Danke für die schnelle Antwort, bei mir hat es jetzt leider erwas länger gedauert.
Die 3 Tools hab ich ausgeführt, hier sind die Logs.
mbar: Code:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 2145918976, free: 854261760
------------ Kernel report ------------
05/02/2013 18:23:52
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\l160x86.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\RMCAST.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\AtihdLH3.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff858c5298
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\
Lower Device Object: 0xffffffff850b1030
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.05.02.05
Downloaded database version: v2013.05.01.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff858c5298, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff859c8d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff858c5298, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff850d5878, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff850b1030, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffa56bd880, 0xffffffff858c5298, 0xffffffff84abbac8
Lower DeviceData: 0xffffffffa857d890, 0xffffffff850b1030, 0xffffffff84b28040
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 833BB482
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 148819968
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 148822016 Numsec = 632598528
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 400088457216 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-781402768-781422768)...
Done!
Performing system, memory and registry scan...
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\@ --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\00000001.@ --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\80000000.@ --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\800000cb.@ --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\L --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd --> [Trojan.Siredef.C]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Executing an action fixdamage.exe...
Success!
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 2145918976, free: 1070145536
Removal queue found; removal started
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\@...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\00000001.@...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\80000000.@...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\U\800000cb.@...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd\L...
Removing c:\$Recycle.Bin\S-1-5-21-768050684-2562350191-4118681763-1000\$b47637ad85ba612c55bf015ab3ee24cd...
Removal finished
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 2145918976, free: 886685696
------------ Kernel report ------------
05/02/2013 18:52:26
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\l160x86.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\system32\drivers\AtihdLH3.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\RMCAST.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff85cce2a0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\
Lower Device Object: 0xffffffff854b8b98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85cce2a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85dd1d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85cce2a0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff854b1a50, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff854b8b98, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffa8955408, 0xffffffff85cce2a0, 0xffffffff86a76988
Lower DeviceData: 0xffffffffa69954b8, 0xffffffff854b8b98, 0xffffffff86a8faf8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 833BB482
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 148819968
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 148822016 Numsec = 632598528
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 400088457216 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-781402768-781422768)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
======================================= aswMBR: Code:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-02 19:04:46
-----------------------------
19:04:46.348 OS Version: Windows 6.0.6002 Service Pack 2
19:04:46.349 Number of processors: 4 586 0xF0B
19:04:46.349 ComputerName: KALTEMUSCHI UserName: T!mo
19:04:46.880 Initialize success
19:07:29.916 AVAST engine defs: 13050200
19:11:17.005 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
19:11:17.007 Disk 0 Vendor: SAMSUNG_HD400LJ ZZ100-15 Size: 381554MB BusType: 3
19:11:17.162 Disk 0 MBR read successfully
19:11:17.164 Disk 0 MBR scan
19:11:17.178 Disk 0 Windows VISTA default MBR code
19:11:17.192 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 72666 MB offset 2048
19:11:17.212 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 308886 MB offset 148822016
19:11:17.238 Disk 0 scanning sectors +781420544
19:11:17.341 Disk 0 scanning C:\Windows\system32\drivers
19:11:26.740 Service scanning
19:11:48.103 Modules scanning
19:12:04.820 Disk 0 trace - called modules:
19:12:04.845 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
19:12:04.851 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85cce2a0]
19:12:04.856 3 CLASSPNP.SYS[887a18b3] -> nt!IofCallDriver -> [0x854b1a50]
19:12:04.861 5 acpi.sys[8069b6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0x854b8b98]
19:12:05.403 AVAST engine scan C:\Windows
19:12:07.338 AVAST engine scan C:\Windows\system32
19:14:26.750 AVAST engine scan C:\Windows\system32\drivers
19:14:36.213 AVAST engine scan C:\Users\T!mo
19:15:17.113 File: C:\Users\T!mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\1b782a6c-350df66d **INFECTED** Win32:Karagany-LM [Trj]
19:17:07.887 AVAST engine scan C:\ProgramData
19:18:01.112 Scan finished successfully
19:20:34.997 Disk 0 MBR has been saved successfully to "C:\Users\T!mo\Desktop\TB\MBR.dat"
19:20:35.003 The log file has been saved successfully to "C:\Users\T!mo\Desktop\TB\aswMBR.txt" TDSSKiller Code:
19:23:18.0223 2924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:23:19.0550 2924 ============================================================
19:23:19.0550 2924 Current date / time: 2013/05/02 19:23:19.0550
19:23:19.0550 2924 SystemInfo:
19:23:19.0550 2924
19:23:19.0550 2924 OS Version: 6.0.6002 ServicePack: 2.0
19:23:19.0550 2924 Product type: Workstation
19:23:19.0550 2924 ComputerName: KALTEMUSCHI
19:23:19.0550 2924 UserName: T!mo
19:23:19.0550 2924 Windows directory: C:\Windows
19:23:19.0550 2924 System windows directory: C:\Windows
19:23:19.0550 2924 Processor architecture: Intel x86
19:23:19.0550 2924 Number of processors: 4
19:23:19.0550 2924 Page size: 0x1000
19:23:19.0550 2924 Boot type: Normal boot
19:23:19.0550 2924 ============================================================
19:23:20.0507 2924 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:23:20.0508 2924 ============================================================
19:23:20.0508 2924 \Device\Harddisk0\DR0:
19:23:20.0508 2924 MBR partitions:
19:23:20.0508 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x8DED000
19:23:20.0509 2924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8DED800, BlocksNum 0x25B4B000
19:23:20.0509 2924 ============================================================
19:23:20.0537 2924 C: <-> \Device\Harddisk0\DR0\Partition1
19:23:20.0585 2924 D: <-> \Device\Harddisk0\DR0\Partition2
19:23:20.0585 2924 ============================================================
19:23:20.0586 2924 Initialize success
19:23:20.0586 2924 ============================================================
19:24:00.0708 3856 ============================================================
19:24:00.0708 3856 Scan started
19:24:00.0709 3856 Mode: Manual; SigCheck; TDLFS;
19:24:00.0709 3856 ============================================================
19:24:01.0107 3856 ================ Scan system memory ========================
19:24:01.0107 3856 System memory - ok
19:24:01.0107 3856 ================ Scan services =============================
19:24:01.0272 3856 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:24:01.0357 3856 ACPI - ok
19:24:01.0478 3856 [ DBD5934D88CDD8B8C255D857DF9F689B ] AddonsHelper C:\Users\T!mo\AppData\Local\Temp\OCS\Downloads\0674e23d6502b36621d489f1b4fbd22a\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
19:24:01.0551 3856 AddonsHelper ( UnsignedFile.Multi.Generic ) - warning
19:24:01.0551 3856 AddonsHelper - detected UnsignedFile.Multi.Generic (1)
19:24:01.0647 3856 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:24:01.0659 3856 AdobeARMservice - ok
19:24:01.0719 3856 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:24:01.0735 3856 AdobeFlashPlayerUpdateSvc - ok
19:24:01.0772 3856 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:24:01.0793 3856 adp94xx - ok
19:24:01.0826 3856 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:24:01.0841 3856 adpahci - ok
19:24:01.0855 3856 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:24:01.0866 3856 adpu160m - ok
19:24:01.0884 3856 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:24:01.0896 3856 adpu320 - ok
19:24:01.0931 3856 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:24:02.0018 3856 AeLookupSvc - ok
19:24:02.0073 3856 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:24:02.0104 3856 AFD - ok
19:24:02.0138 3856 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:24:02.0148 3856 agp440 - ok
19:24:02.0173 3856 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:24:02.0183 3856 aic78xx - ok
19:24:02.0204 3856 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:24:02.0308 3856 ALG - ok
19:24:02.0335 3856 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:24:02.0345 3856 aliide - ok
19:24:02.0384 3856 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:24:02.0448 3856 AMD External Events Utility - ok
19:24:02.0483 3856 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:24:02.0494 3856 amdagp - ok
19:24:02.0511 3856 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:24:02.0521 3856 amdide - ok
19:24:02.0552 3856 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:24:02.0701 3856 AmdK7 - ok
19:24:02.0733 3856 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:24:02.0796 3856 AmdK8 - ok
19:24:03.0011 3856 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:24:03.0358 3856 amdkmdag - ok
19:24:03.0390 3856 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:24:03.0418 3856 amdkmdap - ok
19:24:03.0506 3856 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:24:03.0517 3856 AntiVirSchedulerService - ok
19:24:03.0550 3856 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:24:03.0560 3856 AntiVirService - ok
19:24:03.0595 3856 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:24:03.0654 3856 Appinfo - ok
19:24:03.0676 3856 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:24:03.0686 3856 arc - ok
19:24:03.0730 3856 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:24:03.0742 3856 arcsas - ok
19:24:03.0789 3856 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:24:03.0834 3856 AsyncMac - ok
19:24:03.0861 3856 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:24:03.0872 3856 atapi - ok
19:24:03.0904 3856 [ 55907C61656449CA8534C323D6EABC89 ] AtcL001 C:\Windows\system32\DRIVERS\l160x86.sys
19:24:03.0932 3856 AtcL001 - ok
19:24:03.0983 3856 [ DDCF63069542F513F3A26FA060F84B4C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
19:24:04.0012 3856 AtiHDAudioService - ok
19:24:04.0051 3856 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:24:04.0086 3856 atksgt - ok
19:24:04.0148 3856 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:24:04.0186 3856 AudioEndpointBuilder - ok
19:24:04.0191 3856 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:24:04.0211 3856 Audiosrv - ok
19:24:04.0251 3856 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:24:04.0262 3856 avgntflt - ok
19:24:04.0291 3856 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:24:04.0304 3856 avipbb - ok
19:24:04.0314 3856 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:24:04.0323 3856 avkmgr - ok
19:24:04.0369 3856 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:24:04.0400 3856 Beep - ok
19:24:04.0441 3856 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:24:04.0483 3856 BFE - ok
19:24:04.0538 3856 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:24:04.0583 3856 BITS - ok
19:24:04.0587 3856 blbdrive - ok
19:24:04.0615 3856 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:24:04.0641 3856 bowser - ok
19:24:04.0682 3856 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:24:04.0713 3856 BrFiltLo - ok
19:24:04.0730 3856 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:24:04.0767 3856 BrFiltUp - ok
19:24:04.0799 3856 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:24:04.0829 3856 Browser - ok
19:24:04.0850 3856 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:24:04.0902 3856 Brserid - ok
19:24:04.0913 3856 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:24:04.0961 3856 BrSerWdm - ok
19:24:04.0974 3856 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:24:05.0024 3856 BrUsbMdm - ok
19:24:05.0027 3856 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:24:05.0082 3856 BrUsbSer - ok
19:24:05.0102 3856 BTCFilterService - ok
19:24:05.0131 3856 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:24:05.0178 3856 BTHMODEM - ok
19:24:05.0209 3856 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:24:05.0250 3856 cdfs - ok
19:24:05.0285 3856 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:24:05.0314 3856 cdrom - ok
19:24:05.0348 3856 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:24:05.0379 3856 CertPropSvc - ok
19:24:05.0403 3856 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:24:05.0453 3856 circlass - ok
19:24:05.0483 3856 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:24:05.0499 3856 CLFS - ok
19:24:05.0546 3856 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:24:05.0556 3856 clr_optimization_v2.0.50727_32 - ok
19:24:05.0644 3856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:24:05.0657 3856 clr_optimization_v4.0.30319_32 - ok
19:24:05.0668 3856 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:24:05.0678 3856 cmdide - ok
19:24:05.0694 3856 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:24:05.0704 3856 Compbatt - ok
19:24:05.0707 3856 COMSysApp - ok
19:24:05.0788 3856 cpuz135 - ok
19:24:05.0810 3856 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:24:05.0821 3856 crcdisk - ok
19:24:05.0838 3856 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:24:05.0888 3856 Crusoe - ok
19:24:05.0936 3856 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:24:05.0966 3856 CryptSvc - ok
19:24:06.0018 3856 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:24:06.0077 3856 DcomLaunch - ok
19:24:06.0114 3856 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:24:06.0150 3856 DfsC - ok
19:24:06.0231 3856 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:24:06.0400 3856 DFSR - ok
19:24:06.0450 3856 [ 73FC5BC52572084EC1241514CF6230A0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:24:06.0459 3856 dg_ssudbus - ok
19:24:06.0531 3856 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:24:06.0567 3856 Dhcp - ok
19:24:06.0624 3856 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:24:06.0635 3856 disk - ok
19:24:06.0692 3856 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:24:06.0733 3856 Dnscache - ok
19:24:06.0777 3856 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:24:06.0803 3856 dot3svc - ok
19:24:06.0843 3856 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:24:06.0878 3856 DPS - ok
19:24:06.0913 3856 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:24:06.0942 3856 drmkaud - ok
19:24:06.0972 3856 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:24:06.0984 3856 dtsoftbus01 - ok
19:24:07.0028 3856 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:24:07.0056 3856 DXGKrnl - ok
19:24:07.0128 3856 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:24:07.0179 3856 E1G60 - ok
19:24:07.0207 3856 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:24:07.0236 3856 EapHost - ok
19:24:07.0280 3856 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:24:07.0293 3856 Ecache - ok
19:24:07.0329 3856 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:24:07.0344 3856 elxstor - ok
19:24:07.0385 3856 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:24:07.0427 3856 EMDMgmt - ok
19:24:07.0483 3856 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:24:07.0514 3856 EventSystem - ok
19:24:07.0545 3856 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:24:07.0587 3856 exfat - ok
19:24:07.0601 3856 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:24:07.0626 3856 fastfat - ok
19:24:07.0658 3856 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:24:07.0689 3856 fdc - ok
19:24:07.0710 3856 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:24:07.0756 3856 fdPHost - ok
19:24:07.0786 3856 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:24:07.0825 3856 FDResPub - ok
19:24:07.0836 3856 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:24:07.0847 3856 FileInfo - ok
19:24:07.0864 3856 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:24:07.0901 3856 Filetrace - ok
19:24:07.0905 3856 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:24:07.0941 3856 flpydisk - ok
19:24:07.0982 3856 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:24:07.0996 3856 FltMgr - ok
19:24:08.0071 3856 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:24:08.0127 3856 FontCache - ok
19:24:08.0185 3856 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:24:08.0195 3856 FontCache3.0.0.0 - ok
19:24:08.0218 3856 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:24:08.0264 3856 Fs_Rec - ok
19:24:08.0317 3856 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
19:24:08.0328 3856 Futuremark SystemInfo Service - ok
19:24:08.0364 3856 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:24:08.0374 3856 gagp30kx - ok
19:24:08.0414 3856 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:24:08.0446 3856 gpsvc - ok
19:24:08.0468 3856 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:24:08.0478 3856 hamachi - ok
19:24:08.0535 3856 Hamachi2Svc - ok
19:24:08.0572 3856 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:24:08.0626 3856 HdAudAddService - ok
19:24:08.0663 3856 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:24:08.0698 3856 HDAudBus - ok
19:24:08.0723 3856 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:24:08.0783 3856 HidBth - ok
19:24:08.0797 3856 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:24:08.0859 3856 HidIr - ok
19:24:08.0891 3856 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:24:08.0929 3856 hidserv - ok
19:24:08.0958 3856 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:24:08.0977 3856 HidUsb - ok
19:24:09.0006 3856 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:24:09.0059 3856 hkmsvc - ok
19:24:09.0078 3856 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:24:09.0088 3856 HpCISSs - ok
19:24:09.0128 3856 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:24:09.0163 3856 HTTP - ok
19:24:09.0176 3856 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:24:09.0186 3856 i2omp - ok
19:24:09.0233 3856 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:24:09.0264 3856 i8042prt - ok
19:24:09.0285 3856 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:24:09.0299 3856 iaStorV - ok
19:24:09.0368 3856 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:24:09.0403 3856 idsvc - ok
19:24:09.0419 3856 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:24:09.0429 3856 iirsp - ok
19:24:09.0463 3856 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:24:09.0508 3856 IKEEXT - ok
19:24:09.0586 3856 [ 4FA59A84069D9D0991BAE34CC4AFF99C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:24:09.0648 3856 IntcAzAudAddService - ok
19:24:09.0675 3856 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:24:09.0685 3856 intelide - ok
19:24:09.0699 3856 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:24:09.0721 3856 intelppm - ok
19:24:09.0750 3856 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:24:09.0780 3856 IPBusEnum - ok
19:24:09.0798 3856 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:24:09.0839 3856 IpFilterDriver - ok
19:24:09.0868 3856 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:24:09.0899 3856 iphlpsvc - ok
19:24:09.0902 3856 IpInIp - ok
19:24:09.0929 3856 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:24:09.0979 3856 IPMIDRV - ok
19:24:09.0995 3856 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:24:10.0027 3856 IPNAT - ok
19:24:10.0059 3856 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:24:10.0081 3856 IRENUM - ok
19:24:10.0094 3856 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:24:10.0104 3856 isapnp - ok
19:24:10.0134 3856 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:24:10.0148 3856 iScsiPrt - ok
19:24:10.0164 3856 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:24:10.0174 3856 iteatapi - ok
19:24:10.0184 3856 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:24:10.0195 3856 iteraid - ok
19:24:10.0219 3856 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:24:10.0231 3856 kbdclass - ok
19:24:10.0252 3856 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:24:10.0298 3856 kbdhid - ok
19:24:10.0327 3856 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:24:10.0357 3856 KeyIso - ok
19:24:10.0389 3856 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:24:10.0412 3856 KSecDD - ok
19:24:10.0455 3856 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:24:10.0504 3856 KtmRm - ok
19:24:10.0519 3856 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:24:10.0552 3856 LanmanServer - ok
19:24:10.0595 3856 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:24:10.0636 3856 LanmanWorkstation - ok
19:24:10.0658 3856 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:24:10.0667 3856 lirsgt - ok
19:24:10.0692 3856 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:24:10.0729 3856 lltdio - ok
19:24:10.0747 3856 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:24:10.0780 3856 lltdsvc - ok
19:24:10.0809 3856 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:24:10.0878 3856 lmhosts - ok
19:24:10.0911 3856 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:24:10.0922 3856 LSI_FC - ok
19:24:10.0934 3856 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:24:10.0945 3856 LSI_SAS - ok
19:24:10.0962 3856 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:24:10.0972 3856 LSI_SCSI - ok
19:24:11.0001 3856 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:24:11.0036 3856 luafv - ok
19:24:11.0071 3856 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:24:11.0083 3856 MBAMProtector - ok
19:24:11.0166 3856 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:24:11.0187 3856 MBAMScheduler - ok
19:24:11.0243 3856 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
19:24:11.0273 3856 MBAMService - ok
19:24:11.0312 3856 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:24:11.0322 3856 megasas - ok
19:24:11.0350 3856 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:24:11.0403 3856 MMCSS - ok
19:24:11.0416 3856 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:24:11.0453 3856 Modem - ok
19:24:11.0488 3856 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:24:11.0510 3856 monitor - ok
19:24:11.0513 3856 motandroidusb - ok
19:24:11.0528 3856 motccgp - ok
19:24:11.0531 3856 motccgpfl - ok
19:24:11.0591 3856 [ FDF0D78147DA8B2A93FE42D9A14C1B0B ] Motorola Device Manager C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
19:24:11.0601 3856 Motorola Device Manager - ok
19:24:11.0605 3856 MotoSwitchService - ok
19:24:11.0624 3856 Motousbnet - ok
19:24:11.0627 3856 motusbdevice - ok
19:24:11.0636 3856 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:24:11.0647 3856 mouclass - ok
19:24:11.0677 3856 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:24:11.0698 3856 mouhid - ok
19:24:11.0732 3856 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:24:11.0743 3856 MountMgr - ok
19:24:11.0780 3856 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:24:11.0792 3856 MozillaMaintenance - ok
19:24:11.0836 3856 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:24:11.0849 3856 mpio - ok
19:24:11.0863 3856 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:24:11.0892 3856 mpsdrv - ok
19:24:11.0929 3856 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:24:11.0970 3856 MpsSvc - ok
19:24:11.0988 3856 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:24:11.0998 3856 Mraid35x - ok
19:24:12.0028 3856 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:24:12.0054 3856 MRxDAV - ok
19:24:12.0083 3856 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:24:12.0105 3856 mrxsmb - ok
19:24:12.0123 3856 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:24:12.0137 3856 mrxsmb10 - ok
19:24:12.0150 3856 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:24:12.0170 3856 mrxsmb20 - ok
19:24:12.0182 3856 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:24:12.0193 3856 msahci - ok
19:24:12.0210 3856 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:24:12.0222 3856 msdsm - ok
19:24:12.0247 3856 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:24:12.0271 3856 MSDTC - ok
19:24:12.0320 3856 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:24:12.0352 3856 Msfs - ok
19:24:12.0372 3856 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:24:12.0383 3856 msisadrv - ok
19:24:12.0408 3856 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:24:12.0431 3856 MSiSCSI - ok
19:24:12.0434 3856 msiserver - ok
19:24:12.0450 3856 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:24:12.0479 3856 MSKSSRV - ok
19:24:12.0496 3856 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:24:12.0525 3856 MSPCLOCK - ok
19:24:12.0551 3856 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:24:12.0586 3856 MSPQM - ok
19:24:12.0627 3856 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:24:12.0642 3856 MsRPC - ok
19:24:12.0667 3856 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:24:12.0678 3856 mssmbios - ok
19:24:12.0702 3856 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:24:12.0739 3856 MSTEE - ok
19:24:12.0785 3856 [ DCDAAB8697A47894A554050CE18D0B56 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:24:12.0809 3856 MTsensor - ok
19:24:12.0837 3856 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:24:12.0849 3856 Mup - ok
19:24:12.0883 3856 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:24:12.0905 3856 napagent - ok
19:24:12.0945 3856 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:24:12.0969 3856 NativeWifiP - ok
19:24:12.0998 3856 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:24:13.0023 3856 NDIS - ok
19:24:13.0045 3856 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:24:13.0070 3856 NdisTapi - ok
19:24:13.0081 3856 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:24:13.0113 3856 Ndisuio - ok
19:24:13.0130 3856 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:24:13.0148 3856 NdisWan - ok
19:24:13.0160 3856 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:24:13.0186 3856 NDProxy - ok
19:24:13.0193 3856 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:24:13.0215 3856 NetBIOS - ok
19:24:13.0244 3856 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:24:13.0273 3856 netbt - ok
19:24:13.0279 3856 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:24:13.0291 3856 Netlogon - ok
19:24:13.0327 3856 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:24:13.0364 3856 Netman - ok
19:24:13.0384 3856 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:24:13.0417 3856 netprofm - ok
19:24:13.0451 3856 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:24:13.0461 3856 NetTcpPortSharing - ok
19:24:13.0490 3856 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:24:13.0500 3856 nfrd960 - ok
19:24:13.0518 3856 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:24:13.0554 3856 NlaSvc - ok
19:24:13.0579 3856 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:24:13.0611 3856 Npfs - ok
19:24:13.0629 3856 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:24:13.0666 3856 nsi - ok
19:24:13.0683 3856 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:24:13.0714 3856 nsiproxy - ok
19:24:13.0770 3856 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:24:13.0811 3856 Ntfs - ok
19:24:13.0839 3856 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:24:13.0885 3856 ntrigdigi - ok
19:24:13.0913 3856 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:24:13.0943 3856 Null - ok
19:24:13.0961 3856 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:24:13.0973 3856 nvraid - ok
19:24:13.0989 3856 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:24:13.0999 3856 nvstor - ok
19:24:14.0013 3856 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:24:14.0024 3856 nv_agp - ok
19:24:14.0028 3856 NwlnkFlt - ok
19:24:14.0031 3856 NwlnkFwd - ok
19:24:14.0066 3856 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:24:14.0105 3856 ohci1394 - ok
19:24:14.0141 3856 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:24:14.0201 3856 p2pimsvc - ok
19:24:14.0212 3856 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:24:14.0237 3856 p2psvc - ok
19:24:14.0257 3856 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:24:14.0289 3856 Parport - ok
19:24:14.0322 3856 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:24:14.0333 3856 partmgr - ok
19:24:14.0346 3856 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:24:14.0373 3856 Parvdm - ok
19:24:14.0404 3856 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:24:14.0460 3856 PcaSvc - ok
19:24:14.0492 3856 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:24:14.0505 3856 pci - ok
19:24:14.0526 3856 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
19:24:14.0536 3856 pciide - ok
19:24:14.0553 3856 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:24:14.0565 3856 pcmcia - ok
19:24:14.0607 3856 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:24:14.0687 3856 PEAUTH - ok
19:24:14.0742 3856 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:24:14.0800 3856 pla - ok
19:24:14.0865 3856 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:24:14.0885 3856 PlugPlay - ok
19:24:14.0904 3856 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:24:14.0927 3856 PNRPAutoReg - ok
19:24:14.0936 3856 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:24:14.0961 3856 PNRPsvc - ok
19:24:14.0985 3856 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:24:15.0036 3856 PolicyAgent - ok
19:24:15.0068 3856 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:24:15.0111 3856 PptpMiniport - ok
19:24:15.0123 3856 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:24:15.0175 3856 Processor - ok
19:24:15.0185 3856 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:24:15.0206 3856 ProfSvc - ok
19:24:15.0220 3856 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:24:15.0231 3856 ProtectedStorage - ok
19:24:15.0269 3856 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:24:15.0287 3856 PSched - ok
19:24:15.0340 3856 [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
19:24:15.0348 3856 PST Service ( UnsignedFile.Multi.Generic ) - warning
19:24:15.0348 3856 PST Service - detected UnsignedFile.Multi.Generic (1)
19:24:15.0405 3856 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:24:15.0440 3856 ql2300 - ok
19:24:15.0457 3856 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:24:15.0469 3856 ql40xx - ok
19:24:15.0498 3856 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:24:15.0523 3856 QWAVE - ok
19:24:15.0539 3856 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:24:15.0550 3856 QWAVEdrv - ok
19:24:15.0561 3856 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:24:15.0591 3856 RasAcd - ok
19:24:15.0605 3856 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:24:15.0634 3856 RasAuto - ok
19:24:15.0654 3856 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:24:15.0686 3856 Rasl2tp - ok
19:24:15.0719 3856 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:24:15.0757 3856 RasMan - ok
19:24:15.0787 3856 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:24:15.0804 3856 RasPppoe - ok
19:24:15.0845 3856 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:24:15.0896 3856 RasSstp - ok
19:24:15.0957 3856 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:24:15.0992 3856 rdbss - ok
19:24:16.0020 3856 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:24:16.0050 3856 RDPCDD - ok
19:24:16.0084 3856 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:24:16.0125 3856 rdpdr - ok
19:24:16.0129 3856 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:24:16.0164 3856 RDPENCDD - ok
19:24:16.0193 3856 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:24:16.0231 3856 RDPWD - ok
19:24:16.0287 3856 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:24:16.0309 3856 RemoteAccess - ok
19:24:16.0340 3856 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:24:16.0364 3856 RemoteRegistry - ok
19:24:16.0391 3856 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
19:24:16.0415 3856 RMCAST - ok
19:24:16.0439 3856 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:24:16.0465 3856 RpcLocator - ok
19:24:16.0484 3856 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:24:16.0513 3856 RpcSs - ok
19:24:16.0534 3856 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:24:16.0561 3856 rspndr - ok
19:24:16.0564 3856 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:24:16.0575 3856 SamSs - ok
19:24:16.0600 3856 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:24:16.0611 3856 sbp2port - ok
19:24:16.0659 3856 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:24:16.0678 3856 SCardSvr - ok
19:24:16.0717 3856 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:24:16.0782 3856 Schedule - ok
19:24:16.0794 3856 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:24:16.0812 3856 SCPolicySvc - ok
19:24:16.0843 3856 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:24:16.0873 3856 SDRSVC - ok
19:24:16.0967 3856 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\T!mo\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
19:24:16.0971 3856 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
19:24:16.0971 3856 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
19:24:16.0990 3856 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:24:17.0038 3856 secdrv - ok
19:24:17.0062 3856 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:24:17.0095 3856 seclogon - ok
19:24:17.0131 3856 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:24:17.0154 3856 SENS - ok
19:24:17.0168 3856 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:24:17.0190 3856 Serenum - ok
19:24:17.0225 3856 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:24:17.0261 3856 Serial - ok
19:24:17.0279 3856 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:24:17.0301 3856 sermouse - ok
19:24:17.0319 3856 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:24:17.0358 3856 SessionEnv - ok
19:24:17.0383 3856 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:24:17.0420 3856 sffdisk - ok
19:24:17.0430 3856 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:24:17.0467 3856 sffp_mmc - ok
19:24:17.0480 3856 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:24:17.0529 3856 sffp_sd - ok
19:24:17.0548 3856 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:24:17.0585 3856 sfloppy - ok
19:24:17.0621 3856 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:24:17.0658 3856 SharedAccess - ok
19:24:17.0685 3856 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:24:17.0740 3856 ShellHWDetection - ok
19:24:17.0753 3856 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:24:17.0764 3856 sisagp - ok
19:24:17.0775 3856 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:24:17.0785 3856 SiSRaid2 - ok
19:24:17.0799 3856 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:24:17.0809 3856 SiSRaid4 - ok
19:24:17.0868 3856 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:24:17.0880 3856 SkypeUpdate - ok
19:24:17.0972 3856 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:24:18.0136 3856 slsvc - ok
19:24:18.0170 3856 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:24:18.0191 3856 SLUINotify - ok
19:24:18.0227 3856 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:24:18.0244 3856 Smb - ok
19:24:18.0273 3856 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:24:18.0285 3856 SNMPTRAP - ok
19:24:18.0309 3856 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:24:18.0320 3856 spldr - ok
19:24:18.0348 3856 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:24:18.0379 3856 Spooler - ok
19:24:18.0425 3856 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:24:18.0458 3856 srv - ok
19:24:18.0477 3856 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:24:18.0500 3856 srv2 - ok
19:24:18.0514 3856 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:24:18.0541 3856 srvnet - ok
19:24:18.0560 3856 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:24:18.0596 3856 SSDPSRV - ok
19:24:18.0629 3856 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
19:24:18.0646 3856 ssmdrv - ok
19:24:18.0681 3856 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:24:18.0700 3856 SstpSvc - ok
19:24:18.0729 3856 [ 6D82CB78DE57A073E95431F3486B1B27 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:24:18.0741 3856 ssudmdm - ok
19:24:18.0769 3856 Steam Client Service - ok
19:24:18.0805 3856 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:24:18.0829 3856 stisvc - ok
19:24:18.0844 3856 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:24:18.0855 3856 swenum - ok
19:24:18.0892 3856 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:24:18.0930 3856 swprv - ok
19:24:18.0962 3856 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:24:18.0972 3856 Symc8xx - ok
19:24:18.0981 3856 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:24:18.0991 3856 Sym_hi - ok
19:24:19.0000 3856 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:24:19.0010 3856 Sym_u3 - ok
19:24:19.0054 3856 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:24:19.0082 3856 SysMain - ok
19:24:19.0106 3856 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:24:19.0133 3856 TabletInputService - ok
19:24:19.0170 3856 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:24:19.0203 3856 TapiSrv - ok
19:24:19.0228 3856 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:24:19.0266 3856 TBS - ok
19:24:19.0308 3856 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:24:19.0346 3856 Tcpip - ok
19:24:19.0360 3856 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:24:19.0389 3856 Tcpip6 - ok
19:24:19.0419 3856 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:24:19.0444 3856 tcpipreg - ok
19:24:19.0462 3856 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:24:19.0484 3856 TDPIPE - ok
19:24:19.0498 3856 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:24:19.0532 3856 TDTCP - ok
19:24:19.0557 3856 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:24:19.0584 3856 tdx - ok
19:24:19.0611 3856 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:24:19.0623 3856 TermDD - ok
19:24:19.0657 3856 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:24:19.0685 3856 TermService - ok
19:24:19.0708 3856 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:24:19.0723 3856 Themes - ok
19:24:19.0734 3856 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:24:19.0756 3856 THREADORDER - ok
19:24:19.0777 3856 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:24:19.0826 3856 TrkWks - ok
19:24:19.0884 3856 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:24:19.0909 3856 TrustedInstaller - ok
19:24:19.0929 3856 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:24:19.0965 3856 tssecsrv - ok
19:24:19.0993 3856 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:24:20.0041 3856 tunmp - ok
19:24:20.0053 3856 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:24:20.0065 3856 tunnel - ok
19:24:20.0093 3856 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:24:20.0103 3856 uagp35 - ok
19:24:20.0130 3856 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:24:20.0151 3856 udfs - ok
19:24:20.0168 3856 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:24:20.0191 3856 UI0Detect - ok
19:24:20.0209 3856 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:24:20.0219 3856 uliagpkx - ok
19:24:20.0237 3856 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:24:20.0250 3856 uliahci - ok
19:24:20.0267 3856 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:24:20.0278 3856 UlSata - ok
19:24:20.0291 3856 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:24:20.0303 3856 ulsata2 - ok
19:24:20.0329 3856 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:24:20.0356 3856 umbus - ok
19:24:20.0385 3856 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:24:20.0412 3856 upnphost - ok
19:24:20.0464 3856 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:24:20.0494 3856 usbaudio - ok
19:24:20.0513 3856 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:24:20.0534 3856 usbccgp - ok
19:24:20.0555 3856 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:24:20.0602 3856 usbcir - ok
19:24:20.0638 3856 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:24:20.0667 3856 usbehci - ok
19:24:20.0699 3856 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:24:20.0726 3856 usbhub - ok
19:24:20.0749 3856 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:24:20.0785 3856 usbohci - ok
19:24:20.0795 3856 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:24:20.0845 3856 usbprint - ok
19:24:20.0872 3856 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:24:20.0929 3856 USBSTOR - ok
19:24:20.0950 3856 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:24:20.0967 3856 usbuhci - ok
19:24:21.0003 3856 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:24:21.0026 3856 usbvideo - ok
19:24:21.0057 3856 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:24:21.0076 3856 UxSms - ok
19:24:21.0117 3856 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:24:21.0169 3856 vds - ok
19:24:21.0199 3856 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:24:21.0248 3856 vga - ok
19:24:21.0269 3856 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:24:21.0297 3856 VgaSave - ok
19:24:21.0313 3856 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:24:21.0323 3856 viaagp - ok
19:24:21.0342 3856 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:24:21.0388 3856 ViaC7 - ok
19:24:21.0402 3856 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:24:21.0412 3856 viaide - ok
19:24:21.0423 3856 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:24:21.0434 3856 volmgr - ok
19:24:21.0472 3856 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:24:21.0488 3856 volmgrx - ok
19:24:21.0523 3856 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:24:21.0538 3856 volsnap - ok
19:24:21.0555 3856 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:24:21.0566 3856 vsmraid - ok
19:24:21.0616 3856 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:24:21.0680 3856 VSS - ok
19:24:21.0698 3856 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:24:21.0732 3856 W32Time - ok
19:24:21.0745 3856 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:24:21.0782 3856 WacomPen - ok
19:24:21.0804 3856 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:24:21.0830 3856 Wanarp - ok
19:24:21.0832 3856 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:24:21.0849 3856 Wanarpv6 - ok
19:24:21.0869 3856 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:24:21.0910 3856 wcncsvc - ok
19:24:21.0942 3856 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:24:21.0961 3856 WcsPlugInService - ok
19:24:21.0988 3856 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:24:21.0998 3856 Wd - ok
19:24:22.0039 3856 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:24:22.0066 3856 Wdf01000 - ok
19:24:22.0097 3856 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:24:22.0126 3856 WdiServiceHost - ok
19:24:22.0128 3856 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:24:22.0151 3856 WdiSystemHost - ok
19:24:22.0189 3856 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:24:22.0204 3856 WebClient - ok
19:24:22.0239 3856 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:24:22.0279 3856 Wecsvc - ok
19:24:22.0292 3856 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:24:22.0331 3856 wercplsupport - ok
19:24:22.0357 3856 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:24:22.0378 3856 WerSvc - ok
19:24:22.0427 3856 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:24:22.0443 3856 WinDefend - ok
19:24:22.0447 3856 WinHttpAutoProxySvc - ok
19:24:22.0503 3856 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:24:22.0523 3856 Winmgmt - ok
19:24:22.0577 3856 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:24:22.0636 3856 WinRM - ok
19:24:22.0692 3856 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:24:22.0750 3856 Wlansvc - ok
19:24:22.0860 3856 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:24:22.0920 3856 wlidsvc - ok
19:24:22.0951 3856 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:24:22.0988 3856 WmiAcpi - ok
19:24:23.0017 3856 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:24:23.0049 3856 wmiApSrv - ok
19:24:23.0109 3856 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:24:23.0171 3856 WMPNetworkSvc - ok
19:24:23.0204 3856 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:24:23.0244 3856 WPCSvc - ok
19:24:23.0273 3856 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:24:23.0303 3856 WPDBusEnum - ok
19:24:23.0327 3856 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:24:23.0350 3856 WpdUsb - ok
19:24:23.0458 3856 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:24:23.0488 3856 WPFFontCache_v0400 - ok
19:24:23.0513 3856 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:24:23.0541 3856 ws2ifsl - ok
19:24:23.0574 3856 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:24:23.0595 3856 wscsvc - ok
19:24:23.0598 3856 WSearch - ok
19:24:23.0667 3856 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:24:23.0736 3856 wuauserv - ok
19:24:23.0790 3856 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:24:23.0809 3856 WudfPf - ok
19:24:23.0826 3856 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:24:23.0839 3856 WUDFRd - ok
19:24:23.0851 3856 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:24:23.0875 3856 wudfsvc - ok
19:24:23.0879 3856 ================ Scan global ===============================
19:24:23.0908 3856 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:24:23.0941 3856 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:24:23.0954 3856 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:24:23.0985 3856 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:24:23.0990 3856 [Global] - ok
19:24:23.0990 3856 ================ Scan MBR ==================================
19:24:23.0995 3856 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:24:24.0294 3856 \Device\Harddisk0\DR0 - ok
19:24:24.0294 3856 ================ Scan VBR ==================================
19:24:24.0323 3856 [ 0FF33FCB33CC0E5D74223E37690088E3 ] \Device\Harddisk0\DR0\Partition1
19:24:24.0325 3856 \Device\Harddisk0\DR0\Partition1 - ok
19:24:24.0343 3856 [ A4DEEB2E1F7CC639D6A33F3FCCD63872 ] \Device\Harddisk0\DR0\Partition2
19:24:24.0345 3856 \Device\Harddisk0\DR0\Partition2 - ok
19:24:24.0345 3856 ============================================================
19:24:24.0345 3856 Scan finished
19:24:24.0345 3856 ============================================================
19:24:24.0352 2976 Detected object count: 3
19:24:24.0352 2976 Actual detected object count: 3
19:26:07.0065 2976 AddonsHelper ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:07.0065 2976 AddonsHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:26:07.0066 2976 PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:07.0066 2976 PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:26:07.0067 2976 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:07.0067 2976 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:28:26.0628 3540 Deinitialize success |