:48.0417 1876 Ndisuio - ok
20:19:48.0449 1876 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:19:48.0480 1876 NdisWan - ok
20:19:48.0495 1876 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:19:48.0527 1876 NDProxy - ok
20:19:48.0527 1876 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:19:48.0558 1876 NetBIOS - ok
20:19:48.0605 1876 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:19:48.0636 1876 NetBT - ok
20:19:48.0651 1876 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:19:48.0651 1876 Netlogon - ok
20:19:48.0683 1876 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:19:48.0729 1876 Netman - ok
20:19:48.0807 1876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:48.0823 1876 NetMsmqActivator - ok
20:19:48.0854 1876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:48.0854 1876 NetPipeActivator - ok
20:19:48.0870 1876 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:19:48.0901 1876 netprofm - ok
20:19:48.0917 1876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:48.0932 1876 NetTcpActivator - ok
20:19:48.0932 1876 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:19:48.0932 1876 NetTcpPortSharing - ok
20:19:48.0948 1876 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:19:48.0963 1876 nfrd960 - ok
20:19:48.0995 1876 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:19:49.0010 1876 NlaSvc - ok
20:19:49.0041 1876 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:19:49.0057 1876 Npfs - ok
20:19:49.0073 1876 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:19:49.0104 1876 nsi - ok
20:19:49.0119 1876 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:19:49.0151 1876 nsiproxy - ok
20:19:49.0197 1876 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:19:49.0229 1876 Ntfs - ok
20:19:49.0244 1876 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:19:49.0275 1876 Null - ok
20:19:49.0307 1876 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:19:49.0353 1876 nusb3hub - ok
20:19:49.0369 1876 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:19:49.0385 1876 nusb3xhc - ok
20:19:49.0416 1876 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:19:49.0431 1876 nvraid - ok
20:19:49.0447 1876 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:19:49.0447 1876 nvstor - ok
20:19:49.0478 1876 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:19:49.0494 1876 nv_agp - ok
20:19:49.0509 1876 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:19:49.0525 1876 ohci1394 - ok
20:19:49.0572 1876 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:19:49.0587 1876 ose - ok
20:19:49.0603 1876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:19:49.0619 1876 p2pimsvc - ok
20:19:49.0634 1876 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:19:49.0650 1876 p2psvc - ok
20:19:49.0665 1876 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:19:49.0665 1876 Parport - ok
20:19:49.0697 1876 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:19:49.0697 1876 partmgr - ok
20:19:49.0712 1876 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:19:49.0728 1876 PcaSvc - ok
20:19:49.0743 1876 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:19:49.0759 1876 pci - ok
20:19:49.0759 1876 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:19:49.0775 1876 pciide - ok
20:19:49.0775 1876 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:19:49.0790 1876 pcmcia - ok
20:19:49.0806 1876 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:19:49.0806 1876 pcw - ok
20:19:49.0821 1876 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:19:49.0868 1876 PEAUTH - ok
20:19:49.0884 1876 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:19:49.0915 1876 PerfHost - ok
20:19:49.0962 1876 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:19:50.0009 1876 pla - ok
20:19:50.0040 1876 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:19:50.0055 1876 PlugPlay - ok
20:19:50.0071 1876 PnkBstrA - ok
20:19:50.0102 1876 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:19:50.0102 1876 PNRPAutoReg - ok
20:19:50.0102 1876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:19:50.0118 1876 PNRPsvc - ok
20:19:50.0133 1876 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:19:50.0180 1876 PolicyAgent - ok
20:19:50.0211 1876 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:19:50.0243 1876 Power - ok
20:19:50.0289 1876 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:19:50.0321 1876 PptpMiniport - ok
20:19:50.0336 1876 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:19:50.0352 1876 Processor - ok
20:19:50.0399 1876 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:19:50.0445 1876 ProfSvc - ok
20:19:50.0461 1876 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:19:50.0461 1876 ProtectedStorage - ok
20:19:50.0492 1876 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:19:50.0539 1876 Psched - ok
20:19:50.0570 1876 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:19:50.0601 1876 ql2300 - ok
20:19:50.0617 1876 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:19:50.0617 1876 ql40xx - ok
20:19:50.0648 1876 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:19:50.0664 1876 QWAVE - ok
20:19:50.0679 1876 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:19:50.0695 1876 QWAVEdrv - ok
20:19:50.0820 1876 [ B40AA9BE30D62B288DBF4AAA83FB2A49 ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
20:19:50.0882 1876 Radio.fx - ok
20:19:50.0929 1876 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:19:50.0929 1876 RapiMgr - ok
20:19:50.0945 1876 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:19:50.0960 1876 RasAcd - ok
20:19:50.0991 1876 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:19:51.0007 1876 RasAgileVpn - ok
20:19:51.0038 1876 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:19:51.0132 1876 RasAuto - ok
20:19:51.0163 1876 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:19:51.0210 1876 Rasl2tp - ok
20:19:51.0241 1876 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:19:51.0272 1876 RasMan - ok
20:19:51.0288 1876 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:19:51.0319 1876 RasPppoe - ok
20:19:51.0350 1876 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:19:51.0366 1876 RasSstp - ok
20:19:51.0397 1876 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:19:51.0428 1876 rdbss - ok
20:19:51.0444 1876 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:19:51.0475 1876 rdpbus - ok
20:19:51.0475 1876 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:19:51.0491 1876 RDPCDD - ok
20:19:51.0522 1876 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:19:51.0553 1876 RDPENCDD - ok
20:19:51.0584 1876 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:19:51.0600 1876 RDPREFMP - ok
20:19:51.0631 1876 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:19:51.0662 1876 RDPWD - ok
20:19:51.0709 1876 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:19:51.0709 1876 rdyboost - ok
20:19:51.0725 1876 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:19:51.0756 1876 RemoteAccess - ok
20:19:51.0787 1876 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:19:51.0818 1876 RemoteRegistry - ok
20:19:51.0849 1876 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:19:51.0881 1876 RpcEptMapper - ok
20:19:51.0896 1876 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:19:51.0912 1876 RpcLocator - ok
20:19:51.0927 1876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:19:51.0959 1876 RpcSs - ok
20:19:51.0974 1876 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:19:52.0005 1876 rspndr - ok
20:19:52.0037 1876 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
20:19:52.0052 1876 RTHDMIAzAudService - ok
20:19:52.0099 1876 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:19:52.0099 1876 RTL8167 - ok
20:19:52.0115 1876 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:19:52.0115 1876 SamSs - ok
20:19:52.0146 1876 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:19:52.0161 1876 sbp2port - ok
20:19:52.0177 1876 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:19:52.0208 1876 SCardSvr - ok
20:19:52.0239 1876 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:19:52.0255 1876 scfilter - ok
20:19:52.0286 1876 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:19:52.0317 1876 Schedule - ok
20:19:52.0349 1876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:19:52.0380 1876 SCPolicySvc - ok
20:19:52.0411 1876 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:19:52.0427 1876 SDRSVC - ok
20:19:52.0442 1876 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:19:52.0473 1876 secdrv - ok
20:19:52.0505 1876 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:19:52.0536 1876 seclogon - ok
20:19:52.0551 1876 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:19:52.0583 1876 SENS - ok
20:19:52.0614 1876 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:19:52.0629 1876 SensrSvc - ok
20:19:52.0645 1876 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:19:52.0645 1876 Serenum - ok
20:19:52.0661 1876 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:19:52.0676 1876 Serial - ok
20:19:52.0707 1876 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:19:52.0723 1876 sermouse - ok
20:19:52.0754 1876 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:19:52.0801 1876 SessionEnv - ok
20:19:52.0801 1876 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:19:52.0832 1876 sffdisk - ok
20:19:52.0848 1876 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:19:52.0863 1876 sffp_mmc - ok
20:19:52.0895 1876 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:19:52.0910 1876 sffp_sd - ok
20:19:52.0926 1876 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:19:52.0941 1876 sfloppy - ok
20:19:53.0004 1876 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:19:53.0051 1876 SharedAccess - ok
20:19:53.0113 1876 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:19:53.0144 1876 ShellHWDetection - ok
20:19:53.0160 1876 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:19:53.0175 1876 SiSRaid2 - ok
20:19:53.0191 1876 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:19:53.0207 1876 SiSRaid4 - ok
20:19:53.0347 1876 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:19:53.0363 1876 SkypeUpdate - ok
20:19:53.0378 1876 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:19:53.0425 1876 Smb - ok
20:19:53.0472 1876 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:19:53.0472 1876 SNMPTRAP - ok
20:19:53.0487 1876 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:19:53.0503 1876 spldr - ok
20:19:53.0550 1876 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:19:53.0581 1876 Spooler - ok
20:19:53.0643 1876 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:19:53.0721 1876 sppsvc - ok
20:19:53.0753 1876 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:19:53.0784 1876 sppuinotify - ok
20:19:53.0815 1876 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:19:53.0846 1876 srv - ok
20:19:53.0862 1876 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:19:53.0893 1876 srv2 - ok
20:19:53.0909 1876 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:19:53.0940 1876 srvnet - ok
20:19:53.0971 1876 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:19:54.0002 1876 SSDPSRV - ok
20:19:54.0033 1876 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:19:54.0065 1876 SstpSvc - ok
20:19:54.0096 1876 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:19:54.0111 1876 ssudmdm - ok
20:19:54.0143 1876 Steam Client Service - ok
20:19:54.0158 1876 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:19:54.0158 1876 stexstor - ok
20:19:54.0205 1876 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:19:54.0236 1876 stisvc - ok
20:19:54.0252 1876 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:19:54.0267 1876 swenum - ok
20:19:54.0299 1876 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:19:54.0330 1876 swprv - ok
20:19:54.0361 1876 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:19:54.0408 1876 SysMain - ok
20:19:54.0439 1876 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:19:54.0455 1876 TabletInputService - ok
20:19:54.0486 1876 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:19:54.0533 1876 TapiSrv - ok
20:19:54.0548 1876 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:19:54.0564 1876 TBS - ok
20:19:54.0626 1876 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:19:54.0657 1876 Tcpip - ok
20:19:54.0689 1876 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:19:54.0704 1876 TCPIP6 - ok
20:19:54.0751 1876 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:19:54.0751 1876 tcpipreg - ok
20:19:54.0767 1876 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:19:54.0798 1876 TDPIPE - ok
20:19:54.0829 1876 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:19:54.0845 1876 TDTCP - ok
20:19:54.0876 1876 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:19:54.0923 1876 tdx - ok
20:19:54.0938 1876 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:19:54.0938 1876 TermDD - ok
20:19:54.0969 1876 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:19:55.0016 1876 TermService - ok
20:19:55.0047 1876 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:19:55.0063 1876 Themes - ok
20:19:55.0079 1876 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:19:55.0110 1876 THREADORDER - ok
20:19:55.0125 1876 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:19:55.0157 1876 TrkWks - ok
20:19:55.0203 1876 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:19:55.0235 1876 TrustedInstaller - ok
20:19:55.0266 1876 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:19:55.0281 1876 tssecsrv - ok
20:19:55.0313 1876 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:19:55.0344 1876 TsUsbFlt - ok
20:19:55.0391 1876 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:19:55.0406 1876 tunnel - ok
20:19:55.0422 1876 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:19:55.0437 1876 uagp35 - ok
20:19:55.0469 1876 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:19:55.0500 1876 udfs - ok
20:19:55.0531 1876 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:19:55.0531 1876 UI0Detect - ok
20:19:55.0562 1876 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:19:55.0562 1876 uliagpkx - ok
20:19:55.0593 1876 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:19:55.0625 1876 umbus - ok
20:19:55.0640 1876 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:19:55.0640 1876 UmPass - ok
20:19:55.0656 1876 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:19:55.0687 1876 upnphost - ok
20:19:55.0749 1876 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:19:55.0781 1876 USBAAPL64 - ok
20:19:55.0812 1876 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:19:55.0812 1876 usbaudio - ok
20:19:55.0843 1876 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:19:55.0859 1876 usbccgp - ok
20:19:55.0890 1876 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:19:55.0905 1876 usbcir - ok
20:19:55.0921 1876 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:19:55.0952 1876 usbehci - ok
20:19:56.0015 1876 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
20:19:56.0015 1876 usbfilter - ok
20:19:56.0030 1876 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:19:56.0077 1876 usbhub - ok
20:19:56.0093 1876 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:19:56.0108 1876 usbohci - ok
20:19:56.0139 1876 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:19:56.0155 1876 usbprint - ok
20:19:56.0186 1876 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:19:56.0186 1876 usbscan - ok
20:19:56.0202 1876 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:19:56.0202 1876 USBSTOR - ok
20:19:56.0217 1876 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:19:56.0249 1876 usbuhci - ok
20:19:56.0295 1876 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:19:56.0295 1876 usb_rndisx - ok
20:19:56.0327 1876 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:19:56.0358 1876 UxSms - ok
20:19:56.0373 1876 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:19:56.0373 1876 VaultSvc - ok
20:19:56.0389 1876 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:19:56.0389 1876 vdrvroot - ok
20:19:56.0420 1876 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:19:56.0436 1876 vds - ok
20:19:56.0451 1876 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:19:56.0451 1876 vga - ok
20:19:56.0467 1876 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:19:56.0498 1876 VgaSave - ok
20:19:56.0514 1876 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:19:56.0529 1876 vhdmp - ok
20:19:56.0529 1876 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:19:56.0545 1876 viaide - ok
20:19:56.0545 1876 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:19:56.0545 1876 volmgr - ok
20:19:56.0592 1876 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:19:56.0607 1876 volmgrx - ok
20:19:56.0607 1876 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:19:56.0623 1876 volsnap - ok
20:19:56.0639 1876 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:19:56.0654 1876 vsmraid - ok
20:19:56.0701 1876 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:19:56.0748 1876 VSS - ok
20:19:56.0763 1876 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:19:56.0779 1876 vwifibus - ok
20:19:56.0826 1876 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:19:56.0841 1876 W32Time - ok
20:19:56.0857 1876 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:19:56.0873 1876 WacomPen - ok
20:19:56.0888 1876 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:19:56.0919 1876 WANARP - ok
20:19:56.0919 1876 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:19:56.0935 1876 Wanarpv6 - ok
20:19:56.0982 1876 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:19:57.0013 1876 wbengine - ok
20:19:57.0029 1876 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:19:57.0044 1876 WbioSrvc - ok
20:19:57.0091 1876 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:19:57.0091 1876 WcesComm - ok
20:19:57.0122 1876 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:19:57.0153 1876 wcncsvc - ok
20:19:57.0169 1876 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:19:57.0185 1876 WcsPlugInService - ok
20:19:57.0185 1876 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:19:57.0200 1876 Wd - ok
20:19:57.0231 1876 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:19:57.0247 1876 Wdf01000 - ok
20:19:57.0263 1876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:19:57.0325 1876 WdiServiceHost - ok
20:19:57.0341 1876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:19:57.0341 1876 WdiSystemHost - ok
20:19:57.0372 1876 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:19:57.0403 1876 WebClient - ok
20:19:57.0419 1876 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:19:57.0450 1876 Wecsvc - ok
20:19:57.0465 1876 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:19:57.0512 1876 wercplsupport - ok
20:19:57.0528 1876 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:19:57.0559 1876 WerSvc - ok
20:19:57.0575 1876 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:19:57.0606 1876 WfpLwf - ok
20:19:57.0621 1876 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:19:57.0621 1876 WIMMount - ok
20:19:57.0637 1876 WinDefend - ok
20:19:57.0637 1876 WinHttpAutoProxySvc - ok
20:19:57.0684 1876 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:19:57.0699 1876 Winmgmt - ok
20:19:57.0793 1876 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
20:19:57.0793 1876 WinRing0_1_2_0 - ok
20:19:57.0855 1876 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:19:57.0887 1876 WinRM - ok
20:19:57.0933 1876 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:19:57.0949 1876 WinUsb - ok
20:19:57.0996 1876 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:19:58.0011 1876 Wlansvc - ok
20:19:58.0105 1876 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:19:58.0136 1876 wlidsvc - ok
20:19:58.0167 1876 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:19:58.0167 1876 WmiAcpi - ok
20:19:58.0183 1876 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:19:58.0199 1876 wmiApSrv - ok
20:19:58.0230 1876 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:19:58.0230 1876 WPCSvc - ok
20:19:58.0261 1876 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:19:58.0292 1876 WPDBusEnum - ok
20:19:58.0308 1876 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:19:58.0323 1876 ws2ifsl - ok
20:19:58.0339 1876 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:19:58.0355 1876 wscsvc - ok
20:19:58.0417 1876 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:19:58.0448 1876 wuauserv - ok
20:19:58.0479 1876 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:19:58.0511 1876 WudfPf - ok
20:19:58.0542 1876 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:19:58.0542 1876 WUDFRd - ok
20:19:58.0573 1876 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:19:58.0604 1876 wudfsvc - ok
20:19:58.0620 1876 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:19:58.0620 1876 WwanSvc - ok
20:19:58.0635 1876 ================ Scan global ===============================
20:19:58.0667 1876 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:19:58.0698 1876 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:19:58.0698 1876 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:19:58.0713 1876 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:19:58.0729 1876 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:19:58.0745 1876 [Global] - ok
20:19:58.0745 1876 ================ Scan MBR ==================================
20:19:58.0745 1876 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:19:58.0791 1876 \Device\Harddisk0\DR0 - ok
20:19:58.0807 1876 [ 3F217AA00F5333EE4FC0F117341604AE ] \Device\Harddisk1\DR1
20:19:58.0979 1876 \Device\Harddisk1\DR1 - ok
20:19:58.0979 1876 ================ Scan VBR ==================================
20:19:58.0979 1876 [ 16B3F20A8E4DA619376AB550FDD8FAFA ] \Device\Harddisk0\DR0\Partition1
20:19:58.0979 1876 \Device\Harddisk0\DR0\Partition1 - ok
20:19:58.0979 1876 [ DD9154D684E6B5DF850E4C2312795C00 ] \Device\Harddisk0\DR0\Partition2
20:19:58.0979 1876 \Device\Harddisk0\DR0\Partition2 - ok
20:19:59.0010 1876 [ 3AFB5538021C88D7E1F82354EDC288CC ] \Device\Harddisk1\DR1\Partition1
20:19:59.0010 1876 \Device\Harddisk1\DR1\Partition1 - ok
20:19:59.0010 1876 ============================================================
20:19:59.0010 1876 Scan finished
20:19:59.0010 1876 ============================================================
20:19:59.0025 1948 Detected object count: 1
20:19:59.0025 1948 Actual detected object count: 1
20:20:04.0392 1948 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:04.0392 1948 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg 07.01.2013 20:21
Hi
nutzt du dieses System für Onlinebanking, zum einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?

herbcyy 07.01.2013 20:25
Nein, nur hin und wieder für Einkäufe über Steam/ Amazon, wieso ?
UNd für Bewerbungen fürs Studium etc.

markusg 07.01.2013 20:26
Du hast das Rootkit.zero access + andere Schadsoftware, diesen PC können wir nicht mit 100 %iger sicherheit reinigen, dies ist aber nötig, da du über diesen einkaufst.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

herbcyy 07.01.2013 20:33
Puh okey. Also ich selbst benutze den PC eigentlich nicht zum Online Banking. Weißt du wie lange ich diese Viren schon habe ?
Weil ich selbst benutze eigentlich kein online Banking und dass mein Dad hier was bestellt hat ist etwas her. Glaub der würds nicht so gut aufnehmen, wenn er erfährt dass er seine Passwörter ändern muss :(

Windows werde ich natürlich trotzdem neu aufsetzen. Geht eig nur ums Passwort ändern :)
Allerdings habe ich noch eine Frage zum Windows aufsetzten. Habe jetzt schon 2 mal meinen PC neu aufgesetzt und wenn ich meinen PC jetzt starte kommt immer eine Anzeige bei der ich unter 3 "Windows 7" auswählen kann. Kann man die anderen beiden endgültig löschen oder geht das nicht ?
Und möchte mich jetzt schonmal für deine Mühe danken !:)

markusg 07.01.2013 21:14
Hi
wie lange das Teil drauf ist, kann ich dir nicht sagen, PW's ändern ist ne gute Idee.
hast du denn ne normale Windows CD, oder ne Recovery cd? bzw ist das ein fertig pc, dann mal hersteller und typ posten.

herbcyy 07.01.2013 21:17
Nein, der PC ist selbst zusammengestellt. Zur Neuinstallation benutze ich glaub die Windows 7 OEM Preinstallation Kit CD. Kann das hinkommen ?

markusg 07.01.2013 21:19
Jepp.
sichere erst mal deine Daten, und meld dich, wenn du formatieren kannst, dann geb ich dir die Anleitung.

herbcyy 07.01.2013 21:34
Hab alles wichtige gesichert.

markusg 07.01.2013 22:09
Hi,
cd einlegen, neustarten, f12 drücken, cd bzw dvd laufwerk wählen.
Jetzt auf benutzerdefinierte instalation gehen.
Weiter bis zur Partitionsauswahl, dort auf Optionen, formatieren, bestätigen.
Jetzt instaliere Windows.
Sollen Daten nach Windows.old verschoben werden, klicke auf abbrechen, und formatiere erneut.
Jetzt dürften keine 3 Win Versionen zur Verfügung stehen.
Bitte instaliere Jetzt driver von vorhandenen Driver und Support CD's
Sichere Windows ab:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

herbcyy 07.01.2013 22:23
Wow vielen Dank für alles !
Werde jetzt erstmal Windows neu aufsetzten und mich dann wieder melden

markusg 07.01.2013 22:33
alles klar, immer mit der Ruhe

herbcyy 07.01.2013 22:34
Halt mich jzt bitte nicht für total blöd aber ich schaffst nicht windows neu aufzusetzten.
Habe die CD neu eingelegt doch wenn ich f12 drücke komme ich nur ins Bootmenü. dort kann ich verscheidene sachen auswählen wie usb usw. habe dann das einzige ausgewählt bei dem ein "+" DAVOR STAND WAS auch irgentetwas mit Disk im namen hatte. Daraufhin kam ich dann zu einer Auswahl von 2 verschiedenen Text und Buchstabenkombinationen, von denen ich eine ausgewählt habe. Daraufhin hat sich mein pc aber ganz nornal gestartet.
Was mache ich denn flasch ? oder hab ich vll doch die falsche CD ? weil in meiner Erinnerung musste ich auch irein Code eingeben, der sich aber auf dieser CD nicht befindet ??

markusg 07.01.2013 22:36
Ob das die richtige CD ist, kann ich dir so nicht sagen, dann musst du halt mal schauen, was du noch da hast, bzw den Text der CD posten

herbcyy 07.01.2013 22:40
Habe keine andere CD gefunden. Auf dieser hier steht:

Datenträger zur Vorinstallation - nur für MicrosoftSystem-Biulder.

Windows 7
OEM Preinstallations Kit

Habe mal ein bisschen gegoogelt und mit dieser CD kann man man nicht viel anfangen. Werde mich morgen mal auf die Suche nach der richtigen CD begeben.
Wünsche dir noch einen schönen Abend !

So habe Windows jetzt neu aufgesetzt aber stehe vor ein paar neuen Problemen.
1. Wenn ich meinen PC starte kann ich dieses nurnoch über das BOOT Menü (f12) machen. Wenn ich meinen PC einfach wie früher starten lasse kommt dass BOOTMRG fehlt und es geht nicht mehr weiter.
2. Habe ich jzt irgentwie einen ähnelichen Virus auf dem PC. Habe Windows 7 Media Player installiert, hats irwie automatisch gemacht. Habe anschließend meinen GRafik Treiber installiert doch nun öfnnet sich der Windows Media player die ganze zeit. Wenn ich ihne starte öffnet er sich einfach neu im vordergrund, aber nie mehr als 1 Mal. Wenn ich ihne ignoriere kommt er einfach neu in den Vordergrund also kann ich nicht arbeiten.

*meinte wenn ich ihn schließe öffnet er sich einfach neu
Und löschen kann ich ihn auch nicht, da kommt dass ich nicht die erlaubnis von trustedInstaller habe.

Also habe jzt Windows Media payer einfach deaktiviert.
Habe meine Treiber usw. alles installiert und avast runtergeladen. Nun wollte ich mit den Windwos Update startenund bin auf update suche gegangen. Wähgrend der Suche hat sich wieder das Fenster von dem Virus geöffnet den ich ja eigentlich loswerden wollte.
Öfnnet sich jetzt wieder ganz oft bin im abgesichterem Modus und warte auf dich.

Habe Win7 nochmals installiert und bis jetzt noch keine Anzeichen von dem Virus. Habe alle deine Schritte befolgt und hätte nur ein paar Fragen zu der Konfiguration der Sandbox.

Also denke der Virus ist nach wie vor da.Denkst du wir bekommen das hin,weilansonsten würde ich meinen PC jzt zu nem Fachhänler bringen ?

Kannst bitte ganz kurz antworten weil der Händler hat nur bis 19 Uhr auf. Wenn du aber sagst wir können das evt. schaffen dann isses okey :) kannst dich mir dann au erst später widmen nur fänds toll wenn mir kiurz schrieben könntest was sache ist ?

markusg 08.01.2013 18:03
Hi
Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de
Führe aus über die win DVD, in Reihenfolge:
fixmbr
fixboot
dann instaliere Windows noch mal

herbcyy 08.01.2013 18:05
okey, allerdings ist das ja um den start vom pc zu beheben wenn ichs richtig verstanden habe. weil den virus habe ich denk immer noch :/ grad hats wieder angefangen mit dem windoes media player der sich einfach so öfnnet, obwohl ich ihn diesmal nicht installiert habe.

markusg 08.01.2013 18:18
führe bitte die Befehle aus, sie schreiben den bootsektor etc neu. dann instaliere, wie beschrieben, windows neu.

herbcyy 08.01.2013 18:56
hey,
habe ein größeres Problem. Wollte das was du gesagt hast ausführen, allerding starte ich mein Windows zurzeit immer über f 12 -> boot menü -> hard disk -> SCSI-1 samsung hd103sj. so habe ich heute morgen auch die windwos cd gestartet was jetzt allerdings nicht mehr funktioniert ?
owollte dann neustarten doch jzt komme ich über den pfad nurnoch zur systemreperatur und da wird gesagt windows kann diesen Computer nicht automatisch reparieren.
Habe dann über erweiterte optionen trzdm das ausgeführt mit der Boot.exe aber hat nicht gehohlfen.

Bin jetzt am Leptop.

markusg 08.01.2013 19:01
evtl. ist die cd nicht sauber? fingerabdrücke etc.
evtl. eine windows cd von nem bekannten ausleihen.
muss eine home version 64 bit sein

herbcyy 08.01.2013 19:06
Mit der CD stimmt alles. Ich bin nur einfach total unfähig was PC sachen anbelangt. Habe jzt mal eine andere Option im Boot Menü ausgewählt und konnte so die CD starten.
Werde jzt die Schritte ausführen und mich dann wieder melden.

markusg 08.01.2013 19:47
ok, eig müsste da auch immer dvd drann stehen wenn du im boot menü bist.

herbcyy 08.01.2013 20:50
Bis jetzt sieht alles gut aus, Windows startet wieder normal. Wie genau soll ich avast denn konfigurieren ?

Habe nun alle deine Schritte befolgt, nur beim Konfigurieren der Sandboxie habe ich schwierigkeiten bei dem schritt mit chrome.exe

markusg 08.01.2013 23:45
Hi
avast in der standard konfig passt.
ich möchte erst mal anhand einer checkliste prüfen ob du alles hast.
- instalieren von optionalen und wichtigen updates.
- konfigurieren von windows updates.
- dep für alle prozesse aktivieren.
- sehop aktivieren.
- chrome instalieren.
- sandboxie instalieren.
- autorun deaktivieren.
- panda vaccine instalieren.
- secunia instalieren.
- file hippo instalieren.
beachte:
secunia und file hippo bieten englische updates, überall wo du auf die nutzeroberfläche zugreifst, wie zb reader, browser, etc benötigst du deutsche updates, also hier die hersteller seiten in den favoriten deines browsers speichern und wenn ein update gezeigt wird, von dort hohlen, bei java, flash quicktime, ist es egal ob deutsch oder englisch.
- backup software instalieren, backup und rettungsdvd erstellen.
hier ne kurze anleitung:
Anleitung: Systemabbild mit Paragon Drive Backup - NETZWELT

- wenn du onlinebanking machst, kann ich noch kurz was über die vorteile von card reader und banking software sagen.
- passwort manager instaliert.
- prüfe auch, dass du alle neuen Treiber hast.
- Schaue unter Rechtsklick Computer, eigenschaften, ob ein servicepack instaliert ist (sp1)
Sandboxie:
du musst mir schon sagen, welches Problem, sonst kann ich schlecht arbeiten :-)

herbcyy 09.01.2013 09:47
Ja soweit alles erledigt. Nur bin ich mir nicht sicher ob ich dep richtig akiviert habe.
Mit Sandboxie hat sich erledigt habs geschafft :-)

markusg 09.01.2013 14:11
Hi,
unter x64 bit ist dep schon passend konfiguriert.
Chrome hinweise:
adblock für chrome:
http://filepony.de/download-adblock_chrome/
damit sollte das leben werbefreier von statten gehen.
ghostery um tracking zu verhindern:
http://filepony.de/download-ghostery_chrome/
sicher surfen mit chrome:
http://www.verbraucher-sicher-online...-google-chrome

herbcyy 09.01.2013 14:42
Alles schon erledigt :)
Hab mal andere Beiträge von dir gelesen und das mit Chrome schon entdeckt. Kann man irgentwie noch kontrollieren ob der Virus auch echt weg ist ?

Habe mir gerade Teamspeak von der Original Seite herunter geladen aber es kam eine Warnung von avast ?

Meldung mit ts bitte ignorieren.

markusg 09.01.2013 15:40
Kannst ja noch mal den TDSS killer laufen lassen, wie auf seite 1
Avast meldung müsste ich schon sehen, sonst kann ich dir da nichts sagen, aber so lange das gute Stück von der Originalseite kommt, tippe ich auf Fehlalarm

herbcyy 09.01.2013 16:30
OKey hier der report:
Zitat:
16:29:17.0790 5504 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:29:17.0890 5504 ============================================================
16:29:17.0890 5504 Current date / time: 2013/01/09 16:29:17.0890
16:29:17.0890 5504 SystemInfo:
16:29:17.0890 5504
16:29:17.0890 5504 OS Version: 6.1.7601 ServicePack: 1.0
16:29:17.0890 5504 Product type: Workstation
16:29:17.0891 5504 ComputerName: JONAS-PC
16:29:17.0891 5504 UserName: Jonas
16:29:17.0891 5504 Windows directory: C:\Windows
16:29:17.0891 5504 System windows directory: C:\Windows
16:29:17.0891 5504 Running under WOW64
16:29:17.0891 5504 Processor architecture: Intel x64
16:29:17.0891 5504 Number of processors: 6
16:29:17.0891 5504 Page size: 0x1000
16:29:17.0891 5504 Boot type: Normal boot
16:29:17.0891 5504 ============================================================
16:29:18.0105 5504 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:29:25.0511 5504 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:29:25.0522 5504 ============================================================
16:29:25.0522 5504 \Device\Harddisk0\DR0:
16:29:25.0522 5504 MBR partitions:
16:29:25.0522 5504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D000
16:29:25.0523 5504 \Device\Harddisk1\DR1:
16:29:25.0523 5504 MBR partitions:
16:29:25.0523 5504 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:29:25.0523 5504 ============================================================
16:29:25.0524 5504 C: <-> \Device\Harddisk0\DR0\Partition1
16:29:25.0940 5504 D: <-> \Device\Harddisk1\DR1\Partition1
16:29:25.0940 5504 ============================================================
16:29:25.0941 5504 Initialize success
16:29:25.0941 5504 ============================================================
16:29:37.0867 0684 ============================================================
16:29:37.0867 0684 Scan started
16:29:37.0867 0684 Mode: Manual; SigCheck; TDLFS;
16:29:37.0867 0684 ============================================================
16:29:38.0904 0684 ================ Scan system memory ========================
16:29:38.0904 0684 System memory - ok
16:29:38.0905 0684 ================ Scan services =============================
16:29:38.0933 0684 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:29:39.0007 0684 1394ohci - ok
16:29:39.0013 0684 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:29:39.0029 0684 ACPI - ok
16:29:39.0034 0684 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:29:39.0053 0684 AcpiPmi - ok
16:29:39.0067 0684 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:29:39.0079 0684 AdobeFlashPlayerUpdateSvc - ok
16:29:39.0087 0684 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:29:39.0103 0684 adp94xx - ok
16:29:39.0109 0684 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:29:39.0122 0684 adpahci - ok
16:29:39.0127 0684 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:29:39.0139 0684 adpu320 - ok
16:29:39.0144 0684 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:29:39.0186 0684 AeLookupSvc - ok
16:29:39.0193 0684 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:29:39.0210 0684 AFD - ok
16:29:39.0214 0684 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:29:39.0224 0684 agp440 - ok
16:29:39.0228 0684 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:29:39.0241 0684 ALG - ok
16:29:39.0245 0684 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:29:39.0254 0684 aliide - ok
16:29:39.0259 0684 [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:29:39.0278 0684 AMD External Events Utility - ok
16:29:39.0282 0684 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:29:39.0291 0684 amdide - ok
16:29:39.0295 0684 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:29:39.0307 0684 AmdK8 - ok
16:29:39.0372 0684 [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:29:39.0471 0684 amdkmdag - ok
16:29:39.0479 0684 [ 20B63276A1920B41E1C56720B395049B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:29:39.0495 0684 amdkmdap - ok
16:29:39.0499 0684 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:29:39.0510 0684 AmdPPM - ok
16:29:39.0514 0684 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:29:39.0524 0684 amdsata - ok
16:29:39.0529 0684 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:29:39.0541 0684 amdsbs - ok
16:29:39.0545 0684 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:29:39.0554 0684 amdxata - ok
16:29:39.0558 0684 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:29:39.0602 0684 AppID - ok
16:29:39.0606 0684 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:29:39.0633 0684 AppIDSvc - ok
16:29:39.0637 0684 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:29:39.0663 0684 Appinfo - ok
16:29:39.0667 0684 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:29:39.0677 0684 arc - ok
16:29:39.0681 0684 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:29:39.0692 0684 arcsas - ok
16:29:39.0695 0684 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:29:39.0708 0684 aswFsBlk - ok
16:29:39.0712 0684 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:29:39.0722 0684 aswMonFlt - ok
16:29:39.0725 0684 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
16:29:39.0734 0684 aswRdr - ok
16:29:39.0745 0684 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:29:39.0767 0684 aswSnx - ok
16:29:39.0774 0684 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:29:39.0787 0684 aswSP - ok
16:29:39.0791 0684 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:29:39.0800 0684 aswTdi - ok
16:29:39.0804 0684 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:39.0830 0684 AsyncMac - ok
16:29:39.0833 0684 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:29:39.0843 0684 atapi - ok
16:29:39.0848 0684 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:29:39.0858 0684 AtiHDAudioService - ok
16:29:39.0866 0684 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:29:39.0898 0684 AudioEndpointBuilder - ok
16:29:39.0906 0684 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:29:39.0935 0684 AudioSrv - ok
16:29:39.0939 0684 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:29:39.0949 0684 avast! Antivirus - ok
16:29:39.0952 0684 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:29:39.0972 0684 AxInstSV - ok
16:29:39.0979 0684 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:29:39.0995 0684 b06bdrv - ok
16:29:40.0001 0684 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:40.0015 0684 b57nd60a - ok
16:29:40.0021 0684 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:29:40.0035 0684 BDESVC - ok
16:29:40.0039 0684 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:29:40.0067 0684 Beep - ok
16:29:40.0076 0684 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:29:40.0109 0684 BFE - ok
16:29:40.0119 0684 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:29:40.0159 0684 BITS - ok
16:29:40.0169 0684 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:40.0185 0684 blbdrive - ok
16:29:40.0189 0684 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:29:40.0201 0684 bowser - ok
16:29:40.0204 0684 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:29:40.0221 0684 BrFiltLo - ok
16:29:40.0224 0684 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:29:40.0236 0684 BrFiltUp - ok
16:29:40.0240 0684 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:29:40.0253 0684 Browser - ok
16:29:40.0258 0684 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:29:40.0273 0684 Brserid - ok
16:29:40.0276 0684 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:29:40.0289 0684 BrSerWdm - ok
16:29:40.0292 0684 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:29:40.0305 0684 BrUsbMdm - ok
16:29:40.0308 0684 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:29:40.0319 0684 BrUsbSer - ok
16:29:40.0322 0684 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:29:40.0335 0684 BTHMODEM - ok
16:29:40.0341 0684 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:29:40.0368 0684 bthserv - ok
16:29:40.0372 0684 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:29:40.0399 0684 cdfs - ok
16:29:40.0403 0684 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:29:40.0416 0684 cdrom - ok
16:29:40.0420 0684 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:29:40.0446 0684 CertPropSvc - ok
16:29:40.0450 0684 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:29:40.0462 0684 circlass - ok
16:29:40.0468 0684 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:29:40.0482 0684 CLFS - ok
16:29:40.0487 0684 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:40.0498 0684 clr_optimization_v2.0.50727_32 - ok
16:29:40.0502 0684 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:29:40.0512 0684 clr_optimization_v2.0.50727_64 - ok
16:29:40.0518 0684 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:40.0528 0684 clr_optimization_v4.0.30319_32 - ok
16:29:40.0534 0684 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:40.0544 0684 clr_optimization_v4.0.30319_64 - ok
16:29:40.0548 0684 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:29:40.0558 0684 CmBatt - ok
16:29:40.0562 0684 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:29:40.0571 0684 cmdide - ok
16:29:40.0578 0684 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:29:40.0599 0684 CNG - ok
16:29:40.0602 0684 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:29:40.0612 0684 Compbatt - ok
16:29:40.0615 0684 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:29:40.0629 0684 CompositeBus - ok
16:29:40.0632 0684 COMSysApp - ok
16:29:40.0636 0684 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:29:40.0646 0684 crcdisk - ok
16:29:40.0651 0684 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:29:40.0670 0684 CryptSvc - ok
16:29:40.0678 0684 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:29:40.0710 0684 DcomLaunch - ok
16:29:40.0716 0684 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:29:40.0745 0684 defragsvc - ok
16:29:40.0749 0684 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:29:40.0785 0684 DfsC - ok
16:29:40.0790 0684 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:29:40.0805 0684 Dhcp - ok
16:29:40.0809 0684 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:29:40.0835 0684 discache - ok
16:29:40.0839 0684 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:29:40.0849 0684 Disk - ok
16:29:40.0854 0684 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:29:40.0866 0684 Dnscache - ok
16:29:40.0873 0684 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:29:40.0901 0684 dot3svc - ok
16:29:40.0906 0684 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:29:40.0932 0684 DPS - ok
16:29:40.0936 0684 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:29:40.0948 0684 drmkaud - ok
16:29:40.0959 0684 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:29:40.0981 0684 DXGKrnl - ok
16:29:40.0985 0684 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:29:41.0013 0684 EapHost - ok
16:29:41.0041 0684 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:29:41.0084 0684 ebdrv - ok
16:29:41.0089 0684 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:29:41.0102 0684 EFS - ok
16:29:41.0110 0684 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:29:41.0130 0684 ehRecvr - ok
16:29:41.0133 0684 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:29:41.0146 0684 ehSched - ok
16:29:41.0153 0684 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:29:41.0169 0684 elxstor - ok
16:29:41.0173 0684 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:29:41.0184 0684 ErrDev - ok
16:29:41.0193 0684 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:29:41.0223 0684 EventSystem - ok
16:29:41.0228 0684 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:29:41.0259 0684 exfat - ok
16:29:41.0264 0684 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:29:41.0293 0684 fastfat - ok
16:29:41.0301 0684 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:29:41.0320 0684 Fax - ok
16:29:41.0324 0684 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:29:41.0335 0684 fdc - ok
16:29:41.0339 0684 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:29:41.0365 0684 fdPHost - ok
16:29:41.0369 0684 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:29:41.0396 0684 FDResPub - ok
16:29:41.0400 0684 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:29:41.0410 0684 FileInfo - ok
16:29:41.0414 0684 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:29:41.0440 0684 Filetrace - ok
16:29:41.0444 0684 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:29:41.0454 0684 flpydisk - ok
16:29:41.0460 0684 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:29:41.0473 0684 FltMgr - ok
16:29:41.0485 0684 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:29:41.0508 0684 FontCache - ok
16:29:41.0512 0684 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:41.0522 0684 FontCache3.0.0.0 - ok
16:29:41.0525 0684 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:29:41.0535 0684 FsDepends - ok
16:29:41.0539 0684 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:29:41.0549 0684 Fs_Rec - ok
16:29:41.0554 0684 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:29:41.0568 0684 fvevol - ok
16:29:41.0572 0684 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:29:41.0583 0684 gagp30kx - ok
16:29:41.0585 0684 gdrv - ok
16:29:41.0595 0684 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:29:41.0629 0684 gpsvc - ok
16:29:41.0632 0684 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:29:41.0644 0684 hcw85cir - ok
16:29:41.0650 0684 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:29:41.0666 0684 HdAudAddService - ok
16:29:41.0670 0684 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:29:41.0684 0684 HDAudBus - ok
16:29:41.0687 0684 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:29:41.0698 0684 HidBatt - ok
16:29:41.0702 0684 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:29:41.0716 0684 HidBth - ok
16:29:41.0719 0684 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:29:41.0732 0684 HidIr - ok
16:29:41.0735 0684 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:29:41.0763 0684 hidserv - ok
16:29:41.0766 0684 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:29:41.0778 0684 HidUsb - ok
16:29:41.0782 0684 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:29:41.0809 0684 hkmsvc - ok
16:29:41.0814 0684 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:29:41.0828 0684 HomeGroupListener - ok
16:29:41.0833 0684 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:29:41.0846 0684 HomeGroupProvider - ok
16:29:41.0850 0684 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:29:41.0861 0684 HpSAMD - ok
16:29:41.0869 0684 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:29:41.0902 0684 HTTP - ok
16:29:41.0906 0684 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:29:41.0916 0684 hwpolicy - ok
16:29:41.0920 0684 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:29:41.0932 0684 i8042prt - ok
16:29:41.0938 0684 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:29:41.0952 0684 iaStorV - ok
16:29:41.0962 0684 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:41.0981 0684 idsvc - ok
16:29:41.0985 0684 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:29:41.0995 0684 iirsp - ok
16:29:42.0005 0684 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:29:42.0039 0684 IKEEXT - ok
16:29:42.0045 0684 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:29:42.0056 0684 intelide - ok
16:29:42.0060 0684 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:29:42.0072 0684 intelppm - ok
16:29:42.0077 0684 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:29:42.0110 0684 IPBusEnum - ok
16:29:42.0115 0684 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:29:42.0145 0684 IpFilterDriver - ok
16:29:42.0154 0684 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:29:42.0172 0684 iphlpsvc - ok
16:29:42.0177 0684 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:29:42.0195 0684 IPMIDRV - ok
16:29:42.0199 0684 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:29:42.0227 0684 IPNAT - ok
16:29:42.0230 0684 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:29:42.0247 0684 IRENUM - ok
16:29:42.0251 0684 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:29:42.0260 0684 isapnp - ok
16:29:42.0265 0684 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:29:42.0278 0684 iScsiPrt - ok
16:29:42.0282 0684 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:29:42.0292 0684 kbdclass - ok
16:29:42.0295 0684 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:29:42.0307 0684 kbdhid - ok
16:29:42.0310 0684 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:29:42.0321 0684 KeyIso - ok
16:29:42.0324 0684 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:29:42.0335 0684 KSecDD - ok
16:29:42.0340 0684 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:29:42.0351 0684 KSecPkg - ok
16:29:42.0355 0684 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:29:42.0381 0684 ksthunk - ok
16:29:42.0387 0684 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:29:42.0418 0684 KtmRm - ok
16:29:42.0423 0684 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:29:42.0452 0684 LanmanServer - ok
16:29:42.0456 0684 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:29:42.0486 0684 LanmanWorkstation - ok
16:29:42.0491 0684 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:29:42.0517 0684 lltdio - ok
16:29:42.0527 0684 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:29:42.0557 0684 lltdsvc - ok
16:29:42.0560 0684 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:29:42.0587 0684 lmhosts - ok
16:29:42.0593 0684 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:29:42.0603 0684 LSI_FC - ok
16:29:42.0607 0684 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:29:42.0618 0684 LSI_SAS - ok
16:29:42.0622 0684 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:29:42.0632 0684 LSI_SAS2 - ok
16:29:42.0636 0684 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:29:42.0646 0684 LSI_SCSI - ok
16:29:42.0650 0684 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:29:42.0677 0684 luafv - ok
16:29:42.0681 0684 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:29:42.0694 0684 Mcx2Svc - ok
16:29:42.0697 0684 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:29:42.0707 0684 megasas - ok
16:29:42.0713 0684 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:29:42.0725 0684 MegaSR - ok
16:29:42.0729 0684 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:29:42.0756 0684 MMCSS - ok
16:29:42.0760 0684 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:29:42.0787 0684 Modem - ok
16:29:42.0790 0684 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:29:42.0803 0684 monitor - ok
16:29:42.0806 0684 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:29:42.0817 0684 mouclass - ok
16:29:42.0820 0684 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:29:42.0830 0684 mouhid - ok
16:29:42.0834 0684 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:29:42.0845 0684 mountmgr - ok
16:29:42.0849 0684 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:29:42.0860 0684 mpio - ok
16:29:42.0864 0684 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:29:42.0891 0684 mpsdrv - ok
16:29:42.0900 0684 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:29:42.0936 0684 MpsSvc - ok
16:29:42.0940 0684 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:29:42.0956 0684 MRxDAV - ok
16:29:42.0961 0684 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:29:42.0973 0684 mrxsmb - ok
16:29:42.0979 0684 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:29:42.0992 0684 mrxsmb10 - ok
16:29:42.0996 0684 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:29:43.0008 0684 mrxsmb20 - ok
16:29:43.0011 0684 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:29:43.0021 0684 msahci - ok
16:29:43.0025 0684 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:29:43.0036 0684 msdsm - ok
16:29:43.0041 0684 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:29:43.0054 0684 MSDTC - ok
16:29:43.0060 0684 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:29:43.0087 0684 Msfs - ok
16:29:43.0090 0684 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:29:43.0117 0684 mshidkmdf - ok
16:29:43.0122 0684 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:29:43.0131 0684 msisadrv - ok
16:29:43.0136 0684 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:29:43.0164 0684 MSiSCSI - ok
16:29:43.0167 0684 msiserver - ok
16:29:43.0171 0684 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:29:43.0197 0684 MSKSSRV - ok
16:29:43.0201 0684 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:29:43.0226 0684 MSPCLOCK - ok
16:29:43.0230 0684 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:29:43.0256 0684 MSPQM - ok
16:29:43.0262 0684 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:29:43.0275 0684 MsRPC - ok
16:29:43.0281 0684 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:29:43.0291 0684 mssmbios - ok
16:29:43.0294 0684 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:29:43.0320 0684 MSTEE - ok
16:29:43.0323 0684 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:29:43.0334 0684 MTConfig - ok
16:29:43.0337 0684 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:29:43.0348 0684 Mup - ok
16:29:43.0354 0684 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:29:43.0386 0684 napagent - ok
16:29:43.0391 0684 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:29:43.0408 0684 NativeWifiP - ok
16:29:43.0418 0684 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:29:43.0439 0684 NDIS - ok
16:29:43.0442 0684 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:29:43.0469 0684 NdisCap - ok
16:29:43.0472 0684 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:29:43.0498 0684 NdisTapi - ok
16:29:43.0502 0684 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:29:43.0527 0684 Ndisuio - ok
16:29:43.0532 0684 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:29:43.0558 0684 NdisWan - ok
16:29:43.0562 0684 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:29:43.0588 0684 NDProxy - ok
16:29:43.0591 0684 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:29:43.0618 0684 NetBIOS - ok
16:29:43.0623 0684 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:29:43.0651 0684 NetBT - ok
16:29:43.0654 0684 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:29:43.0665 0684 Netlogon - ok
16:29:43.0671 0684 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:29:43.0701 0684 Netman - ok
16:29:43.0708 0684 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:29:43.0740 0684 netprofm - ok
16:29:43.0744 0684 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:29:43.0754 0684 NetTcpPortSharing - ok
16:29:43.0757 0684 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:29:43.0767 0684 nfrd960 - ok
16:29:43.0772 0684 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:29:43.0787 0684 NlaSvc - ok
16:29:43.0790 0684 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:29:43.0816 0684 Npfs - ok
16:29:43.0820 0684 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:29:43.0847 0684 nsi - ok
16:29:43.0850 0684 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:29:43.0877 0684 nsiproxy - ok
16:29:43.0894 0684 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:29:43.0924 0684 Ntfs - ok
16:29:43.0928 0684 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:29:43.0954 0684 Null - ok
16:29:43.0958 0684 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:29:43.0970 0684 nvraid - ok
16:29:43.0974 0684 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:29:43.0985 0684 nvstor - ok
16:29:43.0989 0684 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:29:44.0000 0684 nv_agp - ok
16:29:44.0004 0684 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:29:44.0015 0684 ohci1394 - ok
16:29:44.0021 0684 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:29:44.0036 0684 p2pimsvc - ok
16:29:44.0043 0684 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:29:44.0058 0684 p2psvc - ok
16:29:44.0062 0684 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:29:44.0074 0684 Parport - ok
16:29:44.0078 0684 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:29:44.0088 0684 partmgr - ok
16:29:44.0092 0684 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:29:44.0109 0684 PcaSvc - ok
16:29:44.0113 0684 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:29:44.0125 0684 pci - ok
16:29:44.0128 0684 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:29:44.0138 0684 pciide - ok
16:29:44.0142 0684 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:29:44.0154 0684 pcmcia - ok
16:29:44.0158 0684 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:29:44.0168 0684 pcw - ok
16:29:44.0175 0684 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:29:44.0208 0684 PEAUTH - ok
16:29:44.0221 0684 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:29:44.0233 0684 PerfHost - ok
16:29:44.0251 0684 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:29:44.0292 0684 pla - ok
16:29:44.0298 0684 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:29:44.0315 0684 PlugPlay - ok
16:29:44.0318 0684 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:29:44.0330 0684 PNRPAutoReg - ok
16:29:44.0335 0684 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:29:44.0348 0684 PNRPsvc - ok
16:29:44.0355 0684 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:29:44.0386 0684 PolicyAgent - ok
16:29:44.0392 0684 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:29:44.0425 0684 Power - ok
16:29:44.0429 0684 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:29:44.0456 0684 PptpMiniport - ok
16:29:44.0460 0684 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:29:44.0472 0684 Processor - ok
16:29:44.0476 0684 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:29:44.0490 0684 ProfSvc - ok
16:29:44.0493 0684 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:29:44.0504 0684 ProtectedStorage - ok
16:29:44.0508 0684 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:29:44.0534 0684 Psched - ok
16:29:44.0538 0684 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
16:29:44.0547 0684 PSI - ok
16:29:44.0562 0684 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:29:44.0591 0684 ql2300 - ok
16:29:44.0596 0684 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:29:44.0607 0684 ql40xx - ok
16:29:44.0612 0684 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:29:44.0629 0684 QWAVE - ok
16:29:44.0633 0684 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:29:44.0648 0684 QWAVEdrv - ok
16:29:44.0651 0684 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:29:44.0678 0684 RasAcd - ok
16:29:44.0682 0684 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:29:44.0708 0684 RasAgileVpn - ok
16:29:44.0712 0684 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:29:44.0741 0684 RasAuto - ok
16:29:44.0745 0684 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:29:44.0772 0684 Rasl2tp - ok
16:29:44.0777 0684 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:29:44.0807 0684 RasMan - ok
16:29:44.0812 0684 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:29:44.0839 0684 RasPppoe - ok
16:29:44.0843 0684 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:29:44.0871 0684 RasSstp - ok
16:29:44.0877 0684 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:29:44.0905 0684 rdbss - ok
16:29:44.0909 0684 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:29:44.0921 0684 rdpbus - ok
16:29:44.0924 0684 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:29:44.0951 0684 RDPCDD - ok
16:29:44.0956 0684 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:29:44.0983 0684 RDPENCDD - ok
16:29:44.0987 0684 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:29:45.0014 0684 RDPREFMP - ok
16:29:45.0019 0684 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:29:45.0030 0684 RdpVideoMiniport - ok
16:29:45.0035 0684 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:29:45.0049 0684 RDPWD - ok
16:29:45.0053 0684 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:29:45.0066 0684 rdyboost - ok
16:29:45.0070 0684 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:29:45.0098 0684 RemoteAccess - ok
16:29:45.0103 0684 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:29:45.0132 0684 RemoteRegistry - ok
16:29:45.0137 0684 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:29:45.0165 0684 RpcEptMapper - ok
16:29:45.0168 0684 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:29:45.0181 0684 RpcLocator - ok
16:29:45.0187 0684 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:29:45.0218 0684 RpcSs - ok
16:29:45.0223 0684 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:29:45.0252 0684 rspndr - ok
16:29:45.0257 0684 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:29:45.0278 0684 RTL8167 - ok
16:29:45.0283 0684 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:29:45.0294 0684 SamSs - ok
16:29:45.0313 0684 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv D:\Sandboxie\SbieDrv.sys
16:29:45.0329 0684 SbieDrv - ok
16:29:45.0333 0684 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc D:\Sandboxie\SbieSvc.exe
16:29:45.0345 0684 SbieSvc - ok
16:29:45.0350 0684 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:29:45.0363 0684 sbp2port - ok
16:29:45.0368 0684 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:29:45.0399 0684 SCardSvr - ok
16:29:45.0402 0684 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:29:45.0428 0684 scfilter - ok
16:29:45.0439 0684 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:29:45.0477 0684 Schedule - ok
16:29:45.0480 0684 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:29:45.0505 0684 SCPolicySvc - ok
16:29:45.0510 0684 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:29:45.0524 0684 SDRSVC - ok
16:29:45.0527 0684 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:29:45.0554 0684 secdrv - ok
16:29:45.0558 0684 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:29:45.0585 0684 seclogon - ok
16:29:45.0597 0684 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:29:45.0623 0684 Secunia PSI Agent - ok
16:29:45.0631 0684 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:29:45.0647 0684 Secunia Update Agent - ok
16:29:45.0650 0684 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:29:45.0679 0684 SENS - ok
16:29:45.0683 0684 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:29:45.0696 0684 SensrSvc - ok
16:29:45.0699 0684 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:29:45.0710 0684 Serenum - ok
16:29:45.0714 0684 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:29:45.0725 0684 Serial - ok
16:29:45.0728 0684 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:29:45.0739 0684 sermouse - ok
16:29:45.0747 0684 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:29:46.0706 0684 SessionEnv - ok
16:29:46.0710 0684 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:29:46.0722 0684 sffdisk - ok
16:29:46.0725 0684 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:29:46.0738 0684 sffp_mmc - ok
16:29:46.0741 0684 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:29:46.0754 0684 sffp_sd - ok
16:29:46.0757 0684 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:29:46.0768 0684 sfloppy - ok
16:29:46.0773 0684 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:29:46.0804 0684 SharedAccess - ok
16:29:46.0810 0684 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:29:46.0840 0684 ShellHWDetection - ok
16:29:46.0843 0684 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:29:46.0853 0684 SiSRaid2 - ok
16:29:46.0856 0684 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:29:46.0867 0684 SiSRaid4 - ok
16:29:46.0870 0684 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:29:46.0898 0684 Smb - ok
16:29:46.0904 0684 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:29:46.0918 0684 SNMPTRAP - ok
16:29:46.0921 0684 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:29:46.0931 0684 spldr - ok
16:29:46.0939 0684 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:29:46.0957 0684 Spooler - ok
16:29:46.0987 0684 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:29:47.0051 0684 sppsvc - ok
16:29:47.0056 0684 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:29:47.0085 0684 sppuinotify - ok
16:29:47.0092 0684 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:29:47.0107 0684 srv - ok
16:29:47.0114 0684 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:29:47.0129 0684 srv2 - ok
16:29:47.0134 0684 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:29:47.0146 0684 srvnet - ok
16:29:47.0151 0684 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:29:47.0181 0684 SSDPSRV - ok
16:29:47.0185 0684 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:29:47.0213 0684 SstpSvc - ok
16:29:47.0217 0684 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:29:47.0226 0684 stexstor - ok
16:29:47.0234 0684 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:29:47.0256 0684 stisvc - ok
16:29:47.0259 0684 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:29:47.0269 0684 swenum - ok
16:29:47.0275 0684 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:29:47.0308 0684 swprv - ok
16:29:47.0324 0684 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:29:47.0358 0684 SysMain - ok
16:29:47.0362 0684 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:29:47.0379 0684 TabletInputService - ok
16:29:47.0384 0684 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:29:47.0414 0684 TapiSrv - ok
16:29:47.0418 0684 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:29:47.0446 0684 TBS - ok
16:29:47.0463 0684 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:29:47.0497 0684 Tcpip - ok
16:29:47.0516 0684 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:29:47.0544 0684 TCPIP6 - ok
16:29:47.0550 0684 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:29:47.0561 0684 tcpipreg - ok
16:29:47.0565 0684 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:29:47.0578 0684 TDPIPE - ok
16:29:47.0582 0684 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:29:47.0597 0684 TDTCP - ok
16:29:47.0601 0684 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:29:47.0628 0684 tdx - ok
16:29:47.0631 0684 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:29:47.0642 0684 TermDD - ok
16:29:47.0651 0684 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:29:47.0685 0684 TermService - ok
16:29:47.0689 0684 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:29:47.0704 0684 Themes - ok
16:29:47.0708 0684 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:29:47.0735 0684 THREADORDER - ok
16:29:47.0739 0684 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:29:47.0769 0684 TrkWks - ok
16:29:47.0773 0684 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:29:47.0801 0684 TrustedInstaller - ok
16:29:47.0807 0684 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:29:47.0833 0684 tssecsrv - ok
16:29:47.0837 0684 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:29:47.0848 0684 TsUsbFlt - ok
16:29:47.0853 0684 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:29:47.0879 0684 tunnel - ok
16:29:47.0883 0684 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:29:47.0893 0684 uagp35 - ok
16:29:47.0899 0684 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:29:47.0928 0684 udfs - ok
16:29:47.0936 0684 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:29:47.0951 0684 UI0Detect - ok
16:29:47.0955 0684 [ 34859D3801F4BD3DACFA131DD928455A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
16:29:47.0965 0684 UimBus - ok
16:29:47.0973 0684 [ D3CE4776E7FFB25E6935B1C797F4650C ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
16:29:47.0989 0684 Uim_IM - ok
16:29:47.0995 0684 [ 532E4BED5C7803B2EE5681818B2528B7 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
16:29:48.0008 0684 Uim_VIM - ok
16:29:48.0012 0684 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:29:48.0022 0684 uliagpkx - ok
16:29:48.0026 0684 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:29:48.0038 0684 umbus - ok
16:29:48.0041 0684 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:29:48.0052 0684 UmPass - ok
16:29:48.0057 0684 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:29:48.0090 0684 upnphost - ok
16:29:48.0095 0684 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:29:48.0109 0684 usbaudio - ok
16:29:48.0113 0684 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:29:48.0125 0684 usbccgp - ok
16:29:48.0129 0684 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:29:48.0142 0684 usbcir - ok
16:29:48.0145 0684 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:29:48.0156 0684 usbehci - ok
16:29:48.0162 0684 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:29:48.0176 0684 usbhub - ok
16:29:48.0180 0684 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:29:48.0190 0684 usbohci - ok
16:29:48.0194 0684 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:29:48.0206 0684 usbprint - ok
16:29:48.0210 0684 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:29:48.0222 0684 USBSTOR - ok
16:29:48.0225 0684 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:29:48.0236 0684 usbuhci - ok
16:29:48.0240 0684 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:29:48.0268 0684 UxSms - ok
16:29:48.0271 0684 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:29:48.0282 0684 VaultSvc - ok
16:29:48.0285 0684 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:29:48.0295 0684 vdrvroot - ok
16:29:48.0302 0684 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:29:48.0335 0684 vds - ok
16:29:48.0339 0684 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:29:48.0351 0684 vga - ok
16:29:48.0354 0684 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:29:48.0382 0684 VgaSave - ok
16:29:48.0388 0684 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:29:48.0401 0684 vhdmp - ok
16:29:48.0406 0684 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:29:48.0417 0684 viaide - ok
16:29:48.0421 0684 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:29:48.0433 0684 volmgr - ok
16:29:48.0440 0684 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:29:48.0457 0684 volmgrx - ok
16:29:48.0463 0684 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:29:48.0476 0684 volsnap - ok
16:29:48.0483 0684 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:29:48.0495 0684 vsmraid - ok
16:29:48.0511 0684 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:29:48.0556 0684 VSS - ok
16:29:48.0559 0684 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:29:48.0572 0684 vwifibus - ok
16:29:48.0578 0684 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:29:48.0609 0684 W32Time - ok
16:29:48.0614 0684 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:29:48.0625 0684 WacomPen - ok
16:29:48.0629 0684 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:29:48.0655 0684 WANARP - ok
16:29:48.0658 0684 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:29:48.0684 0684 Wanarpv6 - ok
16:29:48.0698 0684 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:29:48.0726 0684 wbengine - ok
16:29:48.0731 0684 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:29:48.0748 0684 WbioSrvc - ok
16:29:48.0754 0684 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:29:48.0773 0684 wcncsvc - ok
16:29:48.0776 0684 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:29:48.0790 0684 WcsPlugInService - ok
16:29:48.0793 0684 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:29:48.0802 0684 Wd - ok
16:29:48.0811 0684 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:29:48.0833 0684 Wdf01000 - ok
16:29:48.0837 0684 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:29:48.0860 0684 WdiServiceHost - ok
16:29:48.0863 0684 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:29:48.0879 0684 WdiSystemHost - ok
16:29:48.0884 0684 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:29:48.0902 0684 WebClient - ok
16:29:48.0907 0684 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:29:48.0938 0684 Wecsvc - ok
16:29:48.0942 0684 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:29:48.0971 0684 wercplsupport - ok
16:29:48.0975 0684 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:29:49.0004 0684 WerSvc - ok
16:29:49.0007 0684 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:29:49.0033 0684 WfpLwf - ok
16:29:49.0036 0684 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:29:49.0046 0684 WIMMount - ok
16:29:49.0048 0684 WinDefend - ok
16:29:49.0053 0684 WinHttpAutoProxySvc - ok
16:29:49.0060 0684 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:29:49.0089 0684 Winmgmt - ok
16:29:49.0124 0684 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:29:49.0172 0684 WinRM - ok
16:29:49.0185 0684 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:29:49.0209 0684 Wlansvc - ok
16:29:49.0213 0684 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:29:49.0224 0684 WmiAcpi - ok
16:29:49.0230 0684 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:29:49.0243 0684 wmiApSrv - ok
16:29:49.0246 0684 WMPNetworkSvc - ok
16:29:49.0250 0684 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:29:49.0263 0684 WPCSvc - ok
16:29:49.0267 0684 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:29:49.0283 0684 WPDBusEnum - ok
16:29:49.0286 0684 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:29:49.0312 0684 ws2ifsl - ok
16:29:49.0316 0684 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:29:49.0332 0684 wscsvc - ok
16:29:49.0335 0684 WSearch - ok
16:29:49.0359 0684 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:29:49.0400 0684 wuauserv - ok
16:29:49.0405 0684 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:29:49.0417 0684 WudfPf - ok
16:29:49.0420 0684 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:29:49.0433 0684 wudfsvc - ok
16:29:49.0438 0684 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:29:49.0456 0684 WwanSvc - ok
16:29:49.0460 0684 ================ Scan global ===============================
16:29:49.0462 0684 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:29:49.0467 0684 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:29:49.0473 0684 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:29:49.0478 0684 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:29:49.0484 0684 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:29:49.0488 0684 [Global] - ok
16:29:49.0488 0684 ================ Scan MBR ==================================
16:29:49.0490 0684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:29:49.0565 0684 \Device\Harddisk0\DR0 - ok
16:29:49.0567 0684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:29:49.0676 0684 \Device\Harddisk1\DR1 - ok
16:29:49.0676 0684 ================ Scan VBR ==================================
16:29:49.0678 0684 [ 5C33171B73BF004D5554220DE7C7FD85 ] \Device\Harddisk0\DR0\Partition1
16:29:49.0679 0684 \Device\Harddisk0\DR0\Partition1 - ok
16:29:49.0681 0684 [ 6106E0BBE207303E591C0926C6178CE7 ] \Device\Harddisk1\DR1\Partition1
16:29:49.0682 0684 \Device\Harddisk1\DR1\Partition1 - ok
16:29:49.0683 0684 ============================================================
16:29:49.0683 0684 Scan finished
16:29:49.0683 0684 ============================================================
16:29:49.0690 4460 Detected object count: 0
16:29:49.0690 4460 Actual detected object count: 0
upps flascher bb-code sry :/

markusg 09.01.2013 17:02
Sieht gut aus.
Probleme festzustellen deinerseits?
Wenn du mit unserer Arbeit zufrieden warst, möchte ich noch auf die Möglichkeit zu spenden hinweisen, damit wir dieses Board am leben halten können, link in meiner Signatur

herbcyy 09.01.2013 19:55
Nein keine weiteren Problem mehr :)
Vielen Dank für deine großartige HIilfe !

markusg 09.01.2013 19:57
Kein Problem, halte dich an alles hier gepostete, mache Regelmäßig, mindestens 1x pro Monat, backups, mit master boot sektor, und du solltest eig im Malware Bereich keine Hilfe mehr benötigen, bzw wenn mal ne Software instalation schief geht, backup zurück, und gut is.

herbcyy 10.01.2013 23:15
hi,
der Virus ist seit gerade eben wieder da :(( Hast du noch ne idee was ich machen könnte oder soll ich den PC wegbringen ?

markusg 11.01.2013 00:44
Hi
nutzt du illegal geladene dateien, Dateien von file hostern, illegale Streaming seiten wie Kinox.to?
lösche alle diese Dateien, nur dateien aufheben, die vom hersteller kommen, oder evtl. seiten wie Chip.de
hattest du ein Image des Systems angelegt, mit masterboot sektor, wie beschrieben? dann spiels zurück, ansonsten musst du die schose noch mal machen.

herbcyy 11.01.2013 09:17
Ja habe zum Glück ein Backup erstellt. Habe kino genutzt aber in der Sandbox,kann das trzdm schaden ?

Habe nochmal tdds killer laufen lassen:

Zitat:
10:07:59.0817 2092 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:07:59.0914 2092 ============================================================
10:07:59.0914 2092 Current date / time: 2013/01/11 10:07:59.0914
10:07:59.0914 2092 SystemInfo:
10:07:59.0914 2092
10:07:59.0914 2092 OS Version: 6.1.7601 ServicePack: 1.0
10:07:59.0914 2092 Product type: Workstation
10:07:59.0914 2092 ComputerName: JONAS-PC
10:07:59.0914 2092 UserName: Jonas
10:07:59.0914 2092 Windows directory: C:\Windows
10:07:59.0914 2092 System windows directory: C:\Windows
10:07:59.0914 2092 Running under WOW64
10:07:59.0914 2092 Processor architecture: Intel x64
10:07:59.0914 2092 Number of processors: 6
10:07:59.0914 2092 Page size: 0x1000
10:07:59.0914 2092 Boot type: Normal boot
10:07:59.0914 2092 ============================================================
10:08:00.0133 2092 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:08:00.0138 2092 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:08:00.0140 2092 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:08:00.0246 2092 ============================================================
10:08:00.0246 2092 \Device\Harddisk0\DR0:
10:08:00.0246 2092 MBR partitions:
10:08:00.0246 2092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D000
10:08:00.0246 2092 \Device\Harddisk1\DR1:
10:08:00.0246 2092 MBR partitions:
10:08:00.0246 2092 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
10:08:00.0246 2092 \Device\Harddisk2\DR2:
10:08:00.0275 2092 MBR partitions:
10:08:00.0275 2092 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
10:08:00.0275 2092 ============================================================
10:08:00.0276 2092 C: <-> \Device\Harddisk0\DR0\Partition1
10:08:00.0286 2092 D: <-> \Device\Harddisk1\DR1\Partition1
10:08:01.0558 2092 F: <-> \Device\Harddisk2\DR2\Partition1
10:08:01.0558 2092 ============================================================
10:08:01.0558 2092 Initialize success
10:08:01.0558 2092 ============================================================
10:08:08.0580 4628 ============================================================
10:08:08.0580 4628 Scan started
10:08:08.0580 4628 Mode: Manual; SigCheck; TDLFS;
10:08:08.0580 4628 ============================================================
10:08:26.0068 4628 ================ Scan system memory ========================
10:08:26.0068 4628 System memory - ok
10:08:26.0069 4628 ================ Scan services =============================
10:08:26.0094 4628 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:08:26.0147 4628 1394ohci - ok
10:08:26.0153 4628 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:08:26.0168 4628 ACPI - ok
10:08:26.0171 4628 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:08:26.0184 4628 AcpiPmi - ok
10:08:26.0199 4628 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:08:26.0212 4628 AdobeFlashPlayerUpdateSvc - ok
10:08:26.0219 4628 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:08:26.0236 4628 adp94xx - ok
10:08:26.0242 4628 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:08:26.0255 4628 adpahci - ok
10:08:26.0260 4628 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:08:26.0272 4628 adpu320 - ok
10:08:26.0278 4628 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:08:26.0306 4628 AeLookupSvc - ok
10:08:26.0313 4628 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:08:26.0329 4628 AFD - ok
10:08:26.0333 4628 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:08:26.0343 4628 agp440 - ok
10:08:26.0347 4628 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:08:26.0359 4628 ALG - ok
10:08:26.0362 4628 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:08:26.0372 4628 aliide - ok
10:08:26.0377 4628 [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:08:26.0394 4628 AMD External Events Utility - ok
10:08:26.0400 4628 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:08:26.0412 4628 amdide - ok
10:08:26.0416 4628 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:08:26.0427 4628 AmdK8 - ok
10:08:26.0496 4628 [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:08:26.0598 4628 amdkmdag - ok
10:08:26.0606 4628 [ 20B63276A1920B41E1C56720B395049B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:08:26.0622 4628 amdkmdap - ok
10:08:26.0626 4628 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:08:26.0637 4628 AmdPPM - ok
10:08:26.0641 4628 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:08:26.0652 4628 amdsata - ok
10:08:26.0657 4628 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:08:26.0669 4628 amdsbs - ok
10:08:26.0673 4628 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:08:26.0683 4628 amdxata - ok
10:08:26.0686 4628 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:08:26.0712 4628 AppID - ok
10:08:26.0716 4628 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:08:26.0743 4628 AppIDSvc - ok
10:08:26.0747 4628 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:08:26.0773 4628 Appinfo - ok
10:08:26.0777 4628 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:08:26.0788 4628 arc - ok
10:08:26.0792 4628 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:08:26.0803 4628 arcsas - ok
10:08:26.0806 4628 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:08:26.0820 4628 aswFsBlk - ok
10:08:26.0824 4628 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:08:26.0834 4628 aswMonFlt - ok
10:08:26.0837 4628 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
10:08:26.0847 4628 aswRdr - ok
10:08:26.0858 4628 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:08:26.0882 4628 aswSnx - ok
10:08:26.0888 4628 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:08:26.0902 4628 aswSP - ok
10:08:26.0906 4628 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:08:26.0915 4628 aswTdi - ok
10:08:26.0919 4628 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:08:26.0946 4628 AsyncMac - ok
10:08:26.0950 4628 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:08:26.0959 4628 atapi - ok
10:08:26.0965 4628 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:08:26.0975 4628 AtiHDAudioService - ok
10:08:26.0984 4628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:08:27.0017 4628 AudioEndpointBuilder - ok
10:08:27.0024 4628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:08:27.0054 4628 AudioSrv - ok
10:08:27.0058 4628 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:08:27.0067 4628 avast! Antivirus - ok
10:08:27.0072 4628 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:08:27.0087 4628 AxInstSV - ok
10:08:27.0095 4628 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:08:27.0110 4628 b06bdrv - ok
10:08:27.0115 4628 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:08:27.0130 4628 b57nd60a - ok
10:08:27.0135 4628 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:08:27.0147 4628 BDESVC - ok
10:08:27.0150 4628 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:08:27.0176 4628 Beep - ok
10:08:27.0185 4628 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:08:27.0217 4628 BFE - ok
10:08:27.0355 4628 [ 16CD537F0B237E9C92D131E6445200B9 ] BioNTDrv D:\program\BioNTDrv.SYS
10:08:27.0364 4628 BioNTDrv - ok
10:08:27.0374 4628 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:08:27.0409 4628 BITS - ok
10:08:27.0413 4628 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:08:27.0424 4628 blbdrive - ok
10:08:27.0428 4628 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:08:27.0440 4628 bowser - ok
10:08:27.0443 4628 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:08:27.0456 4628 BrFiltLo - ok
10:08:27.0459 4628 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:08:27.0471 4628 BrFiltUp - ok
10:08:27.0476 4628 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:08:27.0488 4628 Browser - ok
10:08:27.0493 4628 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:08:27.0507 4628 Brserid - ok
10:08:27.0511 4628 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:08:27.0524 4628 BrSerWdm - ok
10:08:27.0527 4628 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:08:27.0540 4628 BrUsbMdm - ok
10:08:27.0543 4628 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:08:27.0554 4628 BrUsbSer - ok
10:08:27.0559 4628 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:08:27.0571 4628 BTHMODEM - ok
10:08:27.0577 4628 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:08:27.0607 4628 bthserv - ok
10:08:27.0611 4628 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:08:27.0638 4628 cdfs - ok
10:08:27.0643 4628 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:08:27.0655 4628 cdrom - ok
10:08:27.0660 4628 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:08:27.0687 4628 CertPropSvc - ok
10:08:27.0690 4628 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:08:27.0704 4628 circlass - ok
10:08:27.0710 4628 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:08:27.0724 4628 CLFS - ok
10:08:27.0729 4628 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:27.0740 4628 clr_optimization_v2.0.50727_32 - ok
10:08:27.0745 4628 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:08:27.0755 4628 clr_optimization_v2.0.50727_64 - ok
10:08:27.0761 4628 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:08:27.0773 4628 clr_optimization_v4.0.30319_32 - ok
10:08:27.0779 4628 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:08:27.0789 4628 clr_optimization_v4.0.30319_64 - ok
10:08:27.0793 4628 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:08:27.0804 4628 CmBatt - ok
10:08:27.0808 4628 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:08:27.0818 4628 cmdide - ok
10:08:27.0825 4628 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
10:08:27.0846 4628 CNG - ok
10:08:27.0850 4628 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:08:27.0859 4628 Compbatt - ok
10:08:27.0863 4628 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:08:27.0876 4628 CompositeBus - ok
10:08:27.0880 4628 COMSysApp - ok
10:08:27.0884 4628 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:08:27.0894 4628 crcdisk - ok
10:08:27.0900 4628 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:08:27.0913 4628 CryptSvc - ok
10:08:27.0921 4628 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:08:27.0953 4628 DcomLaunch - ok
10:08:27.0959 4628 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:08:27.0989 4628 defragsvc - ok
10:08:27.0993 4628 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:08:28.0020 4628 DfsC - ok
10:08:28.0025 4628 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:08:28.0041 4628 Dhcp - ok
10:08:28.0045 4628 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:08:28.0071 4628 discache - ok
10:08:28.0075 4628 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:08:28.0086 4628 Disk - ok
10:08:28.0090 4628 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:08:28.0103 4628 Dnscache - ok
10:08:28.0108 4628 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:08:28.0137 4628 dot3svc - ok
10:08:28.0142 4628 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:08:28.0170 4628 DPS - ok
10:08:28.0173 4628 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:08:28.0186 4628 drmkaud - ok
10:08:28.0197 4628 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:08:28.0219 4628 DXGKrnl - ok
10:08:28.0224 4628 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:08:28.0251 4628 EapHost - ok
10:08:28.0280 4628 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:08:28.0327 4628 ebdrv - ok
10:08:28.0332 4628 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:08:28.0344 4628 EFS - ok
10:08:28.0351 4628 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:08:28.0368 4628 elxstor - ok
10:08:28.0372 4628 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:08:28.0383 4628 ErrDev - ok
10:08:28.0393 4628 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:08:28.0424 4628 EventSystem - ok
10:08:28.0429 4628 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:08:28.0457 4628 exfat - ok
10:08:28.0462 4628 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:08:28.0491 4628 fastfat - ok
10:08:28.0500 4628 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:08:28.0518 4628 Fax - ok
10:08:28.0522 4628 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:08:28.0533 4628 fdc - ok
10:08:28.0536 4628 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:08:28.0564 4628 fdPHost - ok
10:08:28.0567 4628 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:08:28.0595 4628 FDResPub - ok
10:08:28.0599 4628 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:08:28.0610 4628 FileInfo - ok
10:08:28.0613 4628 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:08:28.0641 4628 Filetrace - ok
10:08:28.0645 4628 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:08:28.0655 4628 flpydisk - ok
10:08:28.0661 4628 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:08:28.0674 4628 FltMgr - ok
10:08:28.0686 4628 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:08:28.0706 4628 FontCache - ok
10:08:28.0710 4628 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:08:28.0719 4628 FontCache3.0.0.0 - ok
10:08:28.0723 4628 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:08:28.0733 4628 FsDepends - ok
10:08:28.0737 4628 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:08:28.0747 4628 Fs_Rec - ok
10:08:28.0752 4628 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:08:28.0766 4628 fvevol - ok
10:08:28.0770 4628 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:08:28.0781 4628 gagp30kx - ok
10:08:28.0783 4628 gdrv - ok
10:08:28.0793 4628 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:08:28.0828 4628 gpsvc - ok
10:08:28.0832 4628 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:08:28.0842 4628 hcw85cir - ok
10:08:28.0848 4628 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:08:28.0864 4628 HdAudAddService - ok
10:08:28.0869 4628 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:08:28.0882 4628 HDAudBus - ok
10:08:28.0886 4628 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:08:28.0897 4628 HidBatt - ok
10:08:28.0901 4628 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:08:28.0915 4628 HidBth - ok
10:08:28.0919 4628 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:08:28.0932 4628 HidIr - ok
10:08:28.0936 4628 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:08:28.0964 4628 hidserv - ok
10:08:28.0967 4628 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:08:28.0978 4628 HidUsb - ok
10:08:28.0982 4628 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:08:29.0010 4628 hkmsvc - ok
10:08:29.0015 4628 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:08:29.0029 4628 HomeGroupListener - ok
10:08:29.0034 4628 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:08:29.0048 4628 HomeGroupProvider - ok
10:08:29.0052 4628 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:08:29.0063 4628 HpSAMD - ok
10:08:29.0071 4628 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:08:29.0105 4628 HTTP - ok
10:08:29.0110 4628 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:08:29.0119 4628 hwpolicy - ok
10:08:29.0123 4628 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:08:29.0134 4628 i8042prt - ok
10:08:29.0141 4628 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:08:29.0156 4628 iaStorV - ok
10:08:29.0166 4628 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:08:29.0186 4628 idsvc - ok
10:08:29.0190 4628 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:08:29.0200 4628 iirsp - ok
10:08:29.0210 4628 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:08:29.0245 4628 IKEEXT - ok
10:08:29.0250 4628 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:08:29.0260 4628 intelide - ok
10:08:29.0264 4628 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:08:29.0276 4628 intelppm - ok
10:08:29.0280 4628 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:08:29.0308 4628 IPBusEnum - ok
10:08:29.0312 4628 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:08:29.0338 4628 IpFilterDriver - ok
10:08:29.0345 4628 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:08:29.0363 4628 iphlpsvc - ok
10:08:29.0367 4628 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:08:29.0380 4628 IPMIDRV - ok
10:08:29.0384 4628 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:08:29.0412 4628 IPNAT - ok
10:08:29.0416 4628 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:08:29.0430 4628 IRENUM - ok
10:08:29.0434 4628 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:08:29.0443 4628 isapnp - ok
10:08:29.0449 4628 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:08:29.0462 4628 iScsiPrt - ok
10:08:29.0466 4628 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:08:29.0476 4628 kbdclass - ok
10:08:29.0480 4628 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:08:29.0492 4628 kbdhid - ok
10:08:29.0496 4628 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:08:29.0507 4628 KeyIso - ok
10:08:29.0511 4628 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:08:29.0522 4628 KSecDD - ok
10:08:29.0527 4628 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:08:29.0538 4628 KSecPkg - ok
10:08:29.0542 4628 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:08:29.0568 4628 ksthunk - ok
10:08:29.0575 4628 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:08:29.0606 4628 KtmRm - ok
10:08:29.0611 4628 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:08:29.0641 4628 LanmanServer - ok
10:08:29.0646 4628 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:08:29.0675 4628 LanmanWorkstation - ok
10:08:29.0680 4628 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:08:29.0707 4628 lltdio - ok
10:08:29.0713 4628 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:08:29.0743 4628 lltdsvc - ok
10:08:29.0746 4628 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:08:29.0773 4628 lmhosts - ok
10:08:29.0778 4628 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:08:29.0789 4628 LSI_FC - ok
10:08:29.0794 4628 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:08:29.0805 4628 LSI_SAS - ok
10:08:29.0809 4628 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:08:29.0819 4628 LSI_SAS2 - ok
10:08:29.0824 4628 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:08:29.0835 4628 LSI_SCSI - ok
10:08:29.0838 4628 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:08:29.0866 4628 luafv - ok
10:08:29.0870 4628 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:08:29.0880 4628 megasas - ok
10:08:29.0886 4628 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:08:29.0899 4628 MegaSR - ok
10:08:29.0903 4628 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:08:29.0931 4628 MMCSS - ok
10:08:29.0935 4628 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:08:29.0963 4628 Modem - ok
10:08:29.0967 4628 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:08:29.0979 4628 monitor - ok
10:08:29.0983 4628 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:08:29.0993 4628 mouclass - ok
10:08:29.0997 4628 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:08:30.0008 4628 mouhid - ok
10:08:30.0023 4628 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:08:30.0034 4628 mountmgr - ok
10:08:30.0043 4628 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:08:30.0055 4628 mpio - ok
10:08:30.0059 4628 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:08:30.0086 4628 mpsdrv - ok
10:08:30.0096 4628 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:08:30.0131 4628 MpsSvc - ok
10:08:30.0136 4628 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:08:30.0151 4628 MRxDAV - ok
10:08:30.0156 4628 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:08:30.0168 4628 mrxsmb - ok
10:08:30.0174 4628 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:08:30.0188 4628 mrxsmb10 - ok
10:08:30.0192 4628 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:08:30.0204 4628 mrxsmb20 - ok
10:08:30.0207 4628 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:08:30.0218 4628 msahci - ok
10:08:30.0222 4628 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:08:30.0233 4628 msdsm - ok
10:08:30.0238 4628 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:08:30.0252 4628 MSDTC - ok
10:08:30.0258 4628 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:08:30.0285 4628 Msfs - ok
10:08:30.0288 4628 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:08:30.0315 4628 mshidkmdf - ok
10:08:30.0318 4628 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:08:30.0328 4628 msisadrv - ok
10:08:30.0333 4628 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:08:30.0362 4628 MSiSCSI - ok
10:08:30.0365 4628 msiserver - ok
10:08:30.0369 4628 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:08:30.0396 4628 MSKSSRV - ok
10:08:30.0399 4628 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:08:30.0424 4628 MSPCLOCK - ok
10:08:30.0428 4628 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:08:30.0457 4628 MSPQM - ok
10:08:30.0463 4628 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:08:30.0508 4628 MsRPC - ok
10:08:30.0513 4628 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:08:30.0580 4628 mssmbios - ok
10:08:30.0584 4628 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:08:30.0688 4628 MSTEE - ok
10:08:30.0691 4628 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:08:30.0706 4628 MTConfig - ok
10:08:30.0710 4628 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:08:30.0808 4628 Mup - ok
10:08:30.0816 4628 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:08:30.0888 4628 napagent - ok
10:08:30.0894 4628 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:08:30.0916 4628 NativeWifiP - ok
10:08:30.0927 4628 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:08:31.0088 4628 NDIS - ok
10:08:31.0092 4628 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:08:31.0243 4628 NdisCap - ok
10:08:31.0246 4628 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:08:31.0317 4628 NdisTapi - ok
10:08:31.0321 4628 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:08:31.0419 4628 Ndisuio - ok
10:08:31.0424 4628 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:08:31.0549 4628 NdisWan - ok
10:08:31.0553 4628 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:08:31.0685 4628 NDProxy - ok
10:08:31.0689 4628 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:08:31.0846 4628 NetBIOS - ok
10:08:31.0851 4628 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:08:31.0941 4628 NetBT - ok
10:08:31.0945 4628 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:08:31.0955 4628 Netlogon - ok
10:08:31.0961 4628 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:08:32.0154 4628 Netman - ok
10:08:32.0160 4628 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:08:32.0192 4628 netprofm - ok
10:08:32.0198 4628 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:08:32.0282 4628 NetTcpPortSharing - ok
10:08:32.0286 4628 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:08:32.0296 4628 nfrd960 - ok
10:08:32.0301 4628 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:08:32.0405 4628 NlaSvc - ok
10:08:32.0412 4628 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:08:32.0499 4628 Npfs - ok
10:08:32.0502 4628 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:08:32.0607 4628 nsi - ok
10:08:32.0611 4628 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:08:32.0635 4628 nsiproxy - ok
10:08:32.0652 4628 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:08:32.0772 4628 Ntfs - ok
10:08:32.0776 4628 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:08:32.0801 4628 Null - ok
10:08:32.0805 4628 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:08:32.0905 4628 nvraid - ok
10:08:32.0909 4628 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:08:33.0012 4628 nvstor - ok
10:08:33.0016 4628 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:08:33.0028 4628 nv_agp - ok
10:08:33.0034 4628 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:08:33.0093 4628 ohci1394 - ok
10:08:33.0101 4628 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:08:33.0159 4628 p2pimsvc - ok
10:08:33.0166 4628 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:08:33.0189 4628 p2psvc - ok
10:08:33.0193 4628 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:08:33.0288 4628 Parport - ok
10:08:33.0292 4628 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:08:33.0405 4628 partmgr - ok
10:08:33.0409 4628 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:08:33.0426 4628 PcaSvc - ok
10:08:33.0430 4628 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:08:33.0561 4628 pci - ok
10:08:33.0565 4628 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:08:33.0657 4628 pciide - ok
10:08:33.0663 4628 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:08:33.0724 4628 pcmcia - ok
10:08:33.0727 4628 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:08:33.0737 4628 pcw - ok
10:08:33.0744 4628 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:08:33.0896 4628 PEAUTH - ok
10:08:33.0909 4628 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:08:33.0986 4628 PerfHost - ok
10:08:34.0006 4628 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:08:34.0176 4628 pla - ok
10:08:34.0182 4628 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:08:34.0197 4628 PlugPlay - ok
10:08:34.0201 4628 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:08:34.0335 4628 PNRPAutoReg - ok
10:08:34.0341 4628 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:08:34.0491 4628 PNRPsvc - ok
10:08:34.0498 4628 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:08:34.0626 4628 PolicyAgent - ok
10:08:34.0633 4628 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:08:34.0726 4628 Power - ok
10:08:34.0730 4628 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:08:34.0758 4628 PptpMiniport - ok
10:08:34.0762 4628 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:08:34.0838 4628 Processor - ok
10:08:34.0843 4628 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:08:34.0988 4628 ProfSvc - ok
10:08:34.0991 4628 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:08:35.0002 4628 ProtectedStorage - ok
10:08:35.0008 4628 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:08:35.0110 4628 Psched - ok
10:08:35.0114 4628 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
10:08:35.0183 4628 PSI - ok
10:08:35.0199 4628 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:08:35.0375 4628 ql2300 - ok
10:08:35.0380 4628 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:08:35.0419 4628 ql40xx - ok
10:08:35.0424 4628 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:08:35.0537 4628 QWAVE - ok
10:08:35.0540 4628 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:08:35.0554 4628 QWAVEdrv - ok
10:08:35.0557 4628 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:08:35.0584 4628 RasAcd - ok
10:08:35.0588 4628 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:08:35.0713 4628 RasAgileVpn - ok
10:08:35.0717 4628 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:08:35.0779 4628 RasAuto - ok
10:08:35.0784 4628 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:08:35.0810 4628 Rasl2tp - ok
10:08:35.0817 4628 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:08:35.0907 4628 RasMan - ok
10:08:35.0911 4628 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:08:36.0943 4628 RasPppoe - ok
10:08:36.0947 4628 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:08:37.0101 4628 RasSstp - ok
10:08:37.0107 4628 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:08:37.0136 4628 rdbss - ok
10:08:37.0139 4628 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:08:37.0154 4628 rdpbus - ok
10:08:37.0157 4628 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:08:37.0182 4628 RDPCDD - ok
10:08:37.0187 4628 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:08:37.0211 4628 RDPENCDD - ok
10:08:37.0216 4628 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:08:37.0241 4628 RDPREFMP - ok
10:08:37.0247 4628 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:08:37.0391 4628 RdpVideoMiniport - ok
10:08:37.0395 4628 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:08:37.0410 4628 RDPWD - ok
10:08:37.0416 4628 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:08:37.0509 4628 rdyboost - ok
10:08:37.0514 4628 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:08:37.0646 4628 RemoteAccess - ok
10:08:37.0651 4628 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:08:37.0683 4628 RemoteRegistry - ok
10:08:37.0686 4628 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:08:37.0714 4628 RpcEptMapper - ok
10:08:37.0718 4628 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:08:37.0730 4628 RpcLocator - ok
10:08:37.0736 4628 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:08:37.0842 4628 RpcSs - ok
10:08:37.0846 4628 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:08:37.0952 4628 rspndr - ok
10:08:37.0957 4628 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:08:38.0140 4628 RTL8167 - ok
10:08:38.0144 4628 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:08:38.0237 4628 SamSs - ok
10:08:38.0374 4628 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv D:\Sandboxie\SbieDrv.sys
10:08:38.0393 4628 SbieDrv - ok
10:08:38.0406 4628 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc D:\Sandboxie\SbieSvc.exe
10:08:38.0430 4628 SbieSvc - ok
10:08:38.0434 4628 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:08:38.0445 4628 sbp2port - ok
10:08:38.0449 4628 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:08:38.0507 4628 SCardSvr - ok
10:08:38.0513 4628 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:08:38.0652 4628 scfilter - ok
10:08:38.0663 4628 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:08:38.0803 4628 Schedule - ok
10:08:38.0807 4628 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:08:38.0832 4628 SCPolicySvc - ok
10:08:38.0838 4628 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:08:38.0853 4628 SDRSVC - ok
10:08:38.0856 4628 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:08:38.0884 4628 secdrv - ok
10:08:38.0887 4628 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:08:38.0985 4628 seclogon - ok
10:08:38.0998 4628 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:08:39.0097 4628 Secunia PSI Agent - ok
10:08:39.0105 4628 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
10:08:39.0186 4628 Secunia Update Agent - ok
10:08:39.0190 4628 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:08:39.0218 4628 SENS - ok
10:08:39.0221 4628 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:08:39.0266 4628 SensrSvc - ok
10:08:39.0270 4628 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:08:39.0328 4628 Serenum - ok
10:08:39.0332 4628 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:08:39.0344 4628 Serial - ok
10:08:39.0349 4628 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:08:39.0363 4628 sermouse - ok
10:08:39.0372 4628 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:08:39.0513 4628 SessionEnv - ok
10:08:39.0516 4628 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:08:39.0615 4628 sffdisk - ok
10:08:39.0618 4628 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:08:39.0631 4628 sffp_mmc - ok
10:08:39.0635 4628 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:08:39.0647 4628 sffp_sd - ok
10:08:39.0650 4628 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:08:39.0661 4628 sfloppy - ok
10:08:39.0666 4628 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:08:39.0745 4628 SharedAccess - ok
10:08:39.0751 4628 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:08:39.0845 4628 ShellHWDetection - ok
10:08:39.0848 4628 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:08:39.0859 4628 SiSRaid2 - ok
10:08:39.0862 4628 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:08:39.0970 4628 SiSRaid4 - ok
10:08:39.0976 4628 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:08:40.0111 4628 SkypeUpdate - ok
10:08:40.0114 4628 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:08:40.0142 4628 Smb - ok
10:08:40.0148 4628 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:08:40.0237 4628 SNMPTRAP - ok
10:08:40.0240 4628 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:08:40.0250 4628 spldr - ok
10:08:40.0257 4628 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:08:40.0401 4628 Spooler - ok
10:08:40.0431 4628 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:10:03.0308 4628 sppsvc - ok
10:10:03.0313 4628 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:10:03.0340 4628 sppuinotify - ok
10:10:03.0346 4628 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:10:03.0360 4628 srv - ok
10:10:03.0367 4628 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:10:03.0380 4628 srv2 - ok
10:10:03.0385 4628 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:10:03.0396 4628 srvnet - ok
10:10:03.0400 4628 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:10:03.0429 4628 SSDPSRV - ok
10:10:03.0433 4628 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:10:03.0459 4628 SstpSvc - ok
10:10:03.0462 4628 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:10:03.0472 4628 stexstor - ok
10:10:03.0479 4628 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:10:03.0500 4628 stisvc - ok
10:10:03.0503 4628 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:10:03.0512 4628 swenum - ok
10:10:03.0519 4628 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:10:03.0550 4628 swprv - ok
10:10:03.0566 4628 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:10:03.0599 4628 SysMain - ok
10:10:03.0603 4628 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:10:03.0618 4628 TabletInputService - ok
10:10:03.0623 4628 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:10:03.0652 4628 TapiSrv - ok
10:10:03.0656 4628 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:10:03.0683 4628 TBS - ok
10:10:03.0699 4628 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:10:03.0734 4628 Tcpip - ok
10:10:03.0751 4628 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:10:03.0778 4628 TCPIP6 - ok
10:10:03.0783 4628 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:10:03.0793 4628 tcpipreg - ok
10:10:03.0798 4628 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:10:03.0807 4628 TDPIPE - ok
10:10:03.0811 4628 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:10:03.0821 4628 TDTCP - ok
10:10:03.0824 4628 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:10:03.0850 4628 tdx - ok
10:10:03.0853 4628 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:10:03.0863 4628 TermDD - ok
10:10:03.0871 4628 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:10:03.0904 4628 TermService - ok
10:10:03.0907 4628 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:10:03.0922 4628 Themes - ok
10:10:03.0925 4628 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:10:03.0951 4628 THREADORDER - ok
10:10:03.0955 4628 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:10:03.0983 4628 TrkWks - ok
10:10:03.0987 4628 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:10:04.0012 4628 TrustedInstaller - ok
10:10:04.0017 4628 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:10:04.0041 4628 tssecsrv - ok
10:10:04.0044 4628 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:10:04.0054 4628 TsUsbFlt - ok
10:10:04.0058 4628 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:10:04.0083 4628 tunnel - ok
10:10:04.0087 4628 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:10:04.0097 4628 uagp35 - ok
10:10:04.0102 4628 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:10:04.0129 4628 udfs - ok
10:10:04.0136 4628 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:10:04.0149 4628 UI0Detect - ok
10:10:04.0152 4628 [ 34859D3801F4BD3DACFA131DD928455A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
10:10:04.0162 4628 UimBus - ok
10:10:04.0169 4628 [ D3CE4776E7FFB25E6935B1C797F4650C ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
10:10:04.0184 4628 Uim_IM - ok
10:10:04.0190 4628 [ 532E4BED5C7803B2EE5681818B2528B7 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
10:10:04.0203 4628 Uim_VIM - ok
10:10:04.0206 4628 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:10:04.0216 4628 uliagpkx - ok
10:10:04.0219 4628 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:10:04.0230 4628 umbus - ok
10:10:04.0233 4628 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:10:04.0243 4628 UmPass - ok
10:10:04.0249 4628 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:10:04.0279 4628 upnphost - ok
10:10:04.0283 4628 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:10:04.0295 4628 usbaudio - ok
10:10:04.0299 4628 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:10:04.0310 4628 usbccgp - ok
10:10:04.0313 4628 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:10:04.0326 4628 usbcir - ok
10:10:04.0329 4628 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:10:04.0339 4628 usbehci - ok
10:10:04.0344 4628 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:10:04.0357 4628 usbhub - ok
10:10:04.0361 4628 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:10:04.0371 4628 usbohci - ok
10:10:04.0374 4628 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:10:04.0385 4628 usbprint - ok
10:10:04.0389 4628 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:10:04.0400 4628 USBSTOR - ok
10:10:04.0402 4628 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:10:04.0413 4628 usbuhci - ok
10:10:04.0416 4628 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:10:04.0442 4628 UxSms - ok
10:10:04.0446 4628 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:10:04.0456 4628 VaultSvc - ok
10:10:04.0459 4628 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:10:04.0468 4628 vdrvroot - ok
10:10:04.0476 4628 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:10:04.0506 4628 vds - ok
10:10:04.0510 4628 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:10:04.0522 4628 vga - ok
10:10:04.0525 4628 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:10:04.0550 4628 VgaSave - ok
10:10:04.0555 4628 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:10:04.0566 4628 vhdmp - ok
10:10:04.0570 4628 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:10:04.0579 4628 viaide - ok
10:10:04.0583 4628 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:10:04.0593 4628 volmgr - ok
10:10:04.0598 4628 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:10:04.0612 4628 volmgrx - ok
10:10:04.0617 4628 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:10:04.0630 4628 volsnap - ok
10:10:04.0634 4628 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:10:04.0645 4628 vsmraid - ok
10:10:04.0660 4628 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:10:04.0703 4628 VSS - ok
10:10:04.0706 4628 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:10:04.0718 4628 vwifibus - ok
10:10:04.0724 4628 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:10:04.0755 4628 W32Time - ok
10:10:04.0760 4628 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:10:04.0770 4628 WacomPen - ok
10:10:04.0774 4628 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:10:04.0800 4628 WANARP - ok
10:10:04.0802 4628 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:10:04.0826 4628 Wanarpv6 - ok
10:10:04.0841 4628 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:10:04.0868 4628 wbengine - ok
10:10:04.0873 4628 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:10:04.0889 4628 WbioSrvc - ok
10:10:04.0895 4628 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:10:04.0914 4628 wcncsvc - ok
10:10:04.0917 4628 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:10:04.0929 4628 WcsPlugInService - ok
10:10:04.0932 4628 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:10:04.0941 4628 Wd - ok
10:10:04.0950 4628 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:10:04.0971 4628 Wdf01000 - ok
10:10:04.0974 4628 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:10:04.0990 4628 WdiServiceHost - ok
10:10:04.0993 4628 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:10:05.0008 4628 WdiSystemHost - ok
10:10:05.0012 4628 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:10:05.0030 4628 WebClient - ok
10:10:05.0035 4628 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:10:05.0064 4628 Wecsvc - ok
10:10:05.0068 4628 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:10:05.0096 4628 wercplsupport - ok
10:10:05.0100 4628 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:10:05.0127 4628 WerSvc - ok
10:10:05.0130 4628 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:10:05.0155 4628 WfpLwf - ok
10:10:05.0158 4628 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:10:05.0168 4628 WIMMount - ok
10:10:05.0171 4628 WinDefend - ok
10:10:05.0175 4628 WinHttpAutoProxySvc - ok
10:10:05.0183 4628 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:10:05.0210 4628 Winmgmt - ok
10:10:05.0229 4628 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:10:05.0275 4628 WinRM - ok
10:10:05.0288 4628 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:10:05.0312 4628 Wlansvc - ok
10:10:05.0315 4628 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:10:05.0326 4628 WmiAcpi - ok
10:10:05.0332 4628 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:10:05.0345 4628 wmiApSrv - ok
10:10:05.0348 4628 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:10:05.0359 4628 WPCSvc - ok
10:10:05.0363 4628 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:10:05.0376 4628 WPDBusEnum - ok
10:10:05.0379 4628 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:10:05.0403 4628 ws2ifsl - ok
10:10:05.0407 4628 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:10:05.0423 4628 wscsvc - ok
10:10:05.0426 4628 WSearch - ok
10:10:05.0449 4628 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:10:05.0490 4628 wuauserv - ok
10:10:05.0494 4628 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:10:05.0505 4628 WudfPf - ok
10:10:05.0509 4628 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:10:05.0521 4628 wudfsvc - ok
10:10:05.0526 4628 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:10:05.0542 4628 WwanSvc - ok
10:10:05.0546 4628 ================ Scan global ===============================
10:10:05.0549 4628 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:10:05.0553 4628 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:10:05.0560 4628 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:10:05.0565 4628 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:10:05.0570 4628 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:10:05.0575 4628 [Global] - ok
10:10:05.0575 4628 ================ Scan MBR ==================================
10:10:05.0577 4628 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:10:05.0654 4628 \Device\Harddisk0\DR0 - ok
10:10:05.0667 4628 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:10:05.0779 4628 \Device\Harddisk1\DR1 - ok
10:10:05.0908 4628 [ 180DBDE3AF7EA48B3DB3AC27B1DDF401 ] \Device\Harddisk2\DR2
10:10:24.0545 4628 \Device\Harddisk2\DR2 - ok
10:10:24.0545 4628 ================ Scan VBR ==================================
10:10:24.0547 4628 [ 5C33171B73BF004D5554220DE7C7FD85 ] \Device\Harddisk0\DR0\Partition1
10:10:24.0548 4628 \Device\Harddisk0\DR0\Partition1 - ok
10:10:24.0550 4628 [ 6106E0BBE207303E591C0926C6178CE7 ] \Device\Harddisk1\DR1\Partition1
10:10:24.0551 4628 \Device\Harddisk1\DR1\Partition1 - ok
10:10:24.0579 4628 [ CCF47C303FE06EAA54B08B6FA67CCC96 ] \Device\Harddisk2\DR2\Partition1
10:10:24.0729 4628 \Device\Harddisk2\DR2\Partition1 - ok
10:10:24.0729 4628 ============================================================
10:10:24.0729 4628 Scan finished
10:10:24.0729 4628 ============================================================
10:10:24.0737 4712 Detected object count: 0
10:10:24.0737 4712 Actual detected object count: 0
10:10:38.0391 5080 Deinitialize success
der findet nix oder ? Werde mein PC jzt wiederherstellen

Habe jetzt meinen PC wiederhergestellt. Habe dies über Paragon gestartet. Dort konnte ich auswählen welche Festplatte ich für die Wiederherstellung nutzen will, habe "D" gewählt. Jzt ist alles wieder da, aber auch der Logbericht den ich oben gepostet habe. Sollte der nicht eigentlich weg sein weil eigentlich habe ich mein System ja zurückgesetzt ?!

markusg 11.01.2013 16:18
hi
windows liegt doch auf c:
kinox.to ist illegal, die verbreiten jede menge Malware, also Finger weg von dem müll.

herbcyy 11.01.2013 17:21
d.h ich hätte es auf C neu installieren sollen und nicht auf d ? okey

markusg 11.01.2013 17:22
na laut deinem log liegt windows auf c: also musst du das laufwerk wiederherstellen.

herbcyy 13.01.2013 12:15
OKey, habs probiert aber jzt fehlt wieder die bootmgr :/ werde nochmal alles neu machen. Aber ist es überhaupt sicher dass der Virus auf jeden fall weg war ?

markusg 13.01.2013 17:06
Ja laut tdss killer ist nichts zu sehen.
erstelle das Image immer mit dem Masterboot sektor, gibts als Option anzuhaken.
du kannst ja noch mal mit fixmbr und fixboot vor der Instalation arbeiten.

herbcyy 14.01.2013 16:43
mh des is komisch. Habe wieder alles neu gemacht festplatte formatiert usw. aber der Virus is wieder da :/

markusg 14.01.2013 16:49
sind deine instalationsdateien aus legalen quellen? nutzt du streamingseiten? file hoster etc?
hast du ne externe platte oder sticks angeschlossen? war autorun deaktiviert?
trat das Problem direkt nach neu install auf?

herbcyy 14.01.2013 16:55
Nein benutze nur legale Sachen. Nur die externe Festplatte auf der paragon war. Nein tritt erst jzt wieder auf so 2 tage später. Hier tdds killer:

Zitat:
16:52:31.0620 4076 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:52:31.0680 4076 ============================================================
16:52:31.0680 4076 Current date / time: 2013/01/14 16:52:31.0680
16:52:31.0680 4076 SystemInfo:
16:52:31.0680 4076
16:52:31.0680 4076 OS Version: 6.1.7601 ServicePack: 1.0
16:52:31.0680 4076 Product type: Workstation
16:52:31.0680 4076 ComputerName: JONAS-PC
16:52:31.0680 4076 UserName: Jonas
16:52:31.0680 4076 Windows directory: C:\Windows
16:52:31.0680 4076 System windows directory: C:\Windows
16:52:31.0680 4076 Running under WOW64
16:52:31.0680 4076 Processor architecture: Intel x64
16:52:31.0680 4076 Number of processors: 6
16:52:31.0680 4076 Page size: 0x1000
16:52:31.0680 4076 Boot type: Normal boot
16:52:31.0680 4076 ============================================================
16:52:31.0891 4076 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:39.0219 4076 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:39.0229 4076 ============================================================
16:52:39.0229 4076 \Device\Harddisk0\DR0:
16:52:39.0229 4076 MBR partitions:
16:52:39.0229 4076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D000
16:52:39.0229 4076 \Device\Harddisk1\DR1:
16:52:39.0230 4076 MBR partitions:
16:52:39.0230 4076 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:52:39.0230 4076 ============================================================
16:52:39.0230 4076 C: <-> \Device\Harddisk0\DR0\Partition1
16:52:39.0524 4076 D: <-> \Device\Harddisk1\DR1\Partition1
16:52:39.0524 4076 ============================================================
16:52:39.0524 4076 Initialize success
16:52:39.0525 4076 ============================================================
16:52:45.0720 4792 ============================================================
16:52:45.0720 4792 Scan started
16:52:45.0720 4792 Mode: Manual; SigCheck; TDLFS;
16:52:45.0720 4792 ============================================================
16:52:45.0782 4792 ================ Scan system memory ========================
16:52:45.0782 4792 System memory - ok
16:52:45.0783 4792 ================ Scan services =============================
16:52:45.0809 4792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:52:45.0858 4792 1394ohci - ok
16:52:45.0863 4792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:52:45.0877 4792 ACPI - ok
16:52:45.0881 4792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:52:45.0893 4792 AcpiPmi - ok
16:52:45.0907 4792 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:45.0918 4792 AdobeFlashPlayerUpdateSvc - ok
16:52:45.0925 4792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:52:45.0940 4792 adp94xx - ok
16:52:45.0946 4792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:52:45.0959 4792 adpahci - ok
16:52:45.0964 4792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:52:45.0975 4792 adpu320 - ok
16:52:45.0982 4792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:52:46.0010 4792 AeLookupSvc - ok
16:52:46.0017 4792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:52:46.0033 4792 AFD - ok
16:52:46.0038 4792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:52:46.0049 4792 agp440 - ok
16:52:46.0053 4792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:52:46.0065 4792 ALG - ok
16:52:46.0069 4792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:52:46.0078 4792 aliide - ok
16:52:46.0084 4792 [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:52:46.0100 4792 AMD External Events Utility - ok
16:52:46.0104 4792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:52:46.0114 4792 amdide - ok
16:52:46.0118 4792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:52:46.0129 4792 AmdK8 - ok
16:52:46.0196 4792 [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:52:46.0297 4792 amdkmdag - ok
16:52:46.0305 4792 [ 20B63276A1920B41E1C56720B395049B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:52:46.0320 4792 amdkmdap - ok
16:52:46.0324 4792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:52:46.0335 4792 AmdPPM - ok
16:52:46.0339 4792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:52:46.0349 4792 amdsata - ok
16:52:46.0354 4792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:52:46.0365 4792 amdsbs - ok
16:52:46.0369 4792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:52:46.0378 4792 amdxata - ok
16:52:46.0382 4792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:52:46.0407 4792 AppID - ok
16:52:46.0411 4792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:52:46.0437 4792 AppIDSvc - ok
16:52:46.0441 4792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:52:46.0466 4792 Appinfo - ok
16:52:46.0470 4792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:52:46.0480 4792 arc - ok
16:52:46.0484 4792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:52:46.0494 4792 arcsas - ok
16:52:46.0498 4792 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:52:46.0510 4792 aswFsBlk - ok
16:52:46.0514 4792 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:52:46.0523 4792 aswMonFlt - ok
16:52:46.0527 4792 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
16:52:46.0535 4792 aswRdr - ok
16:52:46.0546 4792 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:52:46.0567 4792 aswSnx - ok
16:52:46.0573 4792 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:52:46.0586 4792 aswSP - ok
16:52:46.0590 4792 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:52:46.0599 4792 aswTdi - ok
16:52:46.0603 4792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:52:46.0631 4792 AsyncMac - ok
16:52:46.0634 4792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:52:46.0644 4792 atapi - ok
16:52:46.0650 4792 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:52:46.0660 4792 AtiHDAudioService - ok
16:52:46.0668 4792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:52:46.0699 4792 AudioEndpointBuilder - ok
16:52:46.0706 4792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:52:46.0735 4792 AudioSrv - ok
16:52:46.0739 4792 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:52:46.0747 4792 avast! Antivirus - ok
16:52:46.0751 4792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:52:46.0766 4792 AxInstSV - ok
16:52:46.0773 4792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:52:46.0787 4792 b06bdrv - ok
16:52:46.0793 4792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:52:46.0806 4792 b57nd60a - ok
16:52:46.0812 4792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:52:46.0823 4792 BDESVC - ok
16:52:46.0827 4792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:52:46.0852 4792 Beep - ok
16:52:46.0860 4792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:52:46.0892 4792 BFE - ok
16:52:46.0894 4792 BioNTDrv - ok
16:52:46.0907 4792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:52:46.0948 4792 BITS - ok
16:52:46.0952 4792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:52:46.0964 4792 blbdrive - ok
16:52:46.0969 4792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:52:46.0981 4792 bowser - ok
16:52:46.0985 4792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:52:46.0999 4792 BrFiltLo - ok
16:52:47.0003 4792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:52:47.0017 4792 BrFiltUp - ok
16:52:47.0022 4792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:52:47.0035 4792 Browser - ok
16:52:47.0040 4792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:52:47.0054 4792 Brserid - ok
16:52:47.0059 4792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:52:47.0073 4792 BrSerWdm - ok
16:52:47.0079 4792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:52:47.0092 4792 BrUsbMdm - ok
16:52:47.0096 4792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:52:47.0112 4792 BrUsbSer - ok
16:52:47.0116 4792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:52:47.0131 4792 BTHMODEM - ok
16:52:47.0137 4792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:52:47.0164 4792 bthserv - ok
16:52:47.0168 4792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:52:47.0202 4792 cdfs - ok
16:52:47.0207 4792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:52:47.0220 4792 cdrom - ok
16:52:47.0223 4792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:52:47.0253 4792 CertPropSvc - ok
16:52:47.0257 4792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:52:47.0269 4792 circlass - ok
16:52:47.0275 4792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:52:47.0288 4792 CLFS - ok
16:52:47.0294 4792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:52:47.0303 4792 clr_optimization_v2.0.50727_32 - ok
16:52:47.0308 4792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:52:47.0318 4792 clr_optimization_v2.0.50727_64 - ok
16:52:47.0324 4792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:52:47.0334 4792 clr_optimization_v4.0.30319_32 - ok
16:52:47.0340 4792 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:52:47.0350 4792 clr_optimization_v4.0.30319_64 - ok
16:52:47.0354 4792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:52:47.0364 4792 CmBatt - ok
16:52:47.0368 4792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:52:47.0377 4792 cmdide - ok
16:52:47.0384 4792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:52:47.0404 4792 CNG - ok
16:52:47.0408 4792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:52:47.0417 4792 Compbatt - ok
16:52:47.0421 4792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:52:47.0433 4792 CompositeBus - ok
16:52:47.0437 4792 COMSysApp - ok
16:52:47.0442 4792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:52:47.0451 4792 crcdisk - ok
16:52:47.0457 4792 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:52:47.0469 4792 CryptSvc - ok
16:52:47.0478 4792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:52:47.0510 4792 DcomLaunch - ok
16:52:47.0515 4792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:52:47.0545 4792 defragsvc - ok
16:52:47.0549 4792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:52:47.0575 4792 DfsC - ok
16:52:47.0581 4792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:52:47.0594 4792 Dhcp - ok
16:52:47.0598 4792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:52:47.0624 4792 discache - ok
16:52:47.0628 4792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:52:47.0638 4792 Disk - ok
16:52:47.0643 4792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:52:47.0654 4792 Dnscache - ok
16:52:47.0660 4792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:52:47.0687 4792 dot3svc - ok
16:52:47.0692 4792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:52:47.0719 4792 DPS - ok
16:52:47.0722 4792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:52:47.0734 4792 drmkaud - ok
16:52:47.0745 4792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:52:47.0766 4792 DXGKrnl - ok
16:52:47.0770 4792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:52:47.0797 4792 EapHost - ok
16:52:47.0825 4792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:52:47.0867 4792 ebdrv - ok
16:52:47.0872 4792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:52:47.0884 4792 EFS - ok
16:52:47.0893 4792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:52:47.0910 4792 ehRecvr - ok
16:52:47.0914 4792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:52:47.0926 4792 ehSched - ok
16:52:47.0933 4792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:52:47.0949 4792 elxstor - ok
16:52:47.0952 4792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:52:47.0963 4792 ErrDev - ok
16:52:47.0973 4792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:52:48.0004 4792 EventSystem - ok
16:52:48.0010 4792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:52:48.0038 4792 exfat - ok
16:52:48.0043 4792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:52:48.0070 4792 fastfat - ok
16:52:48.0079 4792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:52:48.0096 4792 Fax - ok
16:52:48.0100 4792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:52:48.0111 4792 fdc - ok
16:52:48.0115 4792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:52:48.0140 4792 fdPHost - ok
16:52:48.0144 4792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:52:48.0170 4792 FDResPub - ok
16:52:48.0174 4792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:52:48.0184 4792 FileInfo - ok
16:52:48.0188 4792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:52:48.0213 4792 Filetrace - ok
16:52:48.0217 4792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:52:48.0227 4792 flpydisk - ok
16:52:48.0233 4792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:52:48.0246 4792 FltMgr - ok
16:52:48.0257 4792 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
16:52:48.0295 4792 FontCache - ok
16:52:48.0299 4792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:52:48.0307 4792 FontCache3.0.0.0 - ok
16:52:48.0311 4792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:52:48.0321 4792 FsDepends - ok
16:52:48.0325 4792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:52:48.0335 4792 Fs_Rec - ok
16:52:48.0340 4792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:52:48.0354 4792 fvevol - ok
16:52:48.0359 4792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:52:48.0369 4792 gagp30kx - ok
16:52:48.0371 4792 gdrv - ok
16:52:48.0382 4792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:52:48.0415 4792 gpsvc - ok
16:52:48.0419 4792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:52:48.0429 4792 hcw85cir - ok
16:52:48.0435 4792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:52:48.0451 4792 HdAudAddService - ok
16:52:48.0455 4792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:52:48.0468 4792 HDAudBus - ok
16:52:48.0473 4792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:52:48.0484 4792 HidBatt - ok
16:52:48.0488 4792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:52:48.0501 4792 HidBth - ok
16:52:48.0504 4792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:52:48.0516 4792 HidIr - ok
16:52:48.0520 4792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:52:48.0547 4792 hidserv - ok
16:52:48.0550 4792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:52:48.0560 4792 HidUsb - ok
16:52:48.0564 4792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:52:48.0591 4792 hkmsvc - ok
16:52:48.0596 4792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:52:48.0609 4792 HomeGroupListener - ok
16:52:48.0614 4792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:52:48.0627 4792 HomeGroupProvider - ok
16:52:48.0631 4792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:52:48.0641 4792 HpSAMD - ok
16:52:48.0650 4792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:52:48.0681 4792 HTTP - ok
16:52:48.0685 4792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:52:48.0694 4792 hwpolicy - ok
16:52:48.0698 4792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:52:48.0709 4792 i8042prt - ok
16:52:48.0716 4792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:52:48.0730 4792 iaStorV - ok
16:52:48.0740 4792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:52:48.0758 4792 idsvc - ok
16:52:48.0762 4792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:52:48.0772 4792 iirsp - ok
16:52:48.0782 4792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:52:48.0816 4792 IKEEXT - ok
16:52:48.0821 4792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:52:48.0831 4792 intelide - ok
16:52:48.0834 4792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:52:48.0846 4792 intelppm - ok
16:52:48.0850 4792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:52:48.0877 4792 IPBusEnum - ok
16:52:48.0881 4792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:52:48.0906 4792 IpFilterDriver - ok
16:52:48.0913 4792 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:52:48.0930 4792 iphlpsvc - ok
16:52:48.0934 4792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:52:48.0945 4792 IPMIDRV - ok
16:52:48.0950 4792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:52:48.0977 4792 IPNAT - ok
16:52:48.0981 4792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:52:48.0994 4792 IRENUM - ok
16:52:48.0997 4792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:52:49.0007 4792 isapnp - ok
16:52:49.0013 4792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:52:49.0025 4792 iScsiPrt - ok
16:52:49.0029 4792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:52:49.0039 4792 kbdclass - ok
16:52:49.0043 4792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:52:49.0054 4792 kbdhid - ok
16:52:49.0057 4792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:52:49.0068 4792 KeyIso - ok
16:52:49.0072 4792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:52:49.0082 4792 KSecDD - ok
16:52:49.0087 4792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:52:49.0098 4792 KSecPkg - ok
16:52:49.0101 4792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:52:49.0128 4792 ksthunk - ok
16:52:49.0134 4792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:52:49.0165 4792 KtmRm - ok
16:52:49.0170 4792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:52:49.0199 4792 LanmanServer - ok
16:52:49.0203 4792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:52:49.0232 4792 LanmanWorkstation - ok
16:52:49.0237 4792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:52:49.0263 4792 lltdio - ok
16:52:49.0269 4792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:52:49.0298 4792 lltdsvc - ok
16:52:49.0302 4792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:52:49.0329 4792 lmhosts - ok
16:52:49.0335 4792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:52:49.0345 4792 LSI_FC - ok
16:52:49.0349 4792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:52:49.0359 4792 LSI_SAS - ok
16:52:49.0363 4792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:52:49.0372 4792 LSI_SAS2 - ok
16:52:49.0377 4792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:52:49.0387 4792 LSI_SCSI - ok
16:52:49.0391 4792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:52:49.0418 4792 luafv - ok
16:52:49.0422 4792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:52:49.0435 4792 Mcx2Svc - ok
16:52:49.0438 4792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:52:49.0448 4792 megasas - ok
16:52:49.0453 4792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:52:49.0465 4792 MegaSR - ok
16:52:49.0469 4792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:52:49.0497 4792 MMCSS - ok
16:52:49.0500 4792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:52:49.0527 4792 Modem - ok
16:52:49.0530 4792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:52:49.0543 4792 monitor - ok
16:52:49.0547 4792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:52:49.0557 4792 mouclass - ok
16:52:49.0560 4792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:52:49.0570 4792 mouhid - ok
16:52:49.0574 4792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:52:49.0584 4792 mountmgr - ok
16:52:49.0589 4792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:52:49.0600 4792 mpio - ok
16:52:49.0604 4792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:52:49.0630 4792 mpsdrv - ok
16:52:49.0640 4792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:52:49.0674 4792 MpsSvc - ok
16:52:49.0679 4792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:52:49.0694 4792 MRxDAV - ok
16:52:49.0699 4792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:52:49.0710 4792 mrxsmb - ok
16:52:49.0716 4792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:52:49.0729 4792 mrxsmb10 - ok
16:52:49.0733 4792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:52:49.0745 4792 mrxsmb20 - ok
16:52:49.0749 4792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:52:49.0758 4792 msahci - ok
16:52:49.0762 4792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:52:49.0773 4792 msdsm - ok
16:52:49.0778 4792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:52:49.0790 4792 MSDTC - ok
16:52:49.0798 4792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:52:49.0823 4792 Msfs - ok
16:52:49.0827 4792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:52:49.0852 4792 mshidkmdf - ok
16:52:49.0856 4792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:52:49.0865 4792 msisadrv - ok
16:52:49.0870 4792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:52:49.0898 4792 MSiSCSI - ok
16:52:49.0902 4792 msiserver - ok
16:52:49.0906 4792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:52:49.0931 4792 MSKSSRV - ok
16:52:49.0935 4792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:52:49.0960 4792 MSPCLOCK - ok
16:52:49.0964 4792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:52:49.0989 4792 MSPQM - ok
16:52:49.0995 4792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:52:50.0009 4792 MsRPC - ok
16:52:50.0015 4792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:52:50.0025 4792 mssmbios - ok
16:52:50.0028 4792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:52:50.0054 4792 MSTEE - ok
16:52:50.0058 4792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:52:50.0068 4792 MTConfig - ok
16:52:50.0072 4792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:52:50.0082 4792 Mup - ok
16:52:50.0089 4792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:52:50.0119 4792 napagent - ok
16:52:50.0125 4792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:52:50.0141 4792 NativeWifiP - ok
16:52:50.0153 4792 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:52:50.0174 4792 NDIS - ok
16:52:50.0178 4792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:52:50.0204 4792 NdisCap - ok
16:52:50.0207 4792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:52:50.0233 4792 NdisTapi - ok
16:52:50.0237 4792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:52:50.0263 4792 Ndisuio - ok
16:52:50.0268 4792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:52:50.0295 4792 NdisWan - ok
16:52:50.0299 4792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:52:50.0324 4792 NDProxy - ok
16:52:50.0328 4792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:52:50.0355 4792 NetBIOS - ok
16:52:50.0360 4792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:52:50.0387 4792 NetBT - ok
16:52:50.0390 4792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:52:50.0401 4792 Netlogon - ok
16:52:50.0415 4792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:52:50.0446 4792 Netman - ok
16:52:50.0453 4792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:52:50.0485 4792 netprofm - ok
16:52:50.0489 4792 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:52:50.0498 4792 NetTcpPortSharing - ok
16:52:50.0502 4792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:52:50.0512 4792 nfrd960 - ok
16:52:50.0518 4792 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:52:50.0531 4792 NlaSvc - ok
16:52:50.0535 4792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:52:50.0561 4792 Npfs - ok
16:52:50.0565 4792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:52:50.0592 4792 nsi - ok
16:52:50.0595 4792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:52:50.0620 4792 nsiproxy - ok
16:52:50.0637 4792 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:52:50.0667 4792 Ntfs - ok
16:52:50.0671 4792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:52:50.0698 4792 Null - ok
16:52:50.0702 4792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:52:50.0713 4792 nvraid - ok
16:52:50.0718 4792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:52:50.0729 4792 nvstor - ok
16:52:50.0733 4792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:52:50.0744 4792 nv_agp - ok
16:52:50.0749 4792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:52:50.0759 4792 ohci1394 - ok
16:52:50.0765 4792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:52:50.0780 4792 p2pimsvc - ok
16:52:50.0787 4792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:52:50.0802 4792 p2psvc - ok
16:52:50.0806 4792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:52:50.0818 4792 Parport - ok
16:52:50.0822 4792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:52:50.0833 4792 partmgr - ok
16:52:50.0837 4792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:52:50.0854 4792 PcaSvc - ok
16:52:50.0858 4792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:52:50.0869 4792 pci - ok
16:52:50.0873 4792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:52:50.0883 4792 pciide - ok
16:52:50.0888 4792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:52:50.0900 4792 pcmcia - ok
16:52:50.0903 4792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:52:50.0913 4792 pcw - ok
16:52:50.0921 4792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:52:50.0954 4792 PEAUTH - ok
16:52:50.0967 4792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:52:50.0979 4792 PerfHost - ok
16:52:50.0999 4792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:52:51.0039 4792 pla - ok
16:52:51.0046 4792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:52:51.0061 4792 PlugPlay - ok
16:52:51.0065 4792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:52:51.0076 4792 PNRPAutoReg - ok
16:52:51.0082 4792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:52:51.0095 4792 PNRPsvc - ok
16:52:51.0102 4792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:52:51.0132 4792 PolicyAgent - ok
16:52:51.0139 4792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:52:51.0168 4792 Power - ok
16:52:51.0173 4792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:52:51.0199 4792 PptpMiniport - ok
16:52:51.0203 4792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:52:51.0214 4792 Processor - ok
16:52:51.0219 4792 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:52:51.0232 4792 ProfSvc - ok
16:52:51.0235 4792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:52:51.0246 4792 ProtectedStorage - ok
16:52:51.0250 4792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:52:51.0276 4792 Psched - ok
16:52:51.0280 4792 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
16:52:51.0288 4792 PSI - ok
16:52:51.0303 4792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:52:51.0331 4792 ql2300 - ok
16:52:51.0336 4792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:52:51.0347 4792 ql40xx - ok
16:52:51.0352 4792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:52:51.0370 4792 QWAVE - ok
16:52:51.0373 4792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:52:51.0387 4792 QWAVEdrv - ok
16:52:51.0391 4792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:52:51.0416 4792 RasAcd - ok
16:52:51.0420 4792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:52:51.0446 4792 RasAgileVpn - ok
16:52:51.0451 4792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:52:51.0479 4792 RasAuto - ok
16:52:51.0483 4792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:52:51.0509 4792 Rasl2tp - ok
16:52:51.0515 4792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:52:51.0545 4792 RasMan - ok
16:52:51.0549 4792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:52:51.0576 4792 RasPppoe - ok
16:52:51.0580 4792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:52:51.0607 4792 RasSstp - ok
16:52:51.0612 4792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:52:51.0640 4792 rdbss - ok
16:52:51.0644 4792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:52:51.0656 4792 rdpbus - ok
16:52:51.0659 4792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:52:51.0684 4792 RDPCDD - ok
16:52:51.0689 4792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:52:51.0715 4792 RDPENCDD - ok
16:52:51.0721 4792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:52:51.0746 4792 RDPREFMP - ok
16:52:51.0751 4792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:52:51.0764 4792 RDPWD - ok
16:52:51.0768 4792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:52:51.0781 4792 rdyboost - ok
16:52:51.0785 4792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:52:51.0813 4792 RemoteAccess - ok
16:52:51.0817 4792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:52:51.0846 4792 RemoteRegistry - ok
16:52:51.0850 4792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:52:51.0877 4792 RpcEptMapper - ok
16:52:51.0881 4792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:52:51.0893 4792 RpcLocator - ok
16:52:51.0899 4792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:52:51.0928 4792 RpcSs - ok
16:52:51.0932 4792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:52:51.0959 4792 rspndr - ok
16:52:51.0964 4792 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:52:51.0975 4792 RTL8167 - ok
16:52:51.0979 4792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:52:51.0989 4792 SamSs - ok
16:52:51.0991 4792 SbieDrv - ok
16:52:51.0995 4792 SbieSvc - ok
16:52:52.0000 4792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:52:52.0011 4792 sbp2port - ok
16:52:52.0015 4792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:52:52.0044 4792 SCardSvr - ok
16:52:52.0048 4792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:52:52.0073 4792 scfilter - ok
16:52:52.0084 4792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:52:52.0121 4792 Schedule - ok
16:52:52.0125 4792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:52:52.0150 4792 SCPolicySvc - ok
16:52:52.0154 4792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:52:52.0167 4792 SDRSVC - ok
16:52:52.0171 4792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:52:52.0197 4792 secdrv - ok
16:52:52.0200 4792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:52:52.0227 4792 seclogon - ok
16:52:52.0240 4792 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:52:52.0265 4792 Secunia PSI Agent - ok
16:52:52.0273 4792 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:52:52.0289 4792 Secunia Update Agent - ok
16:52:52.0293 4792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:52:52.0321 4792 SENS - ok
16:52:52.0324 4792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:52:52.0336 4792 SensrSvc - ok
16:52:52.0339 4792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:52:52.0350 4792 Serenum - ok
16:52:52.0354 4792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:52:52.0365 4792 Serial - ok
16:52:52.0368 4792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:52:52.0379 4792 sermouse - ok
16:52:52.0389 4792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:52:52.0416 4792 SessionEnv - ok
16:52:52.0420 4792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:52:52.0433 4792 sffdisk - ok
16:52:52.0436 4792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:52:52.0450 4792 sffp_mmc - ok
16:52:52.0453 4792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:52:52.0466 4792 sffp_sd - ok
16:52:52.0470 4792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:52:52.0483 4792 sfloppy - ok
16:52:52.0490 4792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:52:52.0522 4792 SharedAccess - ok
16:52:52.0528 4792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:52:52.0559 4792 ShellHWDetection - ok
16:52:52.0563 4792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:52:52.0572 4792 SiSRaid2 - ok
16:52:52.0576 4792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:52:52.0586 4792 SiSRaid4 - ok
16:52:52.0590 4792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:52:52.0617 4792 Smb - ok
16:52:52.0635 4792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:52:52.0649 4792 SNMPTRAP - ok
16:52:52.0653 4792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:52:52.0662 4792 spldr - ok
16:52:52.0669 4792 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:52:52.0687 4792 Spooler - ok
16:52:52.0716 4792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:52:52.0779 4792 sppsvc - ok
16:52:52.0785 4792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:52:52.0814 4792 sppuinotify - ok
16:52:52.0821 4792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:52:52.0836 4792 srv - ok
16:52:52.0843 4792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:52:52.0857 4792 srv2 - ok
16:52:52.0863 4792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:52:52.0875 4792 srvnet - ok
16:52:52.0880 4792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:52:52.0910 4792 SSDPSRV - ok
16:52:52.0914 4792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:52:52.0944 4792 SstpSvc - ok
16:52:52.0948 4792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:52:52.0958 4792 stexstor - ok
16:52:52.0966 4792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:52:52.0987 4792 stisvc - ok
16:52:52.0991 4792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:52:53.0000 4792 swenum - ok
16:52:53.0006 4792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:52:53.0039 4792 swprv - ok
16:52:53.0056 4792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:52:53.0088 4792 SysMain - ok
16:52:53.0093 4792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:52:53.0109 4792 TabletInputService - ok
16:52:53.0114 4792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:52:53.0143 4792 TapiSrv - ok
16:52:53.0147 4792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:52:53.0175 4792 TBS - ok
16:52:53.0192 4792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:52:53.0226 4792 Tcpip - ok
16:52:53.0244 4792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:52:53.0271 4792 TCPIP6 - ok
16:52:53.0277 4792 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:52:53.0289 4792 tcpipreg - ok
16:52:53.0295 4792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:52:53.0306 4792 TDPIPE - ok
16:52:53.0310 4792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:52:53.0320 4792 TDTCP - ok
16:52:53.0325 4792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:52:53.0352 4792 tdx - ok
16:52:53.0357 4792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:52:53.0368 4792 TermDD - ok
16:52:53.0376 4792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:52:53.0409 4792 TermService - ok
16:52:53.0413 4792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:52:53.0428 4792 Themes - ok
16:52:53.0431 4792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:52:53.0457 4792 THREADORDER - ok
16:52:53.0461 4792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:52:53.0490 4792 TrkWks - ok
16:52:53.0494 4792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:52:53.0520 4792 TrustedInstaller - ok
16:52:53.0526 4792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:52:53.0551 4792 tssecsrv - ok
16:52:53.0555 4792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:52:53.0565 4792 TsUsbFlt - ok
16:52:53.0569 4792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:52:53.0595 4792 tunnel - ok
16:52:53.0598 4792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:52:53.0609 4792 uagp35 - ok
16:52:53.0614 4792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:52:53.0642 4792 udfs - ok
16:52:53.0649 4792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:52:53.0662 4792 UI0Detect - ok
16:52:53.0665 4792 [ 34859D3801F4BD3DACFA131DD928455A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
16:52:53.0675 4792 UimBus - ok
16:52:53.0683 4792 [ D3CE4776E7FFB25E6935B1C797F4650C ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
16:52:53.0698 4792 Uim_IM - ok
16:52:53.0704 4792 [ 532E4BED5C7803B2EE5681818B2528B7 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
16:52:53.0717 4792 Uim_VIM - ok
16:52:53.0720 4792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:52:53.0730 4792 uliagpkx - ok
16:52:53.0734 4792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:52:53.0745 4792 umbus - ok
16:52:53.0748 4792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:52:53.0758 4792 UmPass - ok
16:52:53.0764 4792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:52:53.0795 4792 upnphost - ok
16:52:53.0799 4792 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:52:53.0811 4792 usbaudio - ok
16:52:53.0815 4792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:52:53.0824 4792 usbccgp - ok
16:52:53.0828 4792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:52:53.0841 4792 usbcir - ok
16:52:53.0844 4792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:52:53.0855 4792 usbehci - ok
16:52:53.0860 4792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:52:53.0874 4792 usbhub - ok
16:52:53.0877 4792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:52:53.0888 4792 usbohci - ok
16:52:53.0891 4792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:52:53.0903 4792 usbprint - ok
16:52:53.0906 4792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:52:53.0917 4792 USBSTOR - ok
16:52:53.0920 4792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:52:53.0930 4792 usbuhci - ok
16:52:53.0934 4792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:52:53.0961 4792 UxSms - ok
16:52:53.0964 4792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:52:53.0975 4792 VaultSvc - ok
16:52:53.0979 4792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:52:53.0989 4792 vdrvroot - ok
16:52:53.0996 4792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:52:54.0030 4792 vds - ok
16:52:54.0035 4792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:52:54.0048 4792 vga - ok
16:52:54.0052 4792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:52:54.0078 4792 VgaSave - ok
16:52:54.0084 4792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:52:54.0095 4792 vhdmp - ok
16:52:54.0099 4792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:52:54.0109 4792 viaide - ok
16:52:54.0113 4792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:52:54.0123 4792 volmgr - ok
16:52:54.0130 4792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:52:54.0144 4792 volmgrx - ok
16:52:54.0150 4792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:52:54.0164 4792 volsnap - ok
16:52:54.0169 4792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:52:54.0181 4792 vsmraid - ok
16:52:54.0196 4792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:52:54.0239 4792 VSS - ok
16:52:54.0243 4792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:52:54.0255 4792 vwifibus - ok
16:52:54.0262 4792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:52:54.0294 4792 W32Time - ok
16:52:54.0300 4792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:52:54.0311 4792 WacomPen - ok
16:52:54.0315 4792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:52:54.0343 4792 WANARP - ok
16:52:54.0347 4792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:52:54.0374 4792 Wanarpv6 - ok
16:52:54.0389 4792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:52:54.0418 4792 wbengine - ok
16:52:54.0423 4792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:52:54.0440 4792 WbioSrvc - ok
16:52:54.0446 4792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:52:54.0464 4792 wcncsvc - ok
16:52:54.0467 4792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:52:54.0479 4792 WcsPlugInService - ok
16:52:54.0482 4792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:52:54.0491 4792 Wd - ok
16:52:54.0500 4792 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:52:54.0520 4792 Wdf01000 - ok
16:52:54.0524 4792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:52:54.0539 4792 WdiServiceHost - ok
16:52:54.0542 4792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:52:54.0557 4792 WdiSystemHost - ok
16:52:54.0562 4792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:52:54.0579 4792 WebClient - ok
16:52:54.0584 4792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:52:54.0614 4792 Wecsvc - ok
16:52:54.0618 4792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:52:54.0645 4792 wercplsupport - ok
16:52:54.0649 4792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:52:54.0676 4792 WerSvc - ok
16:52:54.0679 4792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:52:54.0705 4792 WfpLwf - ok
16:52:54.0708 4792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:52:54.0717 4792 WIMMount - ok
16:52:54.0719 4792 WinDefend - ok
16:52:54.0725 4792 WinHttpAutoProxySvc - ok
16:52:54.0733 4792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:52:54.0762 4792 Winmgmt - ok
16:52:54.0780 4792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:52:54.0828 4792 WinRM - ok
16:52:54.0842 4792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:52:54.0866 4792 Wlansvc - ok
16:52:54.0870 4792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:52:54.0880 4792 WmiAcpi - ok
16:52:54.0887 4792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:52:54.0899 4792 wmiApSrv - ok
16:52:54.0902 4792 WMPNetworkSvc - ok
16:52:54.0907 4792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:52:54.0918 4792 WPCSvc - ok
16:52:54.0922 4792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:52:54.0936 4792 WPDBusEnum - ok
16:52:54.0939 4792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:52:54.0965 4792 ws2ifsl - ok
16:52:54.0969 4792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:52:54.0985 4792 wscsvc - ok
16:52:54.0988 4792 WSearch - ok
16:52:55.0012 4792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:52:55.0056 4792 wuauserv - ok
16:52:55.0061 4792 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:52:55.0072 4792 WudfPf - ok
16:52:55.0076 4792 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:52:55.0089 4792 wudfsvc - ok
16:52:55.0094 4792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:52:55.0111 4792 WwanSvc - ok
16:52:55.0115 4792 ================ Scan global ===============================
16:52:55.0117 4792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:52:55.0122 4792 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:52:55.0129 4792 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:52:55.0134 4792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:52:55.0140 4792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:52:55.0145 4792 [Global] - ok
16:52:55.0145 4792 ================ Scan MBR ==================================
16:52:55.0147 4792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:52:55.0224 4792 \Device\Harddisk0\DR0 - ok
16:52:55.0227 4792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:52:55.0337 4792 \Device\Harddisk1\DR1 - ok
16:52:55.0337 4792 ================ Scan VBR ==================================
16:52:55.0339 4792 [ 26AF7119655800892A211D0D2BF43191 ] \Device\Harddisk0\DR0\Partition1
16:52:55.0340 4792 \Device\Harddisk0\DR0\Partition1 - ok
16:52:55.0344 4792 [ 362D71764E8DE26EE3709A22DE2CB9CB ] \Device\Harddisk1\DR1\Partition1
16:52:55.0345 4792 \Device\Harddisk1\DR1\Partition1 - ok
16:52:55.0345 4792 ============================================================
16:52:55.0345 4792 Scan finished
16:52:55.0345 4792 ============================================================
16:52:55.0354 4564 Detected object count: 0
16:52:55.0354 4564 Actual detected object count: 0

markusg 14.01.2013 17:03
hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

herbcyy 14.01.2013 18:44
Hoffe mal das ist das richtige:

Combofix Logfile:
Code:
ComboFix 13-01-14.01 - Jonas 14.01.2013  18:09:11.1.6 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4093.2435 [GMT 1:00]
ausgeführt von:: c:\users\Jonas\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-12-14 bis 2013-01-14  ))))))))))))))))))))))))))))))
.
.
2013-01-14 17:11 . 2013-01-14 17:11        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-01-14 09:22 . 2013-01-14 09:22        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{669603C2-0BF7-406E-8B39-09D7357AF69F}\offreg.dll
2013-01-13 23:08 . 2013-01-13 23:08        --------        d-----w-        c:\program files (x86)\Microsoft.NET
2013-01-13 13:18 . 2013-01-13 13:18        --------        d-----w-        c:\program files (x86)\TeamSpeak 3 Client
2013-01-13 12:47 . 2012-11-19 00:01        9125352        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{669603C2-0BF7-406E-8B39-09D7357AF69F}\mpengine.dll
2013-01-09 08:42 . 2013-01-09 08:42        --------        d-----w-        C:\Neuer Ordner 1
2013-01-09 08:40 . 2013-01-09 08:40        --------        d-----w-        c:\programdata\backup
2013-01-09 08:40 . 2013-01-09 08:40        --------        d-----w-        c:\programdata\explauncher
2013-01-09 08:40 . 2013-01-09 08:40        --------        d-----w-        c:\programdata\launcher
2013-01-09 08:19 . 2013-01-09 08:19        --------        d-----w-        c:\programdata\Panda Security
2013-01-09 08:19 . 2013-01-09 08:19        --------        d-----w-        c:\program files (x86)\Panda USB Vaccine
2013-01-09 02:17 . 2013-01-09 02:17        --------        d-----w-        c:\windows\system32\SPReview
2013-01-09 02:17 . 2013-01-09 02:17        --------        d-----w-        c:\windows\system32\EventProviders
2013-01-09 02:14 . 2010-11-20 13:27        1363968        ----a-w-        c:\windows\system32\wdc.dll
2013-01-09 02:13 . 2010-11-20 13:27        529408        ----a-w-        c:\windows\system32\wbemcomn.dll
2013-01-09 02:13 . 2010-11-20 13:27        244736        ----a-w-        c:\program files\Windows Portable Devices\sqmapi.dll
2013-01-09 02:13 . 2010-11-20 13:27        244736        ----a-w-        c:\windows\system32\sqmapi.dll
2013-01-09 02:01 . 2008-07-31 09:41        68616        ----a-w-        c:\windows\SysWow64\XAPOFX1_1.dll
2013-01-09 02:01 . 2008-07-31 09:40        509448        ----a-w-        c:\windows\SysWow64\XAudio2_2.dll
2013-01-09 02:01 . 2008-07-12 07:18        467984        ----a-w-        c:\windows\SysWow64\d3dx10_39.dll
2013-01-09 02:01 . 2008-07-12 07:18        1493528        ----a-w-        c:\windows\SysWow64\D3DCompiler_39.dll
2013-01-09 02:01 . 2008-07-12 07:18        3851784        ----a-w-        c:\windows\SysWow64\D3DX9_39.dll
2013-01-09 01:59 . 2013-01-09 01:59        --------        d--h--w-        c:\program files (x86)\InstallShield Installation Information
2013-01-09 01:59 . 2013-01-09 01:59        --------        d-----w-        C:\Riot Games
2013-01-08 22:31 . 2012-11-02 05:59        478208        ----a-w-        c:\windows\system32\dpnet.dll
2013-01-08 22:31 . 2012-11-02 05:11        376832        ----a-w-        c:\windows\SysWow64\dpnet.dll
2013-01-08 22:31 . 2010-11-20 12:58        3072        ----a-w-        c:\windows\system32\dpnaddr.dll
2013-01-08 22:31 . 2010-11-20 11:57        2560        ----a-w-        c:\windows\SysWow64\dpnaddr.dll
2013-01-08 21:57 . 2012-07-26 07:46        2560        ----a-w-        c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-01-08 21:57 . 2012-07-26 04:55        785512        ----a-w-        c:\windows\system32\drivers\Wdf01000.sys
2013-01-08 21:57 . 2012-07-26 04:55        54376        ----a-w-        c:\windows\system32\drivers\WdfLdr.sys
2013-01-08 21:57 . 2012-07-26 02:36        9728        ----a-w-        c:\windows\system32\Wdfres.dll
2013-01-08 21:53 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe
2013-01-08 21:49 . 2012-12-16 17:11        46080        ----a-w-        c:\windows\system32\atmlib.dll
2013-01-08 21:49 . 2012-12-16 14:45        367616        ----a-w-        c:\windows\system32\atmfd.dll
2013-01-08 21:49 . 2012-12-16 14:13        295424        ----a-w-        c:\windows\SysWow64\atmfd.dll
2013-01-08 21:49 . 2012-12-16 14:13        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2013-01-08 21:49 . 2010-09-30 10:41        100864        ----a-w-        c:\windows\system32\fontsub.dll
2013-01-08 21:49 . 2010-09-30 06:47        70656        ----a-w-        c:\windows\SysWow64\fontsub.dll
2013-01-08 21:48 . 2012-07-26 02:26        87040        ----a-w-        c:\windows\system32\drivers\WUDFPf.sys
2013-01-08 21:48 . 2012-07-26 02:26        198656        ----a-w-        c:\windows\system32\drivers\WUDFRd.sys
2013-01-08 21:48 . 2012-07-26 03:08        84992        ----a-w-        c:\windows\system32\WUDFSvc.dll
2013-01-08 21:48 . 2012-07-26 03:08        45056        ----a-w-        c:\windows\system32\WUDFCoinstaller.dll
2013-01-08 21:48 . 2012-07-26 03:08        194048        ----a-w-        c:\windows\system32\WUDFPlatform.dll
2013-01-08 21:48 . 2012-07-26 03:08        229888        ----a-w-        c:\windows\system32\WUDFHost.exe
2013-01-08 21:48 . 2012-07-26 03:08        744448        ----a-w-        c:\windows\system32\WUDFx.dll
2013-01-08 21:47 . 2012-03-01 06:46        23408        ----a-w-        c:\windows\system32\drivers\fs_rec.sys
2013-01-08 21:47 . 2012-03-01 06:33        81408        ----a-w-        c:\windows\system32\imagehlp.dll
2013-01-08 21:47 . 2012-03-01 05:33        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll
2013-01-08 21:47 . 2012-03-01 06:28        5120        ----a-w-        c:\windows\system32\wmi.dll
2013-01-08 21:47 . 2012-03-01 05:29        5120        ----a-w-        c:\windows\SysWow64\wmi.dll
2013-01-08 21:25 . 2013-01-14 16:28        --------        d-----w-        c:\programdata\PMB Files
2013-01-08 21:25 . 2013-01-08 21:25        --------        d-----w-        c:\program files (x86)\Pando Networks
2013-01-08 21:19 . 2012-10-30 22:51        370288        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-01-08 21:19 . 2012-10-30 22:51        25232        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-01-08 21:19 . 2012-10-30 22:51        59728        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-01-08 21:19 . 2012-10-30 22:51        984144        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-01-08 21:19 . 2012-10-30 22:51        71600        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-01-08 21:19 . 2012-10-30 22:50        285328        ----a-w-        c:\windows\system32\aswBoot.exe
2013-01-08 21:19 . 2012-10-15 16:59        54072        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-01-08 20:31 . 2013-01-08 20:31        --------        d-----r-        C:\Sandbox
2013-01-08 20:17 . 2012-10-30 22:51        41224        ----a-w-        c:\windows\avastSS.scr
2013-01-08 20:17 . 2012-10-30 22:50        227648        ----a-w-        c:\windows\SysWow64\aswBoot.exe
2013-01-08 20:17 . 2013-01-08 21:18        --------        d-----w-        c:\programdata\AVAST Software
2013-01-08 20:17 . 2013-01-08 21:18        --------        d-----w-        c:\program files\AVAST Software
2013-01-08 20:15 . 2013-01-08 20:15        --------        d-----w-        c:\program files (x86)\Secunia
2013-01-08 20:00 . 2012-12-16 16:31        67599240        ----a-w-        c:\windows\system32\MRT.exe
2013-01-08 19:13 . 2012-12-07 11:20        23552        ----a-w-        c:\windows\system32\oflc.rs
2013-01-08 19:12 . 2012-08-11 00:56        715776        ----a-w-        c:\windows\system32\kerberos.dll
2013-01-08 19:09 . 2012-06-02 05:41        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-01-08 19:09 . 2012-06-02 05:41        140288        ----a-w-        c:\windows\system32\cryptnet.dll
2013-01-08 19:09 . 2012-06-02 05:41        1464320        ----a-w-        c:\windows\system32\crypt32.dll
2013-01-08 19:09 . 2012-06-02 04:36        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2013-01-08 19:09 . 2012-06-02 04:36        1159680        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-01-08 19:09 . 2012-06-02 04:36        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-01-08 19:08 . 2013-01-08 19:08        74248        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 19:08 . 2013-01-08 19:08        697864        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-08 19:08 . 2013-01-08 19:08        --------        d-----w-        c:\windows\SysWow64\Macromed
2013-01-08 19:08 . 2013-01-08 19:08        --------        d-----w-        c:\windows\system32\Macromed
2013-01-08 19:00 . 2011-11-19 14:58        77312        ----a-w-        c:\windows\system32\packager.dll
2013-01-08 19:00 . 2011-11-19 14:01        67072        ----a-w-        c:\windows\SysWow64\packager.dll
2013-01-08 18:56 . 2013-01-08 18:56        --------        d-----w-        c:\programdata\ATI
2013-01-08 18:56 . 2013-01-08 18:56        0        ----a-w-        c:\windows\ativpsrm.bin
2013-01-08 18:55 . 2013-01-08 18:55        --------        d-----w-        c:\program files (x86)\Common Files\ATI Technologies
2013-01-08 18:55 . 2012-02-17 06:38        1031680        ----a-w-        c:\windows\system32\rdpcore.dll
2013-01-08 18:55 . 2012-02-17 05:34        826880        ----a-w-        c:\windows\SysWow64\rdpcore.dll
2013-01-08 18:55 . 2012-02-17 04:57        23552        ----a-w-        c:\windows\system32\drivers\tdtcp.sys
2013-01-08 18:55 . 2013-01-08 18:55        --------        d-----w-        c:\program files\Common Files\ATI Technologies
2013-01-08 18:54 . 2013-01-13 23:10        --------        d-sh--w-        c:\windows\Installer
2013-01-08 18:54 . 2013-01-08 18:55        --------        d-----w-        c:\program files (x86)\ATI Technologies
2013-01-08 18:54 . 2013-01-08 18:55        --------        d-----w-        c:\program files\ATI Technologies
2013-01-08 18:54 . 2013-01-08 18:54        --------        d-----w-        c:\program files\ATI
2013-01-08 18:54 . 2013-01-08 18:54        --------        d-----w-        C:\AMD
2013-01-08 18:51 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2013-01-08 18:51 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll
2013-01-08 18:51 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2013-01-08 18:51 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2013-01-08 18:51 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll
2013-01-08 18:51 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll
2013-01-08 18:51 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll
2013-01-08 18:51 . 2012-06-02 14:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2013-01-08 18:51 . 2012-06-02 14:15        36864        ----a-w-        c:\windows\system32\wuapp.exe
2013-01-08 18:51 . 2013-01-13 12:42        --------        d-----w-        c:\users\Jonas
2013-01-08 18:44 . 2013-01-08 18:50        --------        d-----w-        c:\windows\Panther
2013-01-08 18:44 . 2013-01-09 04:23        --------        d-----w-        C:\Boot
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 04:20 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll
2013-01-09 04:20 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll
2012-11-30 04:45 . 2013-01-08 19:13        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-08 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BioNTDrv;BioNTDrv;d:\program\BioNTDrv.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [2011-11-17 352816]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 68597232
*Deregistered* - 68597232
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 19:08]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2383450841-1444442981-759189576-1001Core.job
- c:\users\Jonas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-08 19:09]
.
2013-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2383450841-1444442981-759189576-1001UA.job
- c:\users\Jonas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-08 19:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50        133400        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-FileHippo.com - d:\filehippo.com\UpdateChecker.exe
Wow6432Node-HKCU-Run-SandboxieControl - d:\sandboxie\SbieCtrl.exe
AddRemove-FileHippo.com - d:\filehippo.com\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-14  18:13:08
ComboFix-quarantined-files.txt  2013-01-14 17:13
.
Vor Suchlauf: 10 Verzeichnis(se), 30.759.698.432 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 30.703.001.600 Bytes frei
.
- - End Of File - - F644A5228D2489248A97D504D7773D68
--- --- ---

markusg 14.01.2013 19:57
hattest du sandboxie etc nicht neu instaliert? oder hast du die platten nacheinander wiederhergestellt, denn wenn du programme auf nem andern laufwerk instalierst musst du alles auf einmal wiederherstellen.
ist e: überhaupt ein anderes laufwerk oder nur ne andere partition, denn wenns nur ne Partition is, ists eig quark das zu unterteilen, bringt nichts.

herbcyy 14.01.2013 20:38
ja habe Programme auf beiden Laufwerken gehabt. Wie kann man alles auf einmal herstellen ? E ist mein cd laufwerk wo ne cd drinne war

markusg 15.01.2013 21:28
hier mal die Anleitung:
download.paragon-software.com/doc/manual_brfree_2012_de.pdf
müsstest wohl beide aktivieren

herbcyy 17.01.2013 14:58
Kennst du die genaue Seite auf der das steht ? weil finde sie nicht :(

markusg 17.01.2013 15:06
du müsstes dann gesammte festplatte wiederherstellen wählen


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131