Trojaner-Board - Nach Windows-Start kommt ein weißer Sperrbildschirm

Danke jetzt hat es prima geklappt

Code:

OTL logfile created on: 8/12/2013 11:09:11 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System

Internet Explorer (Version = 9.10.9200.16635)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free

3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 119.14 Gb Total Space | 45.67 Gb Free Space | 38.33% Space Free | Partition Type: NTFS

Drive D: | 465.66 Gb Total Space | 203.40 Gb Free Space | 43.68% Space Free | Partition Type: NTFS

Drive E: | 100.00 Mb Total Space | 75.66 Mb Free Space | 75.66% Space Free | Partition Type: NTFS

Drive F: | 100.00 Mb Total Space | 75.69 Mb Free Space | 75.69% Space Free | Partition Type: NTFS

Drive G: | 7.45 Gb Total Space | 7.44 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/03/28 21:34:18 | 000,241,152 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2013/03/28 16:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2011/10/19 10:19:30 | 000,395,136 | R--- | M] (cFos Software GmbH) [Auto] -- C:\Program Files\ASRock\XFast LAN\spd.exe -- (cFosSpeedS)

SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)

SRV - [2013/08/07 05:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)

SRV - [2013/07/26 18:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013/07/17 13:47:28 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/06/28 08:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2013/06/21 03:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/06/17 13:23:24 | 000,049,152 | ---- | M] () [On_Demand] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)

SRV - [2011/08/10 08:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe -- (NIS)

SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2013/05/21 13:12:18 | 000,032,320 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)

DRV:64bit: - [2013/05/20 10:09:12 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2013/05/20 10:04:07 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)

DRV:64bit: - [2013/03/28 22:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2013/03/28 21:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2013/02/14 07:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2012/12/13 07:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/04/09 04:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)

DRV:64bit: - [2012/02/21 12:46:18 | 000,396,776 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)

DRV:64bit: - [2012/02/21 12:46:18 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)

DRV:64bit: - [2012/01/13 06:52:38 | 000,031,016 | ---- | M] (ASRock Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AsrRamDisk.sys -- (AsrRamDisk)

DRV:64bit: - [2011/12/12 02:52:44 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)

DRV:64bit: - [2011/12/12 02:52:44 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)

DRV:64bit: - [2011/09/21 11:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot] -- C:\Windows\System32\drivers\asahci64.sys -- (asahci64)

DRV:64bit: - [2011/08/23 09:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/08/08 11:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys -- (ccSet_NIS)

DRV:64bit: - [2011/08/02 14:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS -- (SRTSP)

DRV:64bit: - [2011/08/02 14:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2011/07/28 15:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS -- (SymEFA)

DRV:64bit: - [2011/07/25 14:18:40 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS -- (SymNetS)

DRV:64bit: - [2011/07/25 14:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS -- (SymDS)

DRV:64bit: - [2011/07/25 14:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS -- (SymIRON)

DRV:64bit: - [2011/07/04 09:19:34 | 001,632,128 | ---- | M] (cFos Software GmbH) [Kernel | System] -- C:\Windows\System32\drivers\cfosspeed6.sys -- (cFosSpeed) cFosSpeed for faster Internet connections (NDIS 6)

DRV:64bit: - [2011/05/10 10:28:48 | 000,017,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System] -- C:\Windows\System32\drivers\AsrAppCharger.sys -- (AsrAppCharger)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010/02/18 03:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\Windows\System32\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009/11/17 19:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MBfilt64.sys -- (MBfilt)

DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/05/04 12:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/03/18 12:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2011/08/09 21:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS -- (NAVEX15)

DRV - [2011/08/09 21:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS -- (NAVENG)

DRV - [2011/07/25 14:15:12 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx64.sys -- (BHDrvx64)

DRV - [2011/07/20 13:43:24 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys -- (IDSVia64)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

 

IE - HKU\Tobias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Tobias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

 

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\

 

 

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\System32\THXCfg64.DLL (Creative Technology Ltd.)

O4:64bit: - HKLM..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [XFastUSB] C:\Program Files (x86)\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)

O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\Tobias_ON_C..\Run: [ASRockIES]  File not found

O4 - HKU\Tobias_ON_C..\Run: [ASRockOCTuner]  File not found

O4 - HKU\Tobias_ON_C..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\Tobias_ON_C..\Run: [zASRockInstantBoot]  File not found

O4 - HKU\.DEFAULT..\RunOnce: [SPReview]  File not found

O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found

O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found

O4 - Startup: Error locating startup folders.

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13:64bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/08/11 11:53:38 | 000,000,000 | ---D | C] -- C:\FRST

[2013/07/25 12:20:14 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\Backup Walkman

[2013/07/20 09:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes

[2013/07/18 13:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/08/12 13:35:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/08/12 13:35:03 | 2134,298,623 | -HS- | M] () -- C:\hiberfil.sys

[2013/08/11 11:36:44 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/08/11 11:36:44 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/08/11 11:35:51 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013/08/11 11:35:51 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/08/11 11:35:51 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013/08/11 11:35:51 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/08/11 11:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/08/11 11:05:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2013/08/10 15:22:06 | 000,001,102 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk

[2013/08/10 15:22:06 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk

[2013/07/20 09:08:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes

[2013/07/18 13:44:24 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2013/07/18 13:44:24 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2013/07/18 13:44:24 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/07/18 13:44:24 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/07/18 13:44:24 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/07/18 13:44:24 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/07/17 13:47:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/07/17 13:47:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

 
 ========== Files Created - No Company Name ==========

 

[2013/08/11 11:05:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2013/05/22 12:42:10 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll

[2013/05/20 12:06:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2013/05/20 12:04:41 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2013/05/20 12:04:41 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2013/05/20 12:04:41 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2013/05/20 10:06:10 | 000,001,424 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini

[2013/05/20 10:06:10 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini

[2013/05/20 10:06:10 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini

[2013/05/20 10:06:09 | 000,190,464 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2013/05/20 10:06:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2013/05/20 10:04:16 | 000,000,003 | ---- | C] () -- C:\Users\Tobias\AppData\Local\user_data.ini

[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe

[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe

[2012/11/26 19:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll

[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== LOP Check ==========

 

[2013/08/10 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\.minecraft

[2013/06/18 08:18:00 | 000,000,000 | -HSD | M] -- C:\Users\Tobias\AppData\Roaming\Common

[2013/06/18 08:22:35 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DeviceVm

[2013/06/20 09:45:02 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoft

[2013/06/16 05:10:12 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\fltk.org

[2013/06/29 06:37:53 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Fritzing

[2013/06/14 15:44:20 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\OpenOffice.org

[2013/07/13 05:55:21 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\TS3Client

[2013/06/14 15:16:07 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Ubisoft

[2013/07/20 09:30:51 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Wargaming.net

[2013/06/20 09:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2013/06/03 14:14:45 | 000,000,000 | ---D | M] -- C:\ProgramData\AMD

[2013/05/20 09:56:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data

[2013/05/28 12:33:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Ask

[2013/06/18 08:17:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Binary Fortress Software

[2013/06/16 11:05:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Bohemia Interactive Studio

[2013/05/20 10:04:08 | 000,000,000 | ---D | M] -- C:\ProgramData\cFos

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop

[2013/06/18 08:22:51 | 000,000,000 | ---D | M] -- C:\ProgramData\DeviceVM

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents

[2013/05/20 09:56:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente

[2013/05/20 09:56:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites

[2013/06/16 05:10:12 | 000,000,000 | ---D | M] -- C:\ProgramData\fltk.org

[2013/05/20 10:04:07 | 000,000,000 | ---D | M] -- C:\ProgramData\FNET

[2013/06/14 15:17:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Solidshield

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2013/05/20 09:56:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü

[2013/05/20 10:06:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp

[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[2013/05/20 09:56:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen

[2013/07/13 08:52:43 | 000,000,000 | ---D | M] -- C:\ProgramData\WarThunder

[2013/05/20 10:05:29 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}

[2009/07/14 01:08:49 | 000,024,318 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >

Code:

ComboFix 13-08-15.03 - Tobias 16.08.2013  18:58:13.1.6 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8175.6438 [GMT 2:00]

ausgeführt von:: c:\users\Tobias\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ntuser.dat

c:\users\Public\sdelevURL.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-07-16 bis 2013-08-16  ))))))))))))))))))))))))))))))

.

.

2013-08-16 17:01 . 2013-08-16 17:01        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-08-16 17:00 . 2013-08-16 17:00        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{445A55C9-B713-4B9E-9686-91DFD2A03911}\offreg.dll

2013-08-16 16:52 . 2013-07-02 08:34        9460976        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{445A55C9-B713-4B9E-9686-91DFD2A03911}\mpengine.dll

2013-08-15 20:44 . 2013-07-09 05:52        224256        ----a-w-        c:\windows\system32\wintrust.dll

2013-08-13 16:38 . 2013-08-13 16:38        --------        d-----w-        c:\programdata\HitmanPro

2013-08-13 03:24 . 2013-08-13 03:24        --------        d-----w-        C:\_OTL

2013-08-11 15:53 . 2013-08-11 15:53        --------        d-----w-        C:\FRST

2013-07-18 17:44 . 2013-07-18 17:44        --------        d-----w-        c:\program files (x86)\Java

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-18 17:44 . 2013-05-28 16:33        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2013-07-18 17:44 . 2013-05-28 16:33        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll

2013-07-18 17:44 . 2013-05-28 16:33        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-17 17:47 . 2013-05-24 17:05        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-17 17:47 . 2013-05-24 17:05        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-07-04 16:52 . 2013-07-04 16:52        972712        ----a-w-        c:\windows\system32\deployJava1.dll

2013-07-04 16:52 . 2013-07-04 16:52        312232        ----a-w-        c:\windows\system32\javaws.exe

2013-07-04 16:52 . 2013-07-04 16:52        1093032        ----a-w-        c:\windows\system32\npDeployJava1.dll

2013-07-04 16:52 . 2013-07-04 16:52        189352        ----a-w-        c:\windows\system32\javaw.exe

2013-07-04 16:52 . 2013-07-04 16:52        188840        ----a-w-        c:\windows\system32\java.exe

2013-07-04 16:52 . 2013-07-04 16:52        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll

2013-06-12 16:17 . 2013-06-12 16:17        34064        ----a-w-        c:\windows\SysWow64\lhacm.acm

2013-06-05 03:34 . 2013-07-10 15:48        3153920        ----a-w-        c:\windows\system32\win32k.sys

2013-06-04 06:00 . 2013-07-10 15:48        624128        ----a-w-        c:\windows\system32\qedit.dll

2013-06-04 04:53 . 2013-07-10 15:48        509440        ----a-w-        c:\windows\SysWow64\qedit.dll

2013-05-31 23:15 . 2013-05-31 23:15        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-31 23:15 . 2013-05-31 23:15        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-05-31 23:15 . 2013-05-31 23:15        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-05-31 23:15 . 2013-05-31 23:15        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-05-31 23:15 . 2013-05-31 23:15        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-05-31 23:15 . 2013-05-31 23:15        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-05-31 23:15 . 2013-05-31 23:15        361984        ----a-w-        c:\windows\SysWow64\html.iec

2013-05-31 23:15 . 2013-05-31 23:15        226304        ----a-w-        c:\windows\system32\elshyph.dll

2013-05-31 23:15 . 2013-05-31 23:15        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-05-31 23:15 . 2013-05-31 23:15        158720        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-05-31 23:15 . 2013-05-31 23:15        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-05-31 23:15 . 2013-05-31 23:15        138752        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-05-31 23:15 . 2013-05-31 23:15        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-05-31 23:15 . 2013-05-31 23:15        12800        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-05-31 23:15 . 2013-05-31 23:15        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-05-31 23:15 . 2013-05-31 23:15        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-05-31 23:14 . 2013-05-31 23:14        97280        ----a-w-        c:\windows\system32\mshtmled.dll

2013-05-31 23:14 . 2013-05-31 23:14        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-05-31 23:14 . 2013-05-31 23:14        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-05-31 23:14 . 2013-05-31 23:14        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-05-31 23:14 . 2013-05-31 23:14        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-05-31 23:14 . 2013-05-31 23:14        762368        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-05-31 23:14 . 2013-05-31 23:14        62976        ----a-w-        c:\windows\system32\pngfilt.dll

2013-05-31 23:14 . 2013-05-31 23:14        599552        ----a-w-        c:\windows\system32\vbscript.dll

2013-05-31 23:14 . 2013-05-31 23:14        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-05-31 23:14 . 2013-05-31 23:14        51200        ----a-w-        c:\windows\system32\imgutil.dll

2013-05-31 23:14 . 2013-05-31 23:14        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-05-31 23:14 . 2013-05-31 23:14        452096        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-05-31 23:14 . 2013-05-31 23:14        441856        ----a-w-        c:\windows\system32\html.iec

2013-05-31 23:14 . 2013-05-31 23:14        281600        ----a-w-        c:\windows\system32\dxtrans.dll

2013-05-31 23:14 . 2013-05-31 23:14        27648        ----a-w-        c:\windows\system32\licmgr10.dll

2013-05-31 23:14 . 2013-05-31 23:14        270848        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-05-31 23:14 . 2013-05-31 23:14        247296        ----a-w-        c:\windows\system32\webcheck.dll

2013-05-31 23:14 . 2013-05-31 23:14        235008        ----a-w-        c:\windows\system32\url.dll

2013-05-31 23:14 . 2013-05-31 23:14        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-05-31 23:14 . 2013-05-31 23:14        216064        ----a-w-        c:\windows\system32\msls31.dll

2013-05-31 23:14 . 2013-05-31 23:14        197120        ----a-w-        c:\windows\system32\msrating.dll

2013-05-31 23:14 . 2013-05-31 23:14        173568        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-05-31 23:14 . 2013-05-31 23:14        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-05-31 23:14 . 2013-05-31 23:14        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-05-31 23:14 . 2013-05-31 23:14        149504        ----a-w-        c:\windows\system32\occache.dll

2013-05-31 23:14 . 2013-05-31 23:14        144896        ----a-w-        c:\windows\system32\wextract.exe

2013-05-31 23:14 . 2013-05-31 23:14        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-05-31 23:14 . 2013-05-31 23:14        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-05-31 23:14 . 2013-05-31 23:14        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-05-31 23:14 . 2013-05-31 23:14        136192        ----a-w-        c:\windows\system32\iepeers.dll

2013-05-31 23:14 . 2013-05-31 23:14        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-05-31 23:14 . 2013-05-31 23:14        12800        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-05-31 23:14 . 2013-05-31 23:14        102912        ----a-w-        c:\windows\system32\inseng.dll

2013-05-31 23:14 . 2013-05-31 23:14        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        648192        ----a-w-        c:\windows\system32\d3d10level9.dll

2013-05-31 23:14 . 2013-05-31 23:14        604160        ----a-w-        c:\windows\SysWow64\d3d10level9.dll

2013-05-31 23:14 . 2013-05-31 23:14        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        522752        ----a-w-        c:\windows\system32\XpsGdiConverter.dll

2013-05-31 23:14 . 2013-05-31 23:14        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

2013-05-31 23:14 . 2013-05-31 23:14        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2013-05-31 23:14 . 2013-05-31 23:14        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        4096        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3928064        ----a-w-        c:\windows\system32\d2d1.dll

2013-05-31 23:14 . 2013-05-31 23:14        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll

2013-05-31 23:14 . 2013-05-31 23:14        363008        ----a-w-        c:\windows\system32\dxgi.dll

2013-05-31 23:14 . 2013-05-31 23:14        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3584        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll

2013-05-31 23:14 . 2013-05-31 23:14        333312        ----a-w-        c:\windows\system32\d3d10_1core.dll

2013-05-31 23:14 . 2013-05-31 23:14        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        296960        ----a-w-        c:\windows\system32\d3d10core.dll

2013-05-31 23:14 . 2013-05-31 23:14        293376        ----a-w-        c:\windows\SysWow64\dxgi.dll

2013-05-31 23:14 . 2013-05-31 23:14        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll

2013-05-31 23:14 . 2013-05-31 23:14        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll

2013-05-31 23:14 . 2013-05-31 23:14        2560        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        2560        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-31 23:14 . 2013-05-31 23:14        249856        ----a-w-        c:\windows\SysWow64\d3d10_1core.dll

2013-05-31 23:14 . 2013-05-31 23:14        245248        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll

2013-05-31 23:14 . 2013-05-31 23:14        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll

2013-05-31 23:14 . 2013-05-31 23:14        221184        ----a-w-        c:\windows\system32\UIAnimation.dll

2013-05-31 23:14 . 2013-05-31 23:14        220160        ----a-w-        c:\windows\SysWow64\d3d10core.dll

2013-05-31 23:14 . 2013-05-31 23:14        207872        ----a-w-        c:\windows\SysWow64\WindowsCodecsExt.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Steam"="d:\program files (x86)\Steam\Steam.exe" [2013-07-26 1807272]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2013-05-20 5019360]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-19 909824]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]

"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]

"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

c:\users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 DisplayFusionService;DisplayFusionService;d:\program files (x86)\DisplayFusion\DisplayFusionService.exe;d:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]

R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]

R3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx64.sys [x]

R3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1301000.01C\ccSetx64.sys [x]

R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]

R3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1301000.01C\SYMDS64.SYS [x]

R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1301000.01C\SYMEFA64.SYS [x]

R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1301000.01C\Ironx64.SYS [x]

R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1301000.01C\SYMNETS.SYS [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]

S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]

S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]

S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]

S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]

S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [x]

S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-24 17:47]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-09 12666984]

"XFast LAN"="c:\program files\ASRock\XFast LAN\cFosSpeed.exe" [2011-10-19 1441152]

"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-ASRockOCTuner - (no file)

Wow6432Node-HKCU-Run-ASRockIES - (no file)

Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)

Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-BattlEye for A2 - d:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-08-16  19:03:49

ComboFix-quarantined-files.txt  2013-08-16 17:03

.

Vor Suchlauf: 10 Verzeichnis(se), 50.034.077.696 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 49.955.856.384 Bytes frei

.

- - End Of File - - 38ED1B0679B937AE50AA015DF37108F3

A36C5E4F47E84449FF07ED3517B43A31

Code:

19:10:07.0698 1952  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:10:07.0812 1952  ============================================================

19:10:07.0812 1952  Current date / time: 2013/08/16 19:10:07.0812

19:10:07.0812 1952  SystemInfo:

19:10:07.0812 1952  

19:10:07.0812 1952  OS Version: 6.1.7601 ServicePack: 1.0

19:10:07.0812 1952  Product type: Workstation

19:10:07.0812 1952  ComputerName: TOBIAS-PC

19:10:07.0812 1952  UserName: Tobias

19:10:07.0812 1952  Windows directory: C:\Windows

19:10:07.0812 1952  System windows directory: C:\Windows

19:10:07.0812 1952  Running under WOW64

19:10:07.0812 1952  Processor architecture: Intel x64

19:10:07.0812 1952  Number of processors: 6

19:10:07.0812 1952  Page size: 0x1000

19:10:07.0812 1952  Boot type: Normal boot

19:10:07.0812 1952  ============================================================

19:10:08.0116 1952  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:10:08.0116 1952  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:10:08.0122 1952  ============================================================

19:10:08.0122 1952  \Device\Harddisk1\DR1:

19:10:08.0122 1952  MBR partitions:

19:10:08.0122 1952  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:10:08.0122 1952  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800

19:10:08.0122 1952  \Device\Harddisk0\DR0:

19:10:08.0122 1952  MBR partitions:

19:10:08.0122 1952  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:10:08.0122 1952  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000

19:10:08.0122 1952  ============================================================

19:10:08.0124 1952  C: <-> \Device\Harddisk0\DR0\Partition2

19:10:08.0140 1952  D: <-> \Device\Harddisk1\DR1\Partition2

19:10:08.0141 1952  E: <-> \Device\Harddisk0\DR0\Partition1

19:10:08.0157 1952  F: <-> \Device\Harddisk1\DR1\Partition1

19:10:08.0157 1952  ============================================================

19:10:08.0157 1952  Initialize success

19:10:08.0157 1952  ============================================================

19:10:28.0798 5268  ============================================================

19:10:28.0798 5268  Scan started

19:10:28.0798 5268  Mode: Manual; SigCheck; TDLFS; 

19:10:28.0798 5268  ============================================================

19:10:29.0007 5268  ================ Scan system memory ========================

19:10:29.0007 5268  System memory - ok

19:10:29.0007 5268  ================ Scan services =============================

19:10:29.0045 5268  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

19:10:29.0081 5268  1394ohci - ok

19:10:29.0088 5268  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

19:10:29.0101 5268  ACPI - ok

19:10:29.0105 5268  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

19:10:29.0116 5268  AcpiPmi - ok

19:10:29.0141 5268  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:10:29.0151 5268  AdobeFlashPlayerUpdateSvc - ok

19:10:29.0161 5268  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

19:10:29.0175 5268  adp94xx - ok

19:10:29.0182 5268  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

19:10:29.0194 5268  adpahci - ok

19:10:29.0200 5268  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

19:10:29.0210 5268  adpu320 - ok

19:10:29.0215 5268  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

19:10:29.0245 5268  AeLookupSvc - ok

19:10:29.0255 5268  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

19:10:29.0269 5268  AFD - ok

19:10:29.0273 5268  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

19:10:29.0282 5268  agp440 - ok

19:10:29.0286 5268  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

19:10:29.0296 5268  ALG - ok

19:10:29.0299 5268  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

19:10:29.0307 5268  aliide - ok

19:10:29.0313 5268  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

19:10:29.0330 5268  AMD External Events Utility - ok

19:10:29.0334 5268  AMD FUEL Service - ok

19:10:29.0337 5268  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

19:10:29.0345 5268  amdide - ok

19:10:29.0349 5268  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys

19:10:29.0365 5268  amdiox64 - ok

19:10:29.0369 5268  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

19:10:29.0378 5268  AmdK8 - ok

19:10:29.0522 5268  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

19:10:29.0648 5268  amdkmdag - ok

19:10:29.0662 5268  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

19:10:29.0682 5268  amdkmdap - ok

19:10:29.0685 5268  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

19:10:29.0695 5268  AmdPPM - ok

19:10:29.0699 5268  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

19:10:29.0709 5268  amdsata - ok

19:10:29.0719 5268  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

19:10:29.0729 5268  amdsbs - ok

19:10:29.0733 5268  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

19:10:29.0741 5268  amdxata - ok

19:10:29.0745 5268  [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys

19:10:29.0753 5268  amd_sata - ok

19:10:29.0757 5268  [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys

19:10:29.0763 5268  amd_xata - ok

19:10:29.0766 5268  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

19:10:29.0773 5268  AODDriver4.2 - ok

19:10:29.0776 5268  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

19:10:29.0805 5268  AppID - ok

19:10:29.0808 5268  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

19:10:29.0837 5268  AppIDSvc - ok

19:10:29.0841 5268  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

19:10:29.0851 5268  Appinfo - ok

19:10:29.0857 5268  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:10:29.0865 5268  Apple Mobile Device - ok

19:10:29.0871 5268  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

19:10:29.0881 5268  AppMgmt - ok

19:10:29.0885 5268  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

19:10:29.0894 5268  arc - ok

19:10:29.0898 5268  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

19:10:29.0907 5268  arcsas - ok

19:10:29.0911 5268  [ 4DFF4312661F54EE87DC9A13CAEE60E0 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys

19:10:29.0918 5268  asahci64 - ok

19:10:29.0923 5268  [ 0D721BEDC99072972A1C09C9FE549B07 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys

19:10:29.0934 5268  asmthub3 - ok

19:10:29.0942 5268  [ C401B8F26490DC3E5E47D3A91F87CD00 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys

19:10:29.0956 5268  asmtxhci - ok

19:10:29.0960 5268  [ E1AFEE1584C74050DE0DD16DE2A54BF3 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys

19:10:29.0967 5268  AsrAppCharger - ok

19:10:29.0971 5268  [ 0C3F9E39C0B10D351026D580D9FF6F86 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys

19:10:29.0978 5268  AsrRamDisk - ok

19:10:29.0982 5268  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

19:10:30.0009 5268  AsyncMac - ok

19:10:30.0013 5268  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

19:10:30.0021 5268  atapi - ok

19:10:30.0027 5268  [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

19:10:30.0036 5268  AtiHDAudioService - ok

19:10:30.0040 5268  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys

19:10:30.0046 5268  AtiPcie - ok

19:10:30.0057 5268  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:10:30.0091 5268  AudioEndpointBuilder - ok

19:10:30.0101 5268  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

19:10:30.0134 5268  AudioSrv - ok

19:10:30.0139 5268  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

19:10:30.0153 5268  AxInstSV - ok

19:10:30.0162 5268  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

19:10:30.0174 5268  b06bdrv - ok

19:10:30.0181 5268  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

19:10:30.0193 5268  b57nd60a - ok

19:10:30.0211 5268  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

19:10:30.0221 5268  BDESVC - ok

19:10:30.0224 5268  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

19:10:30.0252 5268  Beep - ok

19:10:30.0255 5268  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe

19:10:30.0258 5268  BEService ( UnsignedFile.Multi.Generic ) - warning

19:10:30.0258 5268  BEService - detected UnsignedFile.Multi.Generic (1)

19:10:30.0270 5268  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

19:10:30.0304 5268  BFE - ok

19:10:30.0323 5268  [ C823ADEEDD3AE6F3DB52B6152E5789CF ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx64.sys

19:10:30.0344 5268  BHDrvx64 - ok

19:10:30.0359 5268  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

19:10:30.0394 5268  BITS - ok

19:10:30.0397 5268  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

19:10:30.0407 5268  blbdrive - ok

19:10:30.0416 5268  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:10:30.0428 5268  Bonjour Service - ok

19:10:30.0432 5268  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

19:10:30.0441 5268  bowser - ok

19:10:30.0444 5268  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:10:30.0455 5268  BrFiltLo - ok

19:10:30.0459 5268  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:10:30.0469 5268  BrFiltUp - ok

19:10:30.0474 5268  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

19:10:30.0503 5268  BridgeMP - ok

19:10:30.0508 5268  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

19:10:30.0518 5268  Browser - ok

19:10:30.0524 5268  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

19:10:30.0536 5268  Brserid - ok

19:10:30.0540 5268  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

19:10:30.0552 5268  BrSerWdm - ok

19:10:30.0555 5268  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

19:10:30.0566 5268  BrUsbMdm - ok

19:10:30.0569 5268  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

19:10:30.0578 5268  BrUsbSer - ok

19:10:30.0582 5268  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

19:10:30.0593 5268  BTHMODEM - ok

19:10:30.0598 5268  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

19:10:30.0627 5268  bthserv - ok

19:10:30.0630 5268  catchme - ok

19:10:30.0637 5268  [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys

19:10:30.0645 5268  ccSet_NIS - ok

19:10:30.0650 5268  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

19:10:30.0679 5268  cdfs - ok

19:10:30.0684 5268  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys

19:10:30.0695 5268  cdrom - ok

19:10:30.0699 5268  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

19:10:30.0728 5268  CertPropSvc - ok

19:10:30.0748 5268  [ 33B82CF69E41B38A2EC0C3CABDE80D6E ] cFosSpeed       C:\Windows\system32\DRIVERS\cfosspeed6.sys

19:10:30.0777 5268  cFosSpeed - ok

19:10:30.0786 5268  [ A469854CD303A39162931FA770EA45A2 ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe

19:10:30.0798 5268  cFosSpeedS - ok

19:10:30.0802 5268  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

19:10:30.0814 5268  circlass - ok

19:10:30.0821 5268  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

19:10:30.0833 5268  CLFS - ok

19:10:30.0840 5268  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:10:30.0848 5268  clr_optimization_v2.0.50727_32 - ok

19:10:30.0854 5268  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:10:30.0862 5268  clr_optimization_v2.0.50727_64 - ok

19:10:30.0870 5268  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:10:30.0878 5268  clr_optimization_v4.0.30319_32 - ok

19:10:30.0885 5268  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:10:30.0893 5268  clr_optimization_v4.0.30319_64 - ok

19:10:30.0896 5268  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

19:10:30.0906 5268  CmBatt - ok

19:10:30.0909 5268  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

19:10:30.0917 5268  cmdide - ok

19:10:30.0925 5268  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys

19:10:30.0945 5268  CNG - ok

19:10:30.0949 5268  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

19:10:30.0957 5268  Compbatt - ok

19:10:30.0960 5268  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

19:10:30.0972 5268  CompositeBus - ok

19:10:30.0975 5268  COMSysApp - ok

19:10:30.0979 5268  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

19:10:30.0987 5268  crcdisk - ok

19:10:30.0993 5268  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

19:10:31.0004 5268  CryptSvc - ok

19:10:31.0013 5268  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

19:10:31.0026 5268  CSC - ok

19:10:31.0037 5268  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

19:10:31.0053 5268  CscService - ok

19:10:31.0063 5268  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

19:10:31.0096 5268  DcomLaunch - ok

19:10:31.0108 5268  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

19:10:31.0139 5268  defragsvc - ok

19:10:31.0144 5268  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

19:10:31.0172 5268  DfsC - ok

19:10:31.0179 5268  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

19:10:31.0191 5268  Dhcp - ok

19:10:31.0195 5268  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

19:10:31.0223 5268  discache - ok

19:10:31.0228 5268  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

19:10:31.0237 5268  Disk - ok

19:10:31.0255 5268  DisplayFusionService - ok

19:10:31.0260 5268  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

19:10:31.0271 5268  Dnscache - ok

19:10:31.0278 5268  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

19:10:31.0308 5268  dot3svc - ok

19:10:31.0313 5268  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

19:10:31.0341 5268  DPS - ok

19:10:31.0345 5268  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

19:10:31.0356 5268  drmkaud - ok

19:10:31.0370 5268  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

19:10:31.0391 5268  DXGKrnl - ok

19:10:31.0396 5268  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

19:10:31.0425 5268  EapHost - ok

19:10:31.0462 5268  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

19:10:31.0501 5268  ebdrv - ok

19:10:31.0507 5268  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

19:10:31.0516 5268  EFS - ok

19:10:31.0528 5268  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

19:10:31.0544 5268  ehRecvr - ok

19:10:31.0548 5268  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

19:10:31.0558 5268  ehSched - ok

19:10:31.0568 5268  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

19:10:31.0582 5268  elxstor - ok

19:10:31.0586 5268  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

19:10:31.0595 5268  ErrDev - ok

19:10:31.0605 5268  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

19:10:31.0637 5268  EventSystem - ok

19:10:31.0643 5268  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

19:10:31.0672 5268  exfat - ok

19:10:31.0678 5268  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

19:10:31.0708 5268  fastfat - ok

19:10:31.0726 5268  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

19:10:31.0742 5268  Fax - ok

19:10:31.0746 5268  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

19:10:31.0755 5268  fdc - ok

19:10:31.0758 5268  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

19:10:31.0787 5268  fdPHost - ok

19:10:31.0790 5268  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

19:10:31.0819 5268  FDResPub - ok

19:10:31.0823 5268  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

19:10:31.0832 5268  FileInfo - ok

19:10:31.0835 5268  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

19:10:31.0864 5268  Filetrace - ok

19:10:31.0868 5268  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

19:10:31.0877 5268  flpydisk - ok

19:10:31.0883 5268  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

19:10:31.0894 5268  FltMgr - ok

19:10:31.0898 5268  [ 508401A63E6B1CBF0B9C9A011498731F ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS

19:10:31.0905 5268  FNETTBOH_305 - ok

19:10:31.0908 5268  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS

19:10:31.0914 5268  FNETURPX - ok

19:10:31.0929 5268  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll

19:10:31.0949 5268  FontCache - ok

19:10:31.0954 5268  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:10:31.0960 5268  FontCache3.0.0.0 - ok

19:10:31.0964 5268  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

19:10:31.0972 5268  FsDepends - ok

19:10:31.0976 5268  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

19:10:31.0984 5268  Fs_Rec - ok

19:10:31.0989 5268  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

19:10:32.0003 5268  fvevol - ok

19:10:32.0007 5268  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

19:10:32.0015 5268  gagp30kx - ok

19:10:32.0020 5268  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:10:32.0026 5268  GEARAspiWDM - ok

19:10:32.0038 5268  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

19:10:32.0073 5268  gpsvc - ok

19:10:32.0077 5268  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

19:10:32.0084 5268  hamachi - ok

19:10:32.0189 5268  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

19:10:32.0230 5268  Hamachi2Svc - ok

19:10:32.0235 5268  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

19:10:32.0245 5268  hcw85cir - ok

19:10:32.0252 5268  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:10:32.0266 5268  HdAudAddService - ok

19:10:32.0271 5268  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

19:10:32.0283 5268  HDAudBus - ok

19:10:32.0286 5268  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

19:10:32.0295 5268  HidBatt - ok

19:10:32.0300 5268  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

19:10:32.0312 5268  HidBth - ok

19:10:32.0315 5268  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

19:10:32.0327 5268  HidIr - ok

19:10:32.0330 5268  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

19:10:32.0359 5268  hidserv - ok

19:10:32.0363 5268  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys

19:10:32.0371 5268  HidUsb - ok

19:10:32.0376 5268  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

19:10:32.0405 5268  hkmsvc - ok

19:10:32.0411 5268  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

19:10:32.0422 5268  HomeGroupListener - ok

19:10:32.0428 5268  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

19:10:32.0438 5268  HomeGroupProvider - ok

19:10:32.0443 5268  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

19:10:32.0452 5268  HpSAMD - ok

19:10:32.0463 5268  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

19:10:32.0497 5268  HTTP - ok

19:10:32.0501 5268  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

19:10:32.0509 5268  hwpolicy - ok

19:10:32.0513 5268  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

19:10:32.0523 5268  i8042prt - ok

19:10:32.0530 5268  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

19:10:32.0543 5268  iaStorV - ok

19:10:32.0556 5268  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:10:32.0573 5268  idsvc - ok

19:10:32.0582 5268  [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys

19:10:32.0594 5268  IDSVia64 - ok

19:10:32.0599 5268  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

19:10:32.0607 5268  iirsp - ok

19:10:32.0619 5268  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

19:10:32.0655 5268  IKEEXT - ok

19:10:32.0691 5268  [ 4BBB5A55EEB5EC11B20FCBB4CBB49357 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

19:10:32.0738 5268  IntcAzAudAddService - ok

19:10:32.0743 5268  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

19:10:32.0751 5268  intelide - ok

19:10:32.0755 5268  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

19:10:32.0764 5268  intelppm - ok

19:10:32.0769 5268  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

19:10:32.0799 5268  IPBusEnum - ok

19:10:32.0803 5268  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:10:32.0833 5268  IpFilterDriver - ok

19:10:32.0842 5268  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

19:10:32.0857 5268  iphlpsvc - ok

19:10:32.0861 5268  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

19:10:32.0871 5268  IPMIDRV - ok

19:10:32.0875 5268  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

19:10:32.0904 5268  IPNAT - ok

19:10:32.0914 5268  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

19:10:32.0929 5268  iPod Service - ok

19:10:32.0932 5268  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

19:10:32.0945 5268  IRENUM - ok

19:10:32.0949 5268  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

19:10:32.0957 5268  isapnp - ok

19:10:32.0963 5268  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

19:10:32.0974 5268  iScsiPrt - ok

19:10:32.0978 5268  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys

19:10:32.0986 5268  kbdclass - ok

19:10:32.0990 5268  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys

19:10:32.0999 5268  kbdhid - ok

19:10:33.0002 5268  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

19:10:33.0011 5268  KeyIso - ok

19:10:33.0015 5268  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

19:10:33.0024 5268  KSecDD - ok

19:10:33.0029 5268  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

19:10:33.0039 5268  KSecPkg - ok

19:10:33.0042 5268  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

19:10:33.0070 5268  ksthunk - ok

19:10:33.0077 5268  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

19:10:33.0110 5268  KtmRm - ok

19:10:33.0117 5268  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

19:10:33.0147 5268  LanmanServer - ok

19:10:33.0152 5268  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:10:33.0181 5268  LanmanWorkstation - ok

19:10:33.0186 5268  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

19:10:33.0215 5268  lltdio - ok

19:10:33.0222 5268  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

19:10:33.0253 5268  lltdsvc - ok

19:10:33.0257 5268  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

19:10:33.0286 5268  lmhosts - ok

19:10:33.0291 5268  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

19:10:33.0301 5268  LSI_FC - ok

19:10:33.0305 5268  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

19:10:33.0314 5268  LSI_SAS - ok

19:10:33.0318 5268  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:10:33.0326 5268  LSI_SAS2 - ok

19:10:33.0330 5268  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:10:33.0339 5268  LSI_SCSI - ok

19:10:33.0344 5268  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

19:10:33.0373 5268  luafv - ok

19:10:33.0377 5268  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys

19:10:33.0384 5268  MBfilt - ok

19:10:33.0388 5268  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

19:10:33.0398 5268  Mcx2Svc - ok

19:10:33.0402 5268  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

19:10:33.0410 5268  megasas - ok

19:10:33.0416 5268  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

19:10:33.0427 5268  MegaSR - ok

19:10:33.0431 5268  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

19:10:33.0461 5268  MMCSS - ok

19:10:33.0465 5268  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

19:10:33.0492 5268  Modem - ok

19:10:33.0496 5268  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

19:10:33.0507 5268  monitor - ok

19:10:33.0511 5268  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys

19:10:33.0519 5268  mouclass - ok

19:10:33.0522 5268  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

19:10:33.0532 5268  mouhid - ok

19:10:33.0536 5268  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

19:10:33.0545 5268  mountmgr - ok

19:10:33.0550 5268  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

19:10:33.0560 5268  mpio - ok

19:10:33.0564 5268  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

19:10:33.0593 5268  mpsdrv - ok

19:10:33.0606 5268  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

19:10:33.0641 5268  MpsSvc - ok

19:10:33.0647 5268  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

19:10:33.0661 5268  MRxDAV - ok

19:10:33.0666 5268  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

19:10:33.0676 5268  mrxsmb - ok

19:10:33.0682 5268  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:10:33.0693 5268  mrxsmb10 - ok

19:10:33.0698 5268  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:10:33.0708 5268  mrxsmb20 - ok

19:10:33.0715 5268  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

19:10:33.0723 5268  msahci - ok

19:10:33.0728 5268  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

19:10:33.0737 5268  msdsm - ok

19:10:33.0742 5268  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

19:10:33.0753 5268  MSDTC - ok

19:10:33.0760 5268  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

19:10:33.0788 5268  Msfs - ok

19:10:33.0791 5268  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

19:10:33.0819 5268  mshidkmdf - ok

19:10:33.0823 5268  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

19:10:33.0831 5268  msisadrv - ok

19:10:33.0836 5268  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

19:10:33.0866 5268  MSiSCSI - ok

19:10:33.0869 5268  msiserver - ok

19:10:33.0872 5268  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

19:10:33.0900 5268  MSKSSRV - ok

19:10:33.0904 5268  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

19:10:33.0933 5268  MSPCLOCK - ok

19:10:33.0936 5268  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

19:10:33.0964 5268  MSPQM - ok

19:10:33.0971 5268  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

19:10:33.0983 5268  MsRPC - ok

19:10:33.0989 5268  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

19:10:33.0997 5268  mssmbios - ok

19:10:34.0000 5268  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

19:10:34.0028 5268  MSTEE - ok

19:10:34.0031 5268  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

19:10:34.0041 5268  MTConfig - ok

19:10:34.0044 5268  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

19:10:34.0053 5268  Mup - ok

19:10:34.0062 5268  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

19:10:34.0094 5268  napagent - ok

19:10:34.0102 5268  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

19:10:34.0117 5268  NativeWifiP - ok

19:10:34.0121 5268  [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS

19:10:34.0129 5268  NAVENG - ok

19:10:34.0153 5268  [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS

19:10:34.0186 5268  NAVEX15 - ok

19:10:34.0201 5268  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

19:10:34.0221 5268  NDIS - ok

19:10:34.0225 5268  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

19:10:34.0254 5268  NdisCap - ok

19:10:34.0257 5268  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

19:10:34.0286 5268  NdisTapi - ok

19:10:34.0290 5268  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

19:10:34.0318 5268  Ndisuio - ok

19:10:34.0323 5268  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

19:10:34.0352 5268  NdisWan - ok

19:10:34.0355 5268  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

19:10:34.0383 5268  NDProxy - ok

19:10:34.0386 5268  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

19:10:34.0415 5268  NetBIOS - ok

19:10:34.0421 5268  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

19:10:34.0451 5268  NetBT - ok

19:10:34.0454 5268  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

19:10:34.0464 5268  Netlogon - ok

19:10:34.0471 5268  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

19:10:34.0503 5268  Netman - ok

19:10:34.0512 5268  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

19:10:34.0546 5268  netprofm - ok

19:10:34.0551 5268  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:10:34.0559 5268  NetTcpPortSharing - ok

19:10:34.0563 5268  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

19:10:34.0571 5268  nfrd960 - ok

19:10:34.0577 5268  [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

19:10:34.0585 5268  NIS - ok

19:10:34.0592 5268  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

19:10:34.0604 5268  NlaSvc - ok

19:10:34.0608 5268  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

19:10:34.0636 5268  Npfs - ok

19:10:34.0640 5268  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

19:10:34.0669 5268  nsi - ok

19:10:34.0672 5268  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

19:10:34.0701 5268  nsiproxy - ok

19:10:34.0734 5268  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

19:10:34.0764 5268  Ntfs - ok

19:10:34.0768 5268  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

19:10:34.0796 5268  Null - ok

19:10:34.0801 5268  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

19:10:34.0810 5268  nvraid - ok

19:10:34.0815 5268  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

19:10:34.0825 5268  nvstor - ok

19:10:34.0830 5268  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

19:10:34.0839 5268  nv_agp - ok

19:10:34.0843 5268  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

19:10:34.0852 5268  ohci1394 - ok

19:10:34.0859 5268  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

19:10:34.0872 5268  p2pimsvc - ok

19:10:34.0880 5268  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

19:10:34.0893 5268  p2psvc - ok

19:10:34.0898 5268  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

19:10:34.0907 5268  Parport - ok

19:10:34.0911 5268  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

19:10:34.0920 5268  partmgr - ok

19:10:34.0925 5268  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

19:10:34.0940 5268  PcaSvc - ok

19:10:34.0946 5268  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

19:10:34.0956 5268  pci - ok

19:10:34.0959 5268  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

19:10:34.0967 5268  pciide - ok

19:10:34.0972 5268  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

19:10:34.0983 5268  pcmcia - ok

19:10:34.0987 5268  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

19:10:34.0995 5268  pcw - ok

19:10:35.0005 5268  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

19:10:35.0039 5268  PEAUTH - ok

19:10:35.0057 5268  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

19:10:35.0079 5268  PeerDistSvc - ok

19:10:35.0103 5268  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

19:10:35.0113 5268  PerfHost - ok

19:10:35.0135 5268  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

19:10:35.0176 5268  pla - ok

19:10:35.0184 5268  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

19:10:35.0198 5268  PlugPlay - ok

19:10:35.0202 5268  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

19:10:35.0211 5268  PNRPAutoReg - ok

19:10:35.0218 5268  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

19:10:35.0230 5268  PNRPsvc - ok

19:10:35.0239 5268  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

19:10:35.0272 5268  PolicyAgent - ok

19:10:35.0279 5268  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

19:10:35.0310 5268  Power - ok

19:10:35.0314 5268  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

19:10:35.0343 5268  PptpMiniport - ok

19:10:35.0347 5268  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

19:10:35.0356 5268  Processor - ok

19:10:35.0362 5268  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

19:10:35.0373 5268  ProfSvc - ok

19:10:35.0376 5268  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

19:10:35.0385 5268  ProtectedStorage - ok

19:10:35.0390 5268  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

19:10:35.0418 5268  Psched - ok

19:10:35.0438 5268  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

19:10:35.0466 5268  ql2300 - ok

19:10:35.0471 5268  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

19:10:35.0480 5268  ql40xx - ok

19:10:35.0486 5268  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

19:10:35.0501 5268  QWAVE - ok

19:10:35.0505 5268  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

19:10:35.0518 5268  QWAVEdrv - ok

19:10:35.0521 5268  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

19:10:35.0549 5268  RasAcd - ok

19:10:35.0553 5268  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

19:10:35.0581 5268  RasAgileVpn - ok

19:10:35.0588 5268  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

19:10:35.0617 5268  RasAuto - ok

19:10:35.0623 5268  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

19:10:35.0651 5268  Rasl2tp - ok

19:10:35.0658 5268  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

19:10:35.0690 5268  RasMan - ok

19:10:35.0694 5268  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

19:10:35.0724 5268  RasPppoe - ok

19:10:35.0728 5268  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

19:10:35.0758 5268  RasSstp - ok

19:10:35.0765 5268  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

19:10:35.0796 5268  rdbss - ok

19:10:35.0800 5268  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

19:10:35.0812 5268  rdpbus - ok

19:10:35.0814 5268  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

19:10:35.0843 5268  RDPCDD - ok

19:10:35.0849 5268  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

19:10:35.0860 5268  RDPDR - ok

19:10:35.0863 5268  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

19:10:35.0891 5268  RDPENCDD - ok

19:10:35.0895 5268  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

19:10:35.0923 5268  RDPREFMP - ok

19:10:35.0929 5268  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

19:10:35.0938 5268  RdpVideoMiniport - ok

19:10:35.0943 5268  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

19:10:35.0953 5268  RDPWD - ok

19:10:35.0959 5268  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

19:10:35.0970 5268  rdyboost - ok

19:10:35.0975 5268  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

19:10:36.0005 5268  RemoteAccess - ok

19:10:36.0010 5268  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

19:10:36.0041 5268  RemoteRegistry - ok

19:10:36.0046 5268  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

19:10:36.0076 5268  RpcEptMapper - ok

19:10:36.0079 5268  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

19:10:36.0089 5268  RpcLocator - ok

19:10:36.0097 5268  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

19:10:36.0131 5268  RpcSs - ok

19:10:36.0135 5268  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

19:10:36.0164 5268  rspndr - ok

19:10:36.0174 5268  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

19:10:36.0188 5268  RTL8167 - ok

19:10:36.0191 5268  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

19:10:36.0200 5268  s3cap - ok

19:10:36.0203 5268  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

19:10:36.0211 5268  SamSs - ok

19:10:36.0216 5268  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

19:10:36.0225 5268  sbp2port - ok

19:10:36.0230 5268  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

19:10:36.0261 5268  SCardSvr - ok

19:10:36.0265 5268  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

19:10:36.0292 5268  scfilter - ok

19:10:36.0307 5268  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

19:10:36.0345 5268  Schedule - ok

19:10:36.0349 5268  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

19:10:36.0377 5268  SCPolicySvc - ok

19:10:36.0383 5268  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

19:10:36.0393 5268  SDRSVC - ok

19:10:36.0397 5268  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

19:10:36.0426 5268  secdrv - ok

19:10:36.0430 5268  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

19:10:36.0458 5268  seclogon - ok

19:10:36.0462 5268  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

19:10:36.0492 5268  SENS - ok

19:10:36.0496 5268  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

19:10:36.0506 5268  SensrSvc - ok

19:10:36.0509 5268  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

19:10:36.0519 5268  Serenum - ok

19:10:36.0523 5268  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

19:10:36.0533 5268  Serial - ok

19:10:36.0536 5268  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

19:10:36.0545 5268  sermouse - ok

19:10:36.0554 5268  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

19:10:36.0584 5268  SessionEnv - ok

19:10:36.0587 5268  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

19:10:36.0598 5268  sffdisk - ok

19:10:36.0602 5268  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

19:10:36.0613 5268  sffp_mmc - ok

19:10:36.0616 5268  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

19:10:36.0627 5268  sffp_sd - ok

19:10:36.0630 5268  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

19:10:36.0639 5268  sfloppy - ok

19:10:36.0646 5268  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

19:10:36.0677 5268  SharedAccess - ok

19:10:36.0685 5268  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:10:36.0717 5268  ShellHWDetection - ok

19:10:36.0721 5268  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:10:36.0730 5268  SiSRaid2 - ok

19:10:36.0733 5268  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

19:10:36.0742 5268  SiSRaid4 - ok

19:10:36.0747 5268  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

19:10:36.0756 5268  SkypeUpdate - ok

19:10:36.0760 5268  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

19:10:36.0790 5268  Smb - ok

19:10:36.0796 5268  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

19:10:36.0807 5268  SNMPTRAP - ok

19:10:36.0810 5268  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

19:10:36.0818 5268  spldr - ok

19:10:36.0828 5268  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

19:10:36.0842 5268  Spooler - ok

19:10:36.0881 5268  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

19:10:36.0942 5268  sppsvc - ok

19:10:36.0948 5268  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

19:10:36.0978 5268  sppuinotify - ok

19:10:36.0990 5268  [ 1321A6C3C92BBD3F3BBE1292CFF8E91A ] SRTSP           C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS

19:10:37.0006 5268  SRTSP - ok

19:10:37.0010 5268  [ BD129C22C3B8C2E584227269DFA77B09 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS

19:10:37.0016 5268  SRTSPX - ok

19:10:37.0025 5268  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

19:10:37.0038 5268  srv - ok

19:10:37.0046 5268  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

19:10:37.0058 5268  srv2 - ok

19:10:37.0063 5268  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

19:10:37.0074 5268  srvnet - ok

19:10:37.0079 5268  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

19:10:37.0110 5268  SSDPSRV - ok

19:10:37.0115 5268  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

19:10:37.0144 5268  SstpSvc - ok

19:10:37.0154 5268  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

19:10:37.0168 5268  Steam Client Service - ok

19:10:37.0171 5268  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

19:10:37.0180 5268  stexstor - ok

19:10:37.0190 5268  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

19:10:37.0209 5268  stisvc - ok

19:10:37.0213 5268  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

19:10:37.0221 5268  storflt - ok

19:10:37.0225 5268  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

19:10:37.0234 5268  storvsc - ok

19:10:37.0237 5268  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

19:10:37.0245 5268  swenum - ok

19:10:37.0254 5268  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

19:10:37.0288 5268  swprv - ok

19:10:37.0296 5268  [ 8B2430762099598DA40686F754632EFD ] SymDS           C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS

19:10:37.0309 5268  SymDS - ok

19:10:37.0324 5268  [ FE29B18BF86FFCD55D8733C9B01E5042 ] SymEFA          C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS

19:10:37.0345 5268  SymEFA - ok

19:10:37.0350 5268  [ 36B77F5C9E21F88A8C8EC67AD5415819 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

19:10:37.0359 5268  SymEvent - ok

19:10:37.0364 5268  [ DD70DA422460FDED831D211DF151D560 ] SymIRON         C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS

19:10:37.0372 5268  SymIRON - ok

19:10:37.0380 5268  [ BCE4EB2EEF05E388959B46FD21388C2D ] SymNetS         C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS

19:10:37.0391 5268  SymNetS - ok

19:10:37.0394 5268  Synth3dVsc - ok

19:10:37.0416 5268  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

19:10:37.0447 5268  SysMain - ok

19:10:37.0452 5268  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:10:37.0467 5268  TabletInputService - ok

19:10:37.0474 5268  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

19:10:37.0505 5268  TapiSrv - ok

19:10:37.0510 5268  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

19:10:37.0540 5268  TBS - ok

19:10:37.0564 5268  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

19:10:37.0596 5268  Tcpip - ok

19:10:37.0620 5268  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

19:10:37.0652 5268  TCPIP6 - ok

19:10:37.0658 5268  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

19:10:37.0667 5268  tcpipreg - ok

19:10:37.0671 5268  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

19:10:37.0680 5268  TDPIPE - ok

19:10:37.0683 5268  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

19:10:37.0692 5268  TDTCP - ok

19:10:37.0696 5268  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

19:10:37.0725 5268  tdx - ok

19:10:37.0782 5268  [ D53118C165AE5D188632B6CDEEE82A1B ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

19:10:37.0846 5268  TeamViewer8 - ok

19:10:37.0852 5268  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

19:10:37.0860 5268  TermDD - ok

19:10:37.0872 5268  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

19:10:37.0907 5268  TermService - ok

19:10:37.0911 5268  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

19:10:37.0925 5268  Themes - ok

19:10:37.0929 5268  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

19:10:37.0958 5268  THREADORDER - ok

19:10:37.0963 5268  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

19:10:37.0993 5268  TrkWks - ok

19:10:37.0998 5268  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:10:38.0027 5268  TrustedInstaller - ok

19:10:38.0033 5268  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

19:10:38.0041 5268  tssecsrv - ok

19:10:38.0045 5268  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

19:10:38.0054 5268  TsUsbFlt - ok

19:10:38.0057 5268  tsusbhub - ok

19:10:38.0062 5268  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

19:10:38.0091 5268  tunnel - ok

19:10:38.0095 5268  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

19:10:38.0104 5268  uagp35 - ok

19:10:38.0111 5268  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

19:10:38.0142 5268  udfs - ok

19:10:38.0149 5268  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

19:10:38.0159 5268  UI0Detect - ok

19:10:38.0163 5268  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

19:10:38.0172 5268  uliagpkx - ok

19:10:38.0175 5268  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

19:10:38.0185 5268  umbus - ok

19:10:38.0189 5268  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

19:10:38.0197 5268  UmPass - ok

19:10:38.0202 5268  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

19:10:38.0214 5268  UmRdpService - ok

19:10:38.0221 5268  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

19:10:38.0254 5268  upnphost - ok

19:10:38.0258 5268  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

19:10:38.0267 5268  USBAAPL64 - ok

19:10:38.0271 5268  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

19:10:38.0283 5268  usbaudio - ok

19:10:38.0287 5268  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

19:10:38.0296 5268  usbccgp - ok

19:10:38.0301 5268  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

19:10:38.0312 5268  usbcir - ok

19:10:38.0316 5268  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

19:10:38.0324 5268  usbehci - ok

19:10:38.0331 5268  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

19:10:38.0343 5268  usbhub - ok

19:10:38.0346 5268  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

19:10:38.0355 5268  usbohci - ok

19:10:38.0359 5268  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

19:10:38.0370 5268  usbprint - ok

19:10:38.0374 5268  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:10:38.0383 5268  USBSTOR - ok

19:10:38.0387 5268  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

19:10:38.0395 5268  usbuhci - ok

19:10:38.0401 5268  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

19:10:38.0414 5268  usbvideo - ok

19:10:38.0417 5268  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

19:10:38.0446 5268  UxSms - ok

19:10:38.0450 5268  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

19:10:38.0459 5268  VaultSvc - ok

19:10:38.0462 5268  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

19:10:38.0471 5268  vdrvroot - ok

19:10:38.0480 5268  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

19:10:38.0512 5268  vds - ok

19:10:38.0516 5268  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

19:10:38.0527 5268  vga - ok

19:10:38.0531 5268  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

19:10:38.0559 5268  VgaSave - ok

19:10:38.0562 5268  VGPU - ok

19:10:38.0568 5268  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

19:10:38.0579 5268  vhdmp - ok

19:10:38.0583 5268  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

19:10:38.0591 5268  viaide - ok

19:10:38.0596 5268  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

19:10:38.0606 5268  vmbus - ok

19:10:38.0609 5268  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

19:10:38.0618 5268  VMBusHID - ok

19:10:38.0622 5268  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

19:10:38.0630 5268  volmgr - ok

19:10:38.0638 5268  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

19:10:38.0650 5268  volmgrx - ok

19:10:38.0656 5268  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

19:10:38.0668 5268  volsnap - ok

19:10:38.0673 5268  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

19:10:38.0683 5268  vsmraid - ok

19:10:38.0703 5268  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

19:10:38.0747 5268  VSS - ok

19:10:38.0751 5268  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

19:10:38.0763 5268  vwifibus - ok

19:10:38.0770 5268  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

19:10:38.0803 5268  W32Time - ok

19:10:38.0808 5268  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

19:10:38.0817 5268  WacomPen - ok

19:10:38.0822 5268  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

19:10:38.0850 5268  WANARP - ok

19:10:38.0853 5268  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

19:10:38.0881 5268  Wanarpv6 - ok

19:10:38.0900 5268  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

19:10:38.0924 5268  wbengine - ok

19:10:38.0930 5268  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

19:10:38.0946 5268  WbioSrvc - ok

19:10:38.0953 5268  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

19:10:38.0971 5268  wcncsvc - ok

19:10:38.0975 5268  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:10:38.0985 5268  WcsPlugInService - ok

19:10:38.0989 5268  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

19:10:38.0997 5268  Wd - ok

19:10:39.0009 5268  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

19:10:39.0028 5268  Wdf01000 - ok

19:10:39.0033 5268  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

19:10:39.0048 5268  WdiServiceHost - ok

19:10:39.0051 5268  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

19:10:39.0066 5268  WdiSystemHost - ok

19:10:39.0072 5268  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

19:10:39.0089 5268  WebClient - ok

19:10:39.0095 5268  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

19:10:39.0128 5268  Wecsvc - ok

19:10:39.0132 5268  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

19:10:39.0162 5268  wercplsupport - ok

19:10:39.0167 5268  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

19:10:39.0197 5268  WerSvc - ok

19:10:39.0201 5268  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

19:10:39.0230 5268  WfpLwf - ok

19:10:39.0233 5268  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

19:10:39.0241 5268  WIMMount - ok

19:10:39.0243 5268  WinDefend - ok

19:10:39.0248 5268  WinHttpAutoProxySvc - ok

19:10:39.0259 5268  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

19:10:39.0289 5268  Winmgmt - ok

19:10:39.0313 5268  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

19:10:39.0361 5268  WinRM - ok

19:10:39.0368 5268  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

19:10:39.0380 5268  WinUsb - ok

19:10:39.0394 5268  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

19:10:39.0416 5268  Wlansvc - ok

19:10:39.0419 5268  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

19:10:39.0429 5268  WmiAcpi - ok

19:10:39.0436 5268  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

19:10:39.0447 5268  wmiApSrv - ok

19:10:39.0450 5268  WMPNetworkSvc - ok

19:10:39.0454 5268  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

19:10:39.0464 5268  WPCSvc - ok

19:10:39.0468 5268  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

19:10:39.0480 5268  WPDBusEnum - ok

19:10:39.0483 5268  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

19:10:39.0512 5268  ws2ifsl - ok

19:10:39.0516 5268  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

19:10:39.0531 5268  wscsvc - ok

19:10:39.0534 5268  WSearch - ok

19:10:39.0564 5268  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

19:10:39.0604 5268  wuauserv - ok

19:10:39.0609 5268  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

19:10:39.0619 5268  WudfPf - ok

19:10:39.0624 5268  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

19:10:39.0635 5268  WUDFRd - ok

19:10:39.0639 5268  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

19:10:39.0650 5268  wudfsvc - ok

19:10:39.0655 5268  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll

19:10:39.0667 5268  WwanSvc - ok

19:10:39.0672 5268  ================ Scan global ===============================

19:10:39.0675 5268  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

19:10:39.0681 5268  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

19:10:39.0688 5268  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

19:10:39.0693 5268  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

19:10:39.0700 5268  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

19:10:39.0703 5268  [Global] - ok

19:10:39.0703 5268  ================ Scan MBR ==================================

19:10:39.0724 5268  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

19:10:39.0809 5268  \Device\Harddisk1\DR1 - ok

19:10:39.0812 5268  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

19:10:39.0886 5268  \Device\Harddisk0\DR0 - ok

19:10:39.0886 5268  ================ Scan VBR ==================================

19:10:39.0888 5268  [ E7307516116BCD3AA47A75C43E31E51E ] \Device\Harddisk1\DR1\Partition1

19:10:39.0889 5268  \Device\Harddisk1\DR1\Partition1 - ok

19:10:39.0895 5268  [ D9EB526D5F42308D724FD28BB86A920D ] \Device\Harddisk1\DR1\Partition2

19:10:39.0897 5268  \Device\Harddisk1\DR1\Partition2 - ok

19:10:39.0899 5268  [ F8CFE78A6C2085F8A5FC66D0774BEF24 ] \Device\Harddisk0\DR0\Partition1

19:10:39.0900 5268  \Device\Harddisk0\DR0\Partition1 - ok

19:10:39.0902 5268  [ D69D7E34B2E3F817F3724995CD2D5AE5 ] \Device\Harddisk0\DR0\Partition2

19:10:39.0903 5268  \Device\Harddisk0\DR0\Partition2 - ok

19:10:39.0903 5268  ============================================================

19:10:39.0903 5268  Scan finished

19:10:39.0903 5268  ============================================================

19:10:39.0911 5776  Detected object count: 1

19:10:39.0911 5776  Actual detected object count: 1

19:10:59.0909 5776  BEService ( UnsignedFile.Multi.Generic ) - skipped by user

19:10:59.0910 5776  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip