| |
| |||||||
Log-Analyse und Auswertung: BOO/TDss.O Virus entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.04.2012, 09:25
| #1 |
 |  BOO/TDss.O Virus entfernen Hallo ihr Helfenden, bitte um Hilfe bei der Entfernung des Trojaners/Viruses BOO/TDss.O |
|
07.04.2012, 19:14
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BOO/TDss.O Virus entfernen Könntest du vllt erstmal alle Logs deines Virenscanners posten?
__________________Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
08.04.2012, 16:18
| #3 |
| | BOO/TDss.O Virus entfernen Hallo,
__________________wo finde ich die? - habe AVIRA. |
|
08.04.2012, 17:07
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernen Berichte/Ereignisse
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.04.2012, 20:38
| #5 |
| | BOO/TDss.O Virus entfernen Habe ich übersehen. es sind ca. 30 Berichte, hier ist der aktuellste mit 3 Funden Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 8. April 2012 17:16
Es wird nach 3596453 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista
Windowsversion : (Service Pack 1) [6.0.6001]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : KÖTER-PC
Versionsinformationen:
BUILD.DAT : 12.0.0.898 41963 Bytes 31.01.2012 13:51:00
AVSCAN.EXE : 12.1.0.20 492496 Bytes 10.03.2012 17:31:53
AVSCAN.DLL : 12.1.0.18 65744 Bytes 10.03.2012 17:31:52
LUKE.DLL : 12.1.0.19 68304 Bytes 10.03.2012 17:31:53
AVSCPLR.DLL : 12.1.0.22 100048 Bytes 10.03.2012 17:31:54
AVREG.DLL : 12.1.0.36 229128 Bytes 06.04.2012 08:38:47
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:31:49
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 09:28:41
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 08:15:17
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 08:38:43
VBASE005.VDF : 7.11.26.45 2048 Bytes 28.03.2012 08:38:43
VBASE006.VDF : 7.11.26.46 2048 Bytes 28.03.2012 08:38:43
VBASE007.VDF : 7.11.26.47 2048 Bytes 28.03.2012 08:38:43
VBASE008.VDF : 7.11.26.48 2048 Bytes 28.03.2012 08:38:43
VBASE009.VDF : 7.11.26.49 2048 Bytes 28.03.2012 08:38:43
VBASE010.VDF : 7.11.26.50 2048 Bytes 28.03.2012 08:38:43
VBASE011.VDF : 7.11.26.51 2048 Bytes 28.03.2012 08:38:43
VBASE012.VDF : 7.11.26.52 2048 Bytes 28.03.2012 08:38:43
VBASE013.VDF : 7.11.26.53 2048 Bytes 28.03.2012 08:38:43
VBASE014.VDF : 7.11.26.107 221696 Bytes 30.03.2012 08:38:44
VBASE015.VDF : 7.11.26.179 224768 Bytes 02.04.2012 08:38:44
VBASE016.VDF : 7.11.26.241 142336 Bytes 04.04.2012 08:38:44
VBASE017.VDF : 7.11.26.242 2048 Bytes 04.04.2012 08:38:44
VBASE018.VDF : 7.11.26.243 2048 Bytes 04.04.2012 08:38:44
VBASE019.VDF : 7.11.26.244 2048 Bytes 04.04.2012 08:38:44
VBASE020.VDF : 7.11.26.245 2048 Bytes 04.04.2012 08:38:44
VBASE021.VDF : 7.11.26.246 2048 Bytes 04.04.2012 08:38:44
VBASE022.VDF : 7.11.26.247 2048 Bytes 04.04.2012 08:38:44
VBASE023.VDF : 7.11.26.248 2048 Bytes 04.04.2012 08:38:44
VBASE024.VDF : 7.11.26.249 2048 Bytes 04.04.2012 08:38:44
VBASE025.VDF : 7.11.26.250 2048 Bytes 04.04.2012 08:38:44
VBASE026.VDF : 7.11.26.251 2048 Bytes 04.04.2012 08:38:44
VBASE027.VDF : 7.11.26.252 2048 Bytes 04.04.2012 08:38:44
VBASE028.VDF : 7.11.26.253 2048 Bytes 04.04.2012 08:38:44
VBASE029.VDF : 7.11.26.254 2048 Bytes 04.04.2012 08:38:44
VBASE030.VDF : 7.11.26.255 2048 Bytes 04.04.2012 08:38:44
VBASE031.VDF : 7.11.27.32 186368 Bytes 06.04.2012 08:38:44
Engineversion : 8.2.10.38
AEVDF.DLL : 8.1.2.2 106868 Bytes 15.12.2011 13:59:36
AESCRIPT.DLL : 8.1.4.16 446842 Bytes 06.04.2012 08:38:46
AESCN.DLL : 8.1.8.2 131444 Bytes 08.02.2012 08:24:53
AESBX.DLL : 8.2.5.5 606579 Bytes 14.03.2012 17:22:45
AERDL.DLL : 8.1.9.15 639348 Bytes 14.12.2011 23:31:02
AEPACK.DLL : 8.2.16.9 807287 Bytes 06.04.2012 08:38:46
AEOFFICE.DLL : 8.1.2.27 201082 Bytes 06.04.2012 08:38:46
AEHEUR.DLL : 8.1.4.12 4604278 Bytes 06.04.2012 08:38:46
AEHELP.DLL : 8.1.19.1 254327 Bytes 06.04.2012 08:38:45
AEGEN.DLL : 8.1.5.23 409973 Bytes 10.03.2012 17:31:44
AEEXP.DLL : 8.1.0.28 82292 Bytes 06.04.2012 08:38:46
AEEMU.DLL : 8.1.3.0 393589 Bytes 14.12.2011 23:30:58
AECORE.DLL : 8.1.25.6 201078 Bytes 15.03.2012 19:28:43
AEBB.DLL : 8.1.1.0 53618 Bytes 14.12.2011 23:30:58
AVWINLL.DLL : 12.1.0.17 27344 Bytes 15.12.2011 13:59:41
AVPREF.DLL : 12.1.0.17 51920 Bytes 15.12.2011 13:59:38
AVREP.DLL : 12.1.0.17 179408 Bytes 15.12.2011 13:59:38
AVARKT.DLL : 12.1.0.23 209360 Bytes 10.03.2012 17:31:52
AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 15.12.2011 13:59:37
SQLITE3.DLL : 3.7.0.0 398288 Bytes 15.12.2011 13:59:50
AVSMTP.DLL : 12.1.0.17 62928 Bytes 15.12.2011 13:59:39
NETNT.DLL : 12.1.0.17 17104 Bytes 15.12.2011 13:59:47
RCIMAGE.DLL : 12.1.0.17 4447952 Bytes 15.12.2011 13:59:58
RCTEXT.DLL : 12.1.0.16 98512 Bytes 15.12.2011 13:59:59
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Sonntag, 8. April 2012 17:16
Der Suchlauf über die Masterbootsektoren wird begonnen:
Der Suchlauf über die Bootsektoren wird begonnen:
Masterbootsektor HD0
[FUND] Enthält Code des Bootsektorvirus BOO/TDss.O
[HINWEIS] Der Bootsektor wurde nicht repariert
Bootsektor 'C:\'
[FUND] Enthält Code des Bootsektorvirus BOO/TDss.O
[HINWEIS] Der Bootsektor wurde nicht repariert
Bootsektor 'D:\'
[FUND] Enthält Code des Bootsektorvirus BOO/TDss.O
[HINWEIS] Der Bootsektor wurde nicht repariert
Der Suchlauf nach versteckten Objekten wird begonnen.
Versteckter Thread
[HINWEIS] Ein Systemthread ist nicht sichtbar.
Versteckter Thread
[HINWEIS] Ein Systemthread ist nicht sichtbar.
Versteckter Thread
[HINWEIS] Ein Systemthread ist nicht sichtbar.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'wmiprvse.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'WMIADAP.EXE' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqgpc01.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqbam08.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqSTE08.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '153' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSwMgr.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'HidFind.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'HCMSoundChanger.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'CEC_MAIN.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqtra08.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'TOSCDSPD.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'PPActiveDetection.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLPS.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'caissdt.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuSchd2.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToshibaRegistration.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'HDMICtrlMan.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'TCrdMain.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'SmoothView.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPwrMain.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'traybar.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Toshiba.Tempo.UI.TrayApplication.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleEULALauncher.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleDesktop.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'NDSTray.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '186' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'SmartFaceVWatchSrv.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'xaudio.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'ULCDRSvr.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosIPCSrv.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosCoSrv.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'TODDSrv.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TNaviSrv.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'TempoSVC.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'o2flash.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSvcs.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'cmdagent.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLPSLS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '583' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Vista>
Beginne mit der Suche in 'D:\' <Data>
Ende des Suchlaufs: Sonntag, 8. April 2012 18:14
Benötigte Zeit: 58:15 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
13413 Verzeichnisse wurden überprüft
189836 Dateien wurden geprüft
3 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
189836 Dateien ohne Befall
1636 Archive wurden durchsucht
0 Warnungen
6 Hinweise
338588 Objekte wurden beim Rootkitscan durchsucht
3 Versteckte Objekte wurden gefunden
|
|
08.04.2012, 20:51
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> BOO/TDss.O Virus entfernen |
|
08.04.2012, 21:38
| #7 |
| | BOO/TDss.O Virus entfernen O.K. hier das Log Code:
ATTFilter 22:34:24.0762 4164 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
22:34:24.0840 4164 ============================================================
22:34:24.0840 4164 Current date / time: 2012/04/08 22:34:24.0840
22:34:24.0840 4164 SystemInfo:
22:34:24.0840 4164
22:34:24.0840 4164 OS Version: 6.0.6001 ServicePack: 1.0
22:34:24.0840 4164 Product type: Workstation
22:34:24.0840 4164 ComputerName: KÖTER-PC
22:34:24.0840 4164 UserName: Köter
22:34:24.0840 4164 Windows directory: C:\Windows
22:34:24.0840 4164 System windows directory: C:\Windows
22:34:24.0840 4164 Processor architecture: Intel x86
22:34:24.0840 4164 Number of processors: 2
22:34:24.0840 4164 Page size: 0x1000
22:34:24.0840 4164 Boot type: Normal boot
22:34:24.0840 4164 ============================================================
22:34:25.0402 4164 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:34:25.0402 4164 Drive \Device\Harddisk1\DR3 - Size: 0x3C300000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:34:25.0402 4164 \Device\Harddisk0\DR0:
22:34:25.0402 4164 MBR used
22:34:25.0402 4164 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12D50800
22:34:25.0402 4164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1303F000, BlocksNum 0x123EF800
22:34:25.0402 4164 \Device\Harddisk1\DR3:
22:34:25.0402 4164 MBR used
22:34:25.0402 4164 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x6, StartLBA 0x308, BlocksNum 0x1E14F8
22:34:25.0480 4164 Initialize success
22:34:25.0480 4164 ============================================================
22:34:39.0504 6140 ============================================================
22:34:39.0504 6140 Scan started
22:34:39.0504 6140 Mode: Manual; SigCheck; TDLFS;
22:34:39.0504 6140 ============================================================
22:34:40.0050 6140 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
22:34:40.0144 6140 ACPI - ok
22:34:40.0190 6140 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:34:40.0206 6140 adp94xx - ok
22:34:40.0331 6140 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:34:40.0346 6140 adpahci - ok
22:34:40.0378 6140 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:34:40.0393 6140 adpu160m - ok
22:34:40.0424 6140 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:34:40.0424 6140 adpu320 - ok
22:34:40.0534 6140 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:34:40.0580 6140 AeLookupSvc - ok
22:34:40.0658 6140 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
22:34:40.0705 6140 AFD - ok
22:34:40.0783 6140 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:34:40.0799 6140 agp440 - ok
22:34:40.0861 6140 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:34:40.0877 6140 aic78xx - ok
22:34:40.0908 6140 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:34:40.0955 6140 ALG - ok
22:34:41.0048 6140 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:34:41.0048 6140 aliide - ok
22:34:41.0111 6140 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:34:41.0111 6140 amdagp - ok
22:34:41.0126 6140 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:34:41.0142 6140 amdide - ok
22:34:41.0158 6140 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:34:41.0189 6140 AmdK7 - ok
22:34:41.0251 6140 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:34:41.0298 6140 AmdK8 - ok
22:34:41.0407 6140 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:34:41.0423 6140 AntiVirSchedulerService - ok
22:34:41.0438 6140 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:34:41.0454 6140 AntiVirService - ok
22:34:41.0579 6140 ApfiltrService (45f47f79ad3f587a334345fd2969354b) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:34:41.0797 6140 ApfiltrService - ok
22:34:41.0938 6140 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:34:41.0969 6140 Appinfo - ok
22:34:42.0016 6140 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:34:42.0016 6140 arc - ok
22:34:42.0109 6140 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:34:42.0125 6140 arcsas - ok
22:34:42.0156 6140 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:34:42.0203 6140 AsyncMac - ok
22:34:42.0250 6140 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
22:34:42.0343 6140 atapi - ok
22:34:42.0468 6140 Ati External Event Utility (54d715af597c06e87418c50f481bdd2c) C:\Windows\system32\Ati2evxx.exe
22:34:42.0515 6140 Ati External Event Utility - ok
22:34:42.0733 6140 atikmdag (be4d8fdc6b2598c46b2b5e6e4fbaafc5) C:\Windows\system32\DRIVERS\atikmdag.sys
22:34:42.0858 6140 atikmdag - ok
22:34:42.0998 6140 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
22:34:43.0045 6140 AudioEndpointBuilder - ok
22:34:43.0061 6140 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
22:34:43.0076 6140 Audiosrv - ok
22:34:43.0123 6140 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
22:34:43.0139 6140 avgntflt - ok
22:34:43.0186 6140 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
22:34:43.0326 6140 avipbb - ok
22:34:43.0404 6140 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:34:43.0420 6140 avkmgr - ok
22:34:43.0482 6140 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:34:43.0513 6140 Beep - ok
22:34:43.0638 6140 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
22:34:43.0685 6140 BFE - ok
22:34:43.0825 6140 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
22:34:43.0872 6140 BITS - ok
22:34:43.0934 6140 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:34:43.0966 6140 blbdrive - ok
22:34:44.0044 6140 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
22:34:44.0106 6140 bowser - ok
22:34:44.0168 6140 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:34:44.0215 6140 BrFiltLo - ok
22:34:44.0262 6140 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:34:44.0309 6140 BrFiltUp - ok
22:34:44.0340 6140 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:34:44.0402 6140 Browser - ok
22:34:44.0512 6140 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:34:44.0574 6140 Brserid - ok
22:34:44.0590 6140 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:34:44.0652 6140 BrSerWdm - ok
22:34:44.0668 6140 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:34:44.0730 6140 BrUsbMdm - ok
22:34:44.0730 6140 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:34:44.0792 6140 BrUsbSer - ok
22:34:44.0902 6140 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:34:44.0948 6140 BTHMODEM - ok
22:34:44.0995 6140 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:34:45.0026 6140 cdfs - ok
22:34:45.0120 6140 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
22:34:45.0167 6140 cdrom - ok
22:34:45.0198 6140 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
22:34:45.0245 6140 CertPropSvc - ok
22:34:45.0323 6140 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:34:45.0354 6140 circlass - ok
22:34:45.0401 6140 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
22:34:45.0416 6140 CLFS - ok
22:34:45.0635 6140 CLPSLS (be465a17fda2e79ed49053cbec7e9335) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
22:34:45.0666 6140 CLPSLS - ok
22:34:45.0775 6140 clr_optimization_v2.0.50727_32 (a4af4201bd519971f8f34724f3ca9dbb) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:34:45.0791 6140 clr_optimization_v2.0.50727_32 - ok
22:34:45.0869 6140 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:34:45.0916 6140 CmBatt - ok
22:34:46.0181 6140 cmdAgent (6629d81b41badd0d787f0e306ceee7e0) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:34:46.0243 6140 cmdAgent - ok
22:34:46.0384 6140 cmderd (2dbe76de0ae9b60c2d497b8ea98d2c23) C:\Windows\system32\DRIVERS\cmderd.sys
22:34:46.0384 6140 cmderd - ok
22:34:46.0446 6140 cmdGuard (9c46c7210367b7f5d1eacc6c29602bd6) C:\Windows\system32\DRIVERS\cmdguard.sys
22:34:46.0462 6140 cmdGuard - ok
22:34:46.0508 6140 cmdHlp (b4c05b0bfcb90c030085893a39863b6f) C:\Windows\system32\DRIVERS\cmdhlp.sys
22:34:46.0508 6140 cmdHlp - ok
22:34:46.0602 6140 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:34:46.0618 6140 cmdide - ok
22:34:46.0680 6140 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
22:34:46.0836 6140 CnxtHdAudService - ok
22:34:46.0930 6140 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:34:46.0930 6140 Compbatt - ok
22:34:46.0945 6140 COMSysApp - ok
22:34:47.0039 6140 ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
22:34:47.0054 6140 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
22:34:47.0054 6140 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
22:34:47.0132 6140 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:34:47.0148 6140 crcdisk - ok
22:34:47.0179 6140 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:34:47.0210 6140 Crusoe - ok
22:34:47.0273 6140 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
22:34:47.0304 6140 CryptSvc - ok
22:34:47.0429 6140 DcomLaunch (33fb1f0193ee2051067441492d56113c) C:\Windows\system32\rpcss.dll
22:34:47.0476 6140 DcomLaunch - ok
22:34:47.0522 6140 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
22:34:47.0569 6140 DfsC - ok
22:34:47.0741 6140 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
22:34:47.0881 6140 DFSR - ok
22:34:47.0990 6140 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
22:34:48.0037 6140 Dhcp - ok
22:34:48.0115 6140 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
22:34:48.0115 6140 disk - ok
22:34:48.0209 6140 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
22:34:48.0256 6140 Dnscache - ok
22:34:48.0302 6140 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
22:34:48.0349 6140 dot3svc - ok
22:34:48.0458 6140 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:34:48.0490 6140 Dot4 - ok
22:34:48.0521 6140 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:34:48.0552 6140 Dot4Print - ok
22:34:48.0661 6140 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:34:48.0708 6140 dot4usb - ok
22:34:48.0786 6140 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:34:48.0833 6140 DPS - ok
22:34:48.0926 6140 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:34:48.0973 6140 drmkaud - ok
22:34:49.0004 6140 DXGKrnl (f8bf50a8d862f8cc089080bec509bca6) C:\Windows\System32\drivers\dxgkrnl.sys
22:34:49.0145 6140 DXGKrnl - ok
22:34:49.0254 6140 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:34:49.0301 6140 E1G60 - ok
22:34:49.0332 6140 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:34:49.0379 6140 EapHost - ok
22:34:49.0504 6140 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
22:34:49.0519 6140 Ecache - ok
22:34:49.0566 6140 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:34:49.0628 6140 ehRecvr - ok
22:34:49.0675 6140 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:34:49.0722 6140 ehSched - ok
22:34:49.0784 6140 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:34:49.0800 6140 ehstart - ok
22:34:49.0909 6140 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:34:49.0925 6140 elxstor - ok
22:34:49.0972 6140 EMDMgmt (ba4e96d951ddad6ac3af3c91d4ac68bf) C:\Windows\system32\emdmgmt.dll
22:34:50.0050 6140 EMDMgmt - ok
22:34:50.0159 6140 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:34:50.0190 6140 ErrDev - ok
22:34:50.0221 6140 EventSystem (f4bf4fa769db51b106d2b4b35256988b) C:\Windows\system32\es.dll
22:34:50.0237 6140 EventSystem - ok
22:34:50.0362 6140 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
22:34:50.0393 6140 exfat - ok
22:34:50.0408 6140 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
22:34:50.0440 6140 fastfat - ok
22:34:50.0455 6140 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:34:50.0502 6140 fdc - ok
22:34:50.0596 6140 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:34:50.0642 6140 fdPHost - ok
22:34:50.0674 6140 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:34:50.0720 6140 FDResPub - ok
22:34:50.0767 6140 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:34:50.0783 6140 FileInfo - ok
22:34:50.0845 6140 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:34:50.0876 6140 Filetrace - ok
22:34:51.0064 6140 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
22:34:51.0157 6140 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
22:34:51.0157 6140 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
22:34:51.0251 6140 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:34:51.0282 6140 flpydisk - ok
22:34:51.0313 6140 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
22:34:51.0329 6140 FltMgr - ok
22:34:51.0376 6140 FontCache3.0.0.0 (993883524aa9cf1c90e1545411a9ac9c) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:34:51.0422 6140 FontCache3.0.0.0 - ok
22:34:51.0500 6140 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:34:51.0532 6140 Fs_Rec - ok
22:34:51.0563 6140 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:34:51.0578 6140 gagp30kx - ok
22:34:51.0625 6140 GoogleDesktopManager-022208-143751 (b39662e4c237aa25a2cd2379ff508099) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
22:34:51.0641 6140 GoogleDesktopManager-022208-143751 - ok
22:34:51.0719 6140 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
22:34:51.0797 6140 gpsvc - ok
22:34:51.0875 6140 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:34:51.0890 6140 gusvc - ok
22:34:52.0000 6140 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:34:52.0062 6140 HdAudAddService - ok
22:34:52.0078 6140 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:34:52.0109 6140 HDAudBus - ok
22:34:52.0218 6140 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:34:52.0280 6140 HidBth - ok
22:34:52.0280 6140 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:34:52.0343 6140 HidIr - ok
22:34:52.0358 6140 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
22:34:52.0405 6140 hidserv - ok
22:34:52.0499 6140 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
22:34:52.0546 6140 HidUsb - ok
22:34:52.0577 6140 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:34:52.0624 6140 hkmsvc - ok
22:34:52.0733 6140 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:34:52.0733 6140 HpCISSs - ok
22:34:52.0858 6140 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:34:52.0858 6140 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:34:52.0858 6140 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:34:52.0889 6140 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:34:52.0904 6140 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
22:34:52.0904 6140 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
22:34:52.0998 6140 HPSLPSVC (75f122cdca3c71bd09089f2ca824b796) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:34:53.0029 6140 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
22:34:53.0029 6140 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
22:34:53.0185 6140 HSF_DPV (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:34:53.0279 6140 HSF_DPV - ok
22:34:53.0404 6140 HSXHWAZL (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:34:53.0419 6140 HSXHWAZL - ok
22:34:53.0466 6140 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
22:34:53.0513 6140 HTTP - ok
22:34:53.0622 6140 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:34:53.0778 6140 hwdatacard - ok
22:34:53.0825 6140 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:34:53.0825 6140 i2omp - ok
22:34:53.0934 6140 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:34:53.0965 6140 i8042prt - ok
22:34:54.0028 6140 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
22:34:54.0028 6140 iaStor - ok
22:34:54.0137 6140 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:34:54.0152 6140 iaStorV - ok
22:34:54.0230 6140 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:34:54.0230 6140 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:34:54.0230 6140 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:34:54.0355 6140 idsvc (e7cc3aeaed9893a88876744cd439f76c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:34:54.0386 6140 idsvc - ok
22:34:54.0433 6140 igfx - ok
22:34:54.0558 6140 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:34:54.0574 6140 iirsp - ok
22:34:54.0636 6140 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
22:34:54.0683 6140 IKEEXT - ok
22:34:54.0776 6140 inspect (bd2e5fab6f73c57ff67d3e1428e5b8ee) C:\Windows\system32\DRIVERS\inspect.sys
22:34:54.0792 6140 inspect - ok
22:34:54.0886 6140 IntcHdmiAddService - ok
22:34:54.0979 6140 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:34:54.0979 6140 intelide - ok
22:34:55.0010 6140 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:34:55.0042 6140 intelppm - ok
22:34:55.0120 6140 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:34:55.0151 6140 IPBusEnum - ok
22:34:55.0213 6140 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:34:55.0244 6140 IpFilterDriver - ok
22:34:55.0307 6140 iphlpsvc (cad416b8a4309b5e1ce75425381e7d2f) C:\Windows\System32\iphlpsvc.dll
22:34:55.0338 6140 iphlpsvc - ok
22:34:55.0354 6140 IpInIp - ok
22:34:55.0385 6140 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:34:55.0416 6140 IPMIDRV - ok
22:34:55.0463 6140 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:34:55.0494 6140 IPNAT - ok
22:34:55.0541 6140 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:34:55.0572 6140 IRENUM - ok
22:34:55.0603 6140 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:34:55.0619 6140 isapnp - ok
22:34:55.0650 6140 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
22:34:55.0666 6140 iScsiPrt - ok
22:34:55.0712 6140 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:34:55.0728 6140 iteatapi - ok
22:34:55.0775 6140 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:34:55.0775 6140 iteraid - ok
22:34:55.0806 6140 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:34:55.0822 6140 kbdclass - ok
22:34:55.0837 6140 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
22:34:55.0868 6140 kbdhid - ok
22:34:55.0900 6140 KeyIso (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
22:34:55.0946 6140 KeyIso - ok
22:34:56.0024 6140 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
22:34:56.0040 6140 KSecDD - ok
22:34:56.0149 6140 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:34:56.0196 6140 KtmRm - ok
22:34:56.0227 6140 LanmanServer (05ce901a4472b3fbf9407c94ad1db693) C:\Windows\system32\srvsvc.dll
22:34:56.0274 6140 LanmanServer - ok
22:34:56.0368 6140 LanmanWorkstation (dec1a338b86c5d582c25c40836dd76c3) C:\Windows\System32\wkssvc.dll
22:34:56.0399 6140 LanmanWorkstation - ok
22:34:56.0446 6140 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:34:56.0477 6140 lltdio - ok
22:34:56.0586 6140 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:34:56.0633 6140 lltdsvc - ok
22:34:56.0648 6140 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:34:56.0711 6140 lmhosts - ok
22:34:56.0820 6140 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:34:56.0820 6140 LSI_FC - ok
22:34:56.0836 6140 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:34:56.0851 6140 LSI_SAS - ok
22:34:56.0867 6140 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:34:56.0867 6140 LSI_SCSI - ok
22:34:56.0898 6140 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:34:56.0929 6140 luafv - ok
22:34:57.0054 6140 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
22:34:57.0070 6140 MBAMProtector - ok
22:34:57.0132 6140 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:34:57.0163 6140 MBAMService - ok
22:34:57.0257 6140 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:34:57.0288 6140 Mcx2Svc - ok
22:34:57.0335 6140 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:34:57.0350 6140 mdmxsdk - ok
22:34:57.0444 6140 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:34:57.0460 6140 megasas - ok
22:34:57.0475 6140 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:34:57.0506 6140 MegaSR - ok
22:34:57.0538 6140 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:34:57.0569 6140 MMCSS - ok
22:34:57.0678 6140 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:34:57.0709 6140 Modem - ok
22:34:57.0740 6140 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:34:57.0772 6140 monitor - ok
22:34:57.0881 6140 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:34:57.0881 6140 mouclass - ok
22:34:57.0912 6140 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:34:57.0943 6140 mouhid - ok
22:34:57.0974 6140 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:34:57.0974 6140 MountMgr - ok
22:34:58.0084 6140 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:34:58.0099 6140 mpio - ok
22:34:58.0115 6140 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:34:58.0146 6140 mpsdrv - ok
22:34:58.0193 6140 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
22:34:58.0240 6140 MpsSvc - ok
22:34:58.0364 6140 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:34:58.0364 6140 Mraid35x - ok
22:34:58.0396 6140 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
22:34:58.0411 6140 MRxDAV - ok
22:34:58.0427 6140 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:34:58.0458 6140 mrxsmb - ok
22:34:58.0552 6140 mrxsmb10 (67e55ced3fc143c82a8197988bfc1f9a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:34:58.0583 6140 mrxsmb10 - ok
22:34:58.0614 6140 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:34:58.0630 6140 mrxsmb20 - ok
22:34:58.0645 6140 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:34:58.0739 6140 msahci - ok
22:34:58.0754 6140 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:34:58.0770 6140 msdsm - ok
22:34:58.0864 6140 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:34:58.0895 6140 MSDTC - ok
22:34:58.0957 6140 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:34:59.0004 6140 Msfs - ok
22:34:59.0066 6140 msisadrv (1e00b9b8601f24a96ad71a7d0fc5f136) C:\Windows\system32\drivers\msisadrv.sys
22:34:59.0160 6140 msisadrv - ok
22:34:59.0207 6140 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:34:59.0238 6140 MSiSCSI - ok
22:34:59.0254 6140 msiserver - ok
22:34:59.0316 6140 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:34:59.0347 6140 MSKSSRV - ok
22:34:59.0410 6140 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:34:59.0441 6140 MSPCLOCK - ok
22:34:59.0503 6140 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:34:59.0534 6140 MSPQM - ok
22:34:59.0597 6140 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
22:34:59.0612 6140 MsRPC - ok
22:34:59.0675 6140 mssmbios (215634cf935b696e3ebca813d02e9165) C:\Windows\system32\DRIVERS\mssmbios.sys
22:34:59.0800 6140 mssmbios - ok
22:34:59.0878 6140 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:34:59.0909 6140 MSTEE - ok
22:34:59.0971 6140 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
22:34:59.0987 6140 Mup - ok
22:35:00.0034 6140 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
22:35:00.0049 6140 napagent - ok
22:35:00.0112 6140 NativeWifiP (dd721f8635191132992e7ceaa3c43c84) C:\Windows\system32\DRIVERS\nwifi.sys
22:35:00.0127 6140 NativeWifiP - ok
22:35:00.0190 6140 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
22:35:00.0221 6140 NDIS - ok
22:35:00.0252 6140 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:35:00.0283 6140 NdisTapi - ok
22:35:00.0314 6140 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:35:00.0346 6140 Ndisuio - ok
22:35:00.0439 6140 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
22:35:00.0470 6140 NdisWan - ok
22:35:00.0486 6140 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:35:00.0517 6140 NDProxy - ok
22:35:00.0548 6140 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
22:35:00.0564 6140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:35:00.0564 6140 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:35:00.0642 6140 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:35:00.0673 6140 NetBIOS - ok
22:35:00.0704 6140 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
22:35:00.0751 6140 netbt - ok
22:35:00.0782 6140 Netlogon (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
22:35:00.0814 6140 Netlogon - ok
22:35:00.0892 6140 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:35:00.0954 6140 Netman - ok
22:35:00.0970 6140 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:35:01.0016 6140 netprofm - ok
22:35:01.0110 6140 NetTcpPortSharing (f9102685f97f9ba85f4a70afcf722cfe) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:35:01.0141 6140 NetTcpPortSharing - ok
22:35:01.0282 6140 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
22:35:01.0453 6140 NETw5v32 - ok
22:35:01.0531 6140 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:35:01.0547 6140 nfrd960 - ok
22:35:01.0578 6140 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:35:01.0625 6140 NlaSvc - ok
22:35:01.0718 6140 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
22:35:01.0750 6140 Npfs - ok
22:35:01.0781 6140 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:35:01.0812 6140 nsi - ok
22:35:01.0828 6140 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:35:01.0874 6140 nsiproxy - ok
22:35:01.0984 6140 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
22:35:02.0030 6140 Ntfs - ok
22:35:02.0062 6140 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:35:02.0108 6140 ntrigdigi - ok
22:35:02.0186 6140 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:35:02.0218 6140 Null - ok
22:35:02.0233 6140 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:35:02.0249 6140 nvraid - ok
22:35:02.0280 6140 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:35:02.0296 6140 nvstor - ok
22:35:02.0311 6140 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:35:02.0327 6140 nv_agp - ok
22:35:02.0327 6140 NwlnkFlt - ok
22:35:02.0358 6140 NwlnkFwd - ok
22:35:02.0420 6140 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
22:35:02.0436 6140 o2flash ( UnsignedFile.Multi.Generic ) - warning
22:35:02.0436 6140 o2flash - detected UnsignedFile.Multi.Generic (1)
22:35:02.0498 6140 O2MDRDR (78575368974962042472f18b24d3cf28) C:\Windows\system32\DRIVERS\o2media.sys
22:35:02.0576 6140 O2MDRDR - ok
22:35:02.0639 6140 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
22:35:02.0670 6140 ohci1394 - ok
22:35:02.0764 6140 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:35:02.0826 6140 p2pimsvc - ok
22:35:02.0842 6140 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:35:02.0873 6140 p2psvc - ok
22:35:02.0935 6140 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:35:02.0982 6140 Parport - ok
22:35:03.0044 6140 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
22:35:03.0044 6140 partmgr - ok
22:35:03.0060 6140 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:35:03.0122 6140 Parvdm - ok
22:35:03.0154 6140 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:35:03.0169 6140 PcaSvc - ok
22:35:03.0216 6140 pci (eca39351296d905baa4fa3244c152b00) C:\Windows\system32\drivers\pci.sys
22:35:03.0232 6140 pci - ok
22:35:03.0310 6140 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:35:03.0310 6140 pciide - ok
22:35:03.0341 6140 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:35:03.0356 6140 pcmcia - ok
22:35:03.0403 6140 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:35:03.0466 6140 PEAUTH - ok
22:35:03.0590 6140 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:35:03.0684 6140 pla - ok
22:35:03.0778 6140 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
22:35:03.0824 6140 PlugPlay - ok
22:35:03.0902 6140 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
22:35:03.0918 6140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:35:03.0918 6140 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:35:03.0980 6140 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:35:03.0996 6140 PNRPAutoReg - ok
22:35:04.0012 6140 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:35:04.0043 6140 PNRPsvc - ok
22:35:04.0105 6140 PolicyAgent (017fb87911583b00da1581f07cb7e7f2) C:\Windows\System32\ipsecsvc.dll
22:35:04.0152 6140 PolicyAgent - ok
22:35:04.0230 6140 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:35:04.0261 6140 PptpMiniport - ok
22:35:04.0324 6140 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:35:04.0370 6140 Processor - ok
22:35:04.0417 6140 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
22:35:04.0448 6140 ProfSvc - ok
22:35:04.0511 6140 ProtectedStorage (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
22:35:04.0542 6140 ProtectedStorage - ok
22:35:04.0589 6140 PSched (a114cfe308c24b8235b03cfdffe11e99) C:\Windows\system32\DRIVERS\pacer.sys
22:35:04.0620 6140 PSched - ok
22:35:04.0651 6140 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
22:35:04.0667 6140 PxHelp20 - ok
22:35:04.0745 6140 QIOMem (674eba70a52c02696e503b0a57ae6372) C:\Windows\system32\DRIVERS\QIOMem.sys
22:35:04.0854 6140 QIOMem - ok
22:35:04.0948 6140 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:35:04.0994 6140 ql2300 - ok
22:35:05.0057 6140 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:35:05.0072 6140 ql40xx - ok
22:35:05.0104 6140 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:35:05.0135 6140 QWAVE - ok
22:35:05.0182 6140 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:35:05.0197 6140 QWAVEdrv - ok
22:35:05.0244 6140 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:35:05.0275 6140 RasAcd - ok
22:35:05.0306 6140 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:35:05.0353 6140 RasAuto - ok
22:35:05.0431 6140 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:35:05.0462 6140 Rasl2tp - ok
22:35:05.0540 6140 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
22:35:05.0572 6140 RasMan - ok
22:35:05.0618 6140 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
22:35:05.0650 6140 RasPppoe - ok
22:35:05.0665 6140 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
22:35:05.0681 6140 RasSstp - ok
22:35:05.0743 6140 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
22:35:05.0774 6140 rdbss - ok
22:35:05.0790 6140 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:35:05.0821 6140 RDPCDD - ok
22:35:05.0884 6140 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:35:05.0915 6140 rdpdr - ok
22:35:05.0962 6140 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:35:05.0977 6140 RDPENCDD - ok
22:35:06.0008 6140 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
22:35:06.0040 6140 RDPWD - ok
22:35:06.0086 6140 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:35:06.0102 6140 RemoteAccess - ok
22:35:06.0164 6140 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
22:35:06.0196 6140 RemoteRegistry - ok
22:35:06.0258 6140 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:35:06.0305 6140 RpcLocator - ok
22:35:06.0352 6140 RpcSs (33fb1f0193ee2051067441492d56113c) C:\Windows\system32\rpcss.dll
22:35:06.0398 6140 RpcSs - ok
22:35:06.0461 6140 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:35:06.0492 6140 rspndr - ok
22:35:06.0539 6140 SamSs (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
22:35:06.0570 6140 SamSs - ok
22:35:06.0586 6140 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:35:06.0601 6140 sbp2port - ok
22:35:06.0679 6140 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
22:35:06.0710 6140 SCardSvr - ok
22:35:06.0757 6140 Schedule (1d5e99db3c10f4fa034010dc49043ca4) C:\Windows\system32\schedsvc.dll
22:35:06.0851 6140 Schedule - ok
22:35:06.0929 6140 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
22:35:06.0960 6140 SCPolicySvc - ok
22:35:07.0022 6140 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
22:35:07.0069 6140 sdbus - ok
22:35:07.0100 6140 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:35:07.0163 6140 SDRSVC - ok
22:35:07.0256 6140 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:35:07.0319 6140 secdrv - ok
22:35:07.0350 6140 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:35:07.0381 6140 seclogon - ok
22:35:07.0459 6140 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:35:07.0506 6140 SENS - ok
22:35:07.0553 6140 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:35:07.0600 6140 Serenum - ok
22:35:07.0615 6140 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:35:07.0662 6140 Serial - ok
22:35:07.0740 6140 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:35:07.0756 6140 sermouse - ok
22:35:07.0802 6140 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:35:07.0834 6140 SessionEnv - ok
22:35:07.0865 6140 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:35:07.0896 6140 sffdisk - ok
22:35:07.0912 6140 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:35:07.0927 6140 sffp_mmc - ok
22:35:07.0943 6140 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:35:07.0974 6140 sffp_sd - ok
22:35:07.0974 6140 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:35:08.0036 6140 sfloppy - ok
22:35:08.0114 6140 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:35:08.0161 6140 SharedAccess - ok
22:35:08.0224 6140 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
22:35:08.0239 6140 ShellHWDetection - ok
22:35:08.0286 6140 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:35:08.0302 6140 sisagp - ok
22:35:08.0364 6140 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:35:08.0364 6140 SiSRaid2 - ok
22:35:08.0395 6140 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:35:08.0395 6140 SiSRaid4 - ok
22:35:08.0551 6140 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
22:35:08.0801 6140 SkypeUpdate - ok
22:35:08.0988 6140 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
22:35:09.0113 6140 slsvc - ok
22:35:09.0222 6140 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
22:35:09.0284 6140 SLUINotify - ok
22:35:09.0378 6140 SmartFaceVWatchSrv (3566310df25ea5c3b2e9f50f5b50eac1) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
22:35:09.0394 6140 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning
22:35:09.0394 6140 SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)
22:35:09.0487 6140 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
22:35:09.0518 6140 Smb - ok
22:35:09.0550 6140 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:35:09.0565 6140 SNMPTRAP - ok
22:35:09.0596 6140 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:35:09.0596 6140 spldr - ok
22:35:09.0690 6140 Spooler (846cdf9a3cf4da9b306adfb7d55ee4c2) C:\Windows\System32\spoolsv.exe
22:35:09.0721 6140 Spooler - ok
22:35:09.0752 6140 srv (3d7c04aba41ac96ba7e9d123ec8f7fa3) C:\Windows\system32\DRIVERS\srv.sys
22:35:09.0784 6140 srv - ok
22:35:09.0815 6140 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
22:35:09.0846 6140 srv2 - ok
22:35:09.0862 6140 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
22:35:09.0924 6140 srvnet - ok
22:35:10.0018 6140 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:35:10.0049 6140 SSDPSRV - ok
22:35:10.0096 6140 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:35:10.0111 6140 ssmdrv - ok
22:35:10.0220 6140 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:35:10.0236 6140 SstpSvc - ok
22:35:10.0283 6140 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
22:35:10.0330 6140 StillCam - ok
22:35:10.0439 6140 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
22:35:10.0454 6140 stisvc - ok
22:35:10.0517 6140 swenum (97e089971a6aba49ad5592bd6298e416) C:\Windows\system32\DRIVERS\swenum.sys
22:35:10.0610 6140 swenum - ok
22:35:10.0704 6140 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
22:35:10.0751 6140 swprv - ok
22:35:10.0798 6140 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:35:10.0798 6140 Symc8xx - ok
22:35:10.0876 6140 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:35:10.0876 6140 Sym_hi - ok
22:35:10.0891 6140 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:35:10.0907 6140 Sym_u3 - ok
22:35:10.0954 6140 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
22:35:10.0985 6140 SysMain - ok
22:35:11.0016 6140 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:35:11.0047 6140 TabletInputService - ok
22:35:11.0110 6140 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
22:35:11.0156 6140 TapiSrv - ok
22:35:11.0172 6140 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:35:11.0203 6140 TBS - ok
22:35:11.0281 6140 Tcpip (fc6e2835d667774d409c7c7021eaf9c4) C:\Windows\system32\drivers\tcpip.sys
22:35:11.0328 6140 Tcpip - ok
22:35:11.0406 6140 Tcpip6 (fc6e2835d667774d409c7c7021eaf9c4) C:\Windows\system32\DRIVERS\tcpip.sys
22:35:11.0437 6140 Tcpip6 - ok
22:35:11.0468 6140 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
22:35:11.0500 6140 tcpipreg - ok
22:35:11.0562 6140 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:35:11.0671 6140 tdcmdpst - ok
22:35:11.0749 6140 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:35:11.0780 6140 TDPIPE - ok
22:35:11.0812 6140 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:35:11.0827 6140 TDTCP - ok
22:35:11.0858 6140 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
22:35:11.0890 6140 tdx - ok
22:35:11.0952 6140 TempoMonitoringService (ce0b5d587839614a16480d7b8395ffe9) C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
22:35:11.0968 6140 TempoMonitoringService - ok
22:35:12.0061 6140 TermDD (718b2f4355cd8eb2844741addac0e622) C:\Windows\system32\DRIVERS\termdd.sys
22:35:12.0170 6140 TermDD - ok
22:35:12.0217 6140 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
22:35:12.0280 6140 TermService - ok
22:35:12.0373 6140 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
22:35:12.0404 6140 Themes - ok
22:35:12.0436 6140 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:35:12.0467 6140 THREADORDER - ok
22:35:12.0576 6140 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
22:35:12.0576 6140 TNaviSrv - ok
22:35:12.0685 6140 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
22:35:12.0701 6140 TODDSrv - ok
22:35:12.0763 6140 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
22:35:12.0794 6140 TosCoSrv - ok
22:35:12.0794 6140 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
22:35:12.0794 6140 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
22:35:12.0794 6140 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
22:35:12.0857 6140 Tosrfcom - ok
22:35:12.0919 6140 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
22:35:12.0966 6140 tosrfec - ok
22:35:13.0075 6140 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
22:35:13.0200 6140 tos_sps32 - ok
22:35:13.0247 6140 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:35:13.0294 6140 TrkWks - ok
22:35:13.0387 6140 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
22:35:13.0418 6140 TrustedInstaller - ok
22:35:13.0481 6140 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:35:13.0512 6140 tssecsrv - ok
22:35:13.0590 6140 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:35:13.0606 6140 tunmp - ok
22:35:13.0637 6140 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
22:35:13.0668 6140 tunnel - ok
22:35:13.0730 6140 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:35:13.0746 6140 TVALZ - ok
22:35:13.0777 6140 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:35:13.0793 6140 uagp35 - ok
22:35:13.0855 6140 udfs (c985b36e127ea9b8a92396120bff52d8) C:\Windows\system32\DRIVERS\udfs.sys
22:35:13.0902 6140 udfs - ok
22:35:13.0933 6140 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:35:13.0980 6140 UI0Detect - ok
22:35:14.0058 6140 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
22:35:14.0058 6140 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
22:35:14.0058 6140 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
22:35:14.0152 6140 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:35:14.0152 6140 uliagpkx - ok
22:35:14.0198 6140 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:35:14.0214 6140 uliahci - ok
22:35:14.0214 6140 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:35:14.0245 6140 UlSata - ok
22:35:14.0261 6140 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:35:14.0276 6140 ulsata2 - ok
22:35:14.0292 6140 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:35:14.0323 6140 umbus - ok
22:35:14.0417 6140 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:35:14.0448 6140 upnphost - ok
22:35:14.0495 6140 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:35:14.0542 6140 usbccgp - ok
22:35:14.0620 6140 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:35:14.0651 6140 usbcir - ok
22:35:14.0698 6140 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
22:35:14.0729 6140 usbehci - ok
22:35:14.0760 6140 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
22:35:14.0776 6140 usbhub - ok
22:35:14.0854 6140 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:35:14.0900 6140 usbohci - ok
22:35:14.0932 6140 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:35:14.0947 6140 usbprint - ok
22:35:15.0010 6140 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:35:15.0072 6140 usbscan - ok
22:35:15.0166 6140 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:35:15.0181 6140 USBSTOR - ok
22:35:15.0228 6140 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:35:15.0259 6140 usbuhci - ok
22:35:15.0337 6140 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:35:15.0368 6140 usbvideo - ok
22:35:15.0400 6140 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
22:35:15.0446 6140 UVCFTR - ok
22:35:15.0524 6140 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
22:35:15.0556 6140 UxSms - ok
22:35:15.0587 6140 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
22:35:15.0649 6140 vds - ok
22:35:15.0680 6140 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:35:15.0727 6140 vga - ok
22:35:15.0790 6140 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:35:15.0821 6140 VgaSave - ok
22:35:15.0836 6140 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:35:15.0852 6140 viaagp - ok
22:35:15.0868 6140 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:35:15.0883 6140 ViaC7 - ok
22:35:15.0914 6140 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:35:15.0930 6140 viaide - ok
22:35:15.0961 6140 volmgr (bdd98bbe7323fc0975a26373d8050471) C:\Windows\system32\drivers\volmgr.sys
22:35:16.0086 6140 volmgr - ok
22:35:16.0164 6140 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
22:35:16.0180 6140 volmgrx - ok
22:35:16.0211 6140 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
22:35:16.0226 6140 volsnap - ok
22:35:16.0258 6140 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:35:16.0273 6140 vsmraid - ok
22:35:16.0336 6140 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
22:35:16.0398 6140 VSS - ok
22:35:16.0492 6140 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
22:35:16.0523 6140 W32Time - ok
22:35:16.0585 6140 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:35:16.0648 6140 WacomPen - ok
22:35:16.0741 6140 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:35:16.0788 6140 Wanarp - ok
22:35:16.0804 6140 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:35:16.0819 6140 Wanarpv6 - ok
22:35:16.0866 6140 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
22:35:16.0897 6140 wcncsvc - ok
22:35:17.0006 6140 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:35:17.0053 6140 WcsPlugInService - ok
22:35:17.0100 6140 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:35:17.0100 6140 Wd - ok
22:35:17.0131 6140 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:35:17.0162 6140 Wdf01000 - ok
22:35:17.0240 6140 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:35:17.0287 6140 WdiServiceHost - ok
22:35:17.0287 6140 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:35:17.0318 6140 WdiSystemHost - ok
22:35:17.0334 6140 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
22:35:17.0381 6140 WebClient - ok
22:35:17.0459 6140 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
22:35:17.0490 6140 Wecsvc - ok
22:35:17.0537 6140 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:35:17.0568 6140 wercplsupport - ok
22:35:17.0630 6140 WerSvc (4081288554294f144e5a7d4ee20e3ce6) C:\Windows\System32\WerSvc.dll
22:35:17.0662 6140 WerSvc - ok
22:35:17.0724 6140 winachsf (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:35:17.0755 6140 winachsf - ok
22:35:17.0833 6140 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:35:17.0849 6140 WinDefend - ok
22:35:17.0849 6140 WinHttpAutoProxySvc - ok
22:35:17.0958 6140 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
22:35:18.0005 6140 Winmgmt - ok
22:35:18.0067 6140 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
22:35:18.0130 6140 WinRM - ok
22:35:18.0254 6140 Wlansvc (4b40ff01db5357299dcbdb5a5746ad21) C:\Windows\System32\wlansvc.dll
22:35:18.0286 6140 Wlansvc - ok
22:35:18.0332 6140 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:35:18.0379 6140 WmiAcpi - ok
22:35:18.0504 6140 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
22:35:18.0551 6140 wmiApSrv - ok
22:35:18.0644 6140 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:35:18.0707 6140 WMPNetworkSvc - ok
22:35:18.0785 6140 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
22:35:18.0832 6140 WPCSvc - ok
22:35:18.0847 6140 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
22:35:18.0894 6140 WPDBusEnum - ok
22:35:18.0941 6140 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
22:35:18.0988 6140 WpdUsb - ok
22:35:19.0097 6140 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:35:19.0128 6140 ws2ifsl - ok
22:35:19.0159 6140 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
22:35:19.0175 6140 wscsvc - ok
22:35:19.0222 6140 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:35:19.0253 6140 WSDPrintDevice - ok
22:35:19.0315 6140 WSearch - ok
22:35:19.0393 6140 wuauserv (d79538b67fa641e986855def651e78fe) C:\Windows\system32\wuaueng.dll
22:35:19.0518 6140 wuauserv - ok
22:35:19.0627 6140 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:35:19.0643 6140 WUDFRd - ok
22:35:19.0690 6140 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:35:19.0721 6140 wudfsvc - ok
22:35:19.0768 6140 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
22:35:19.0783 6140 XAudio - ok
22:35:19.0877 6140 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
22:35:19.0908 6140 XAudioService - ok
22:35:19.0986 6140 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
22:35:20.0158 6140 yukonwlh - ok
22:35:20.0173 6140 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
22:35:20.0204 6140 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
22:35:20.0204 6140 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
22:35:20.0938 6140 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:35:20.0953 6140 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:35:20.0953 6140 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR3
22:35:21.0218 6140 \Device\Harddisk1\DR3 - ok
22:35:21.0265 6140 Boot (0x1200) (328a52a96f555f409d105fc198fa17c4) \Device\Harddisk0\DR0\Partition0
22:35:21.0265 6140 \Device\Harddisk0\DR0\Partition0 - ok
22:35:21.0296 6140 Boot (0x1200) (ce6b970bf812175b1b7cfdda7d3a959a) \Device\Harddisk0\DR0\Partition1
22:35:21.0296 6140 \Device\Harddisk0\DR0\Partition1 - ok
22:35:21.0312 6140 Boot (0x1200) (9777f9c0e4454f6b8abc5d1e3765b648) \Device\Harddisk1\DR3\Partition0
22:35:21.0312 6140 \Device\Harddisk1\DR3\Partition0 - ok
22:35:21.0312 6140 ============================================================
22:35:21.0312 6140 Scan finished
22:35:21.0312 6140 ============================================================
22:35:21.0328 4112 Detected object count: 14
22:35:21.0328 4112 Actual detected object count: 14
22:36:08.0128 4112 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0128 4112 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0143 4112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0143 4112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0159 4112 o2flash ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0159 4112 o2flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0159 4112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0159 4112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0159 4112 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0159 4112 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0159 4112 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0159 4112 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0174 4112 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:36:08.0174 4112 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:36:08.0174 4112 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - skipped by user
22:36:08.0174 4112 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Skip
22:36:08.0174 4112 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:36:08.0174 4112 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
08.04.2012, 22:13
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernenZitat:
Wir müssen danach nochmal deine Partitionskonfig mit GParted prüfen, lade dir daher schonmal Ubuntu, PartedMagic oder GParted Live runter. Am einfachsten ist imho Ubuntu. Es kann sein, dass nach dem Fix Windows erstmal nicht mehr startet, deswegen wäre es schon gut wenn du eine Linux-Live-CD parat hättest. Kannst auch von Stick booten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2012, 19:08
| #9 |
| | BOO/TDss.O Virus entfernen Hallo Arne, sorry das ich mich lange nicht mehr gemeldet habe - bei meinem Zweitrechner hat sich am Montag das Netzteil verabschiedet. Beim Rootkit.Boot.SST.a habe ich nur die Möglichkeiten: Skip Copy to quarantine Cure Restore ??? Bei TDss kann ich delete ausführen. Bitte um Info Gruß Stephan |
|
12.04.2012, 20:09
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernenZitat:
Beim ersten "cure" wählen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2012, 21:10
| #11 |
| | BOO/TDss.O Virus entfernen O.k. habe ich gemacht. Neustart ohne Probleme. Was nun? Hab ich getan. Neustart ohne Probleme. |
|
12.04.2012, 22:19
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernen Das ist schön  Du solltest nun ein neues Log mit dem TDSS-Killer machen, also neu scannen lassen wie beim ersten Mal
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2012, 09:47
| #13 |
| | BOO/TDss.O Virus entfernen Hier die Log Code:
ATTFilter 09:53:24.0744 2932 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
09:53:24.0915 2932 ============================================================
09:53:24.0915 2932 Current date / time: 2012/04/14 09:53:24.0915
09:53:24.0915 2932 SystemInfo:
09:53:24.0915 2932
09:53:24.0915 2932 OS Version: 6.0.6001 ServicePack: 1.0
09:53:24.0915 2932 Product type: Workstation
09:53:24.0915 2932 ComputerName: KÖTER-PC
09:53:24.0915 2932 UserName: Köter
09:53:24.0915 2932 Windows directory: C:\Windows
09:53:24.0915 2932 System windows directory: C:\Windows
09:53:24.0915 2932 Processor architecture: Intel x86
09:53:24.0915 2932 Number of processors: 2
09:53:24.0915 2932 Page size: 0x1000
09:53:24.0915 2932 Boot type: Normal boot
09:53:24.0915 2932 ============================================================
09:53:25.0586 2932 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:53:25.0586 2932 \Device\Harddisk0\DR0:
09:53:25.0586 2932 MBR used
09:53:25.0586 2932 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12D50800
09:53:25.0586 2932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1303F000, BlocksNum 0x123EF800
09:53:25.0664 2932 Initialize success
09:53:25.0664 2932 ============================================================
09:53:26.0896 5200 ============================================================
09:53:26.0896 5200 Scan started
09:53:26.0896 5200 Mode: Manual;
09:53:26.0896 5200 ============================================================
09:53:27.0458 5200 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
09:53:27.0458 5200 ACPI - ok
09:53:27.0505 5200 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
09:53:27.0520 5200 adp94xx - ok
09:53:27.0630 5200 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
09:53:27.0630 5200 adpahci - ok
09:53:27.0676 5200 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
09:53:27.0676 5200 adpu160m - ok
09:53:27.0692 5200 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
09:53:27.0708 5200 adpu320 - ok
09:53:27.0817 5200 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
09:53:27.0832 5200 AeLookupSvc - ok
09:53:27.0895 5200 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
09:53:27.0910 5200 AFD - ok
09:53:28.0066 5200 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
09:53:28.0066 5200 agp440 - ok
09:53:28.0129 5200 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
09:53:28.0129 5200 aic78xx - ok
09:53:28.0254 5200 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
09:53:28.0254 5200 ALG - ok
09:53:28.0316 5200 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
09:53:28.0316 5200 aliide - ok
09:53:28.0441 5200 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
09:53:28.0441 5200 amdagp - ok
09:53:28.0456 5200 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
09:53:28.0456 5200 amdide - ok
09:53:28.0488 5200 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
09:53:28.0488 5200 AmdK7 - ok
09:53:28.0503 5200 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
09:53:28.0503 5200 AmdK8 - ok
09:53:28.0644 5200 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:53:28.0644 5200 AntiVirSchedulerService - ok
09:53:28.0690 5200 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:53:28.0690 5200 AntiVirService - ok
09:53:28.0815 5200 ApfiltrService (45f47f79ad3f587a334345fd2969354b) C:\Windows\system32\DRIVERS\Apfiltr.sys
09:53:28.0831 5200 ApfiltrService - ok
09:53:28.0971 5200 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
09:53:28.0971 5200 Appinfo - ok
09:53:29.0018 5200 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
09:53:29.0018 5200 arc - ok
09:53:29.0080 5200 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
09:53:29.0080 5200 arcsas - ok
09:53:29.0112 5200 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
09:53:29.0112 5200 AsyncMac - ok
09:53:29.0127 5200 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
09:53:29.0143 5200 atapi - ok
09:53:29.0190 5200 Ati External Event Utility (54d715af597c06e87418c50f481bdd2c) C:\Windows\system32\Ati2evxx.exe
09:53:29.0205 5200 Ati External Event Utility - ok
09:53:29.0424 5200 atikmdag (be4d8fdc6b2598c46b2b5e6e4fbaafc5) C:\Windows\system32\DRIVERS\atikmdag.sys
09:53:29.0455 5200 atikmdag - ok
09:53:29.0564 5200 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
09:53:29.0564 5200 AudioEndpointBuilder - ok
09:53:29.0580 5200 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
09:53:29.0580 5200 Audiosrv - ok
09:53:29.0611 5200 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
09:53:29.0642 5200 avgntflt - ok
09:53:29.0736 5200 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
09:53:29.0767 5200 avipbb - ok
09:53:29.0829 5200 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
09:53:29.0829 5200 avkmgr - ok
09:53:29.0938 5200 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
09:53:29.0970 5200 Beep - ok
09:53:30.0016 5200 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
09:53:30.0032 5200 BFE - ok
09:53:30.0172 5200 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
09:53:30.0172 5200 BITS - ok
09:53:30.0219 5200 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
09:53:30.0250 5200 blbdrive - ok
09:53:30.0328 5200 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
09:53:30.0328 5200 bowser - ok
09:53:30.0391 5200 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
09:53:30.0406 5200 BrFiltLo - ok
09:53:30.0469 5200 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
09:53:30.0469 5200 BrFiltUp - ok
09:53:30.0516 5200 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
09:53:30.0516 5200 Browser - ok
09:53:30.0578 5200 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
09:53:30.0578 5200 Brserid - ok
09:53:30.0640 5200 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
09:53:30.0640 5200 BrSerWdm - ok
09:53:30.0656 5200 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
09:53:30.0656 5200 BrUsbMdm - ok
09:53:30.0672 5200 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
09:53:30.0672 5200 BrUsbSer - ok
09:53:30.0687 5200 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
09:53:30.0687 5200 BTHMODEM - ok
09:53:30.0718 5200 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
09:53:30.0718 5200 cdfs - ok
09:53:30.0796 5200 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
09:53:30.0796 5200 cdrom - ok
09:53:30.0874 5200 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
09:53:30.0874 5200 CertPropSvc - ok
09:53:30.0890 5200 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
09:53:30.0890 5200 circlass - ok
09:53:30.0921 5200 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
09:53:30.0937 5200 CLFS - ok
09:53:31.0140 5200 CLPSLS (be465a17fda2e79ed49053cbec7e9335) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
09:53:31.0171 5200 CLPSLS - ok
09:53:31.0249 5200 clr_optimization_v2.0.50727_32 (a4af4201bd519971f8f34724f3ca9dbb) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:53:31.0249 5200 clr_optimization_v2.0.50727_32 - ok
09:53:31.0327 5200 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
09:53:31.0327 5200 CmBatt - ok
09:53:31.0545 5200 cmdAgent (6629d81b41badd0d787f0e306ceee7e0) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:53:31.0576 5200 cmdAgent - ok
09:53:31.0670 5200 cmderd (2dbe76de0ae9b60c2d497b8ea98d2c23) C:\Windows\system32\DRIVERS\cmderd.sys
09:53:31.0686 5200 cmderd - ok
09:53:31.0748 5200 cmdGuard (9c46c7210367b7f5d1eacc6c29602bd6) C:\Windows\system32\DRIVERS\cmdguard.sys
09:53:31.0764 5200 cmdGuard - ok
09:53:31.0842 5200 cmdHlp (b4c05b0bfcb90c030085893a39863b6f) C:\Windows\system32\DRIVERS\cmdhlp.sys
09:53:31.0857 5200 cmdHlp - ok
09:53:31.0904 5200 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
09:53:31.0904 5200 cmdide - ok
09:53:31.0951 5200 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
09:53:31.0951 5200 CnxtHdAudService - ok
09:53:32.0044 5200 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
09:53:32.0060 5200 Compbatt - ok
09:53:32.0060 5200 COMSysApp - ok
09:53:32.0154 5200 ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
09:53:32.0263 5200 ConfigFree Service - ok
09:53:32.0356 5200 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
09:53:32.0356 5200 crcdisk - ok
09:53:32.0388 5200 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
09:53:32.0388 5200 Crusoe - ok
09:53:32.0450 5200 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
09:53:32.0450 5200 CryptSvc - ok
09:53:32.0653 5200 DcomLaunch (33fb1f0193ee2051067441492d56113c) C:\Windows\system32\rpcss.dll
09:53:32.0668 5200 DcomLaunch - ok
09:53:32.0715 5200 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
09:53:32.0715 5200 DfsC - ok
09:53:32.0902 5200 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
09:53:32.0918 5200 DFSR - ok
09:53:33.0058 5200 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
09:53:33.0074 5200 Dhcp - ok
09:53:33.0105 5200 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
09:53:33.0105 5200 disk - ok
09:53:33.0136 5200 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
09:53:33.0136 5200 Dnscache - ok
09:53:33.0230 5200 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
09:53:33.0230 5200 dot3svc - ok
09:53:33.0292 5200 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
09:53:33.0292 5200 Dot4 - ok
09:53:33.0370 5200 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:53:33.0370 5200 Dot4Print - ok
09:53:33.0402 5200 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
09:53:33.0402 5200 dot4usb - ok
09:53:33.0448 5200 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
09:53:33.0448 5200 DPS - ok
09:53:33.0558 5200 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
09:53:33.0558 5200 drmkaud - ok
09:53:33.0589 5200 DXGKrnl (f8bf50a8d862f8cc089080bec509bca6) C:\Windows\System32\drivers\dxgkrnl.sys
09:53:33.0589 5200 DXGKrnl - ok
09:53:33.0729 5200 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
09:53:33.0729 5200 E1G60 - ok
09:53:33.0760 5200 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
09:53:33.0760 5200 EapHost - ok
09:53:33.0901 5200 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
09:53:33.0901 5200 Ecache - ok
09:53:33.0948 5200 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
09:53:33.0948 5200 ehRecvr - ok
09:53:34.0010 5200 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
09:53:34.0010 5200 ehSched - ok
09:53:34.0026 5200 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
09:53:34.0026 5200 ehstart - ok
09:53:34.0119 5200 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
09:53:34.0119 5200 elxstor - ok
09:53:34.0166 5200 EMDMgmt (ba4e96d951ddad6ac3af3c91d4ac68bf) C:\Windows\system32\emdmgmt.dll
09:53:34.0166 5200 EMDMgmt - ok
09:53:34.0291 5200 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
09:53:34.0291 5200 ErrDev - ok
09:53:34.0322 5200 EventSystem (f4bf4fa769db51b106d2b4b35256988b) C:\Windows\system32\es.dll
09:53:34.0322 5200 EventSystem - ok
09:53:34.0353 5200 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
09:53:34.0353 5200 exfat - ok
09:53:34.0447 5200 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
09:53:34.0447 5200 fastfat - ok
09:53:34.0478 5200 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
09:53:34.0478 5200 fdc - ok
09:53:34.0556 5200 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
09:53:34.0556 5200 fdPHost - ok
09:53:34.0650 5200 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
09:53:34.0650 5200 FDResPub - ok
09:53:34.0696 5200 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
09:53:34.0728 5200 FileInfo - ok
09:53:34.0806 5200 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
09:53:34.0806 5200 Filetrace - ok
09:53:34.0977 5200 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
09:53:34.0993 5200 FirebirdServerMAGIXInstance - ok
09:53:35.0071 5200 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:53:35.0071 5200 flpydisk - ok
09:53:35.0102 5200 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
09:53:35.0102 5200 FltMgr - ok
09:53:35.0164 5200 FontCache3.0.0.0 (993883524aa9cf1c90e1545411a9ac9c) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:53:35.0164 5200 FontCache3.0.0.0 - ok
09:53:35.0242 5200 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
09:53:35.0242 5200 Fs_Rec - ok
09:53:35.0274 5200 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
09:53:35.0274 5200 gagp30kx - ok
09:53:35.0352 5200 GoogleDesktopManager-022208-143751 (b39662e4c237aa25a2cd2379ff508099) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:53:35.0352 5200 GoogleDesktopManager-022208-143751 - ok
09:53:35.0445 5200 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
09:53:35.0461 5200 gpsvc - ok
09:53:35.0539 5200 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:53:35.0539 5200 gusvc - ok
09:53:35.0664 5200 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
09:53:35.0664 5200 HdAudAddService - ok
09:53:35.0695 5200 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:53:35.0695 5200 HDAudBus - ok
09:53:35.0726 5200 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
09:53:35.0726 5200 HidBth - ok
09:53:35.0742 5200 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
09:53:35.0742 5200 HidIr - ok
09:53:35.0804 5200 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
09:53:35.0804 5200 hidserv - ok
09:53:35.0851 5200 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
09:53:35.0851 5200 HidUsb - ok
09:53:35.0898 5200 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
09:53:35.0898 5200 hkmsvc - ok
09:53:35.0960 5200 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
09:53:35.0960 5200 HpCISSs - ok
09:53:36.0085 5200 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:53:36.0085 5200 hpqcxs08 - ok
09:53:36.0116 5200 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:53:36.0116 5200 hpqddsvc - ok
09:53:36.0225 5200 HPSLPSVC (75f122cdca3c71bd09089f2ca824b796) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
09:53:36.0225 5200 HPSLPSVC - ok
09:53:36.0350 5200 HSF_DPV (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:53:36.0366 5200 HSF_DPV - ok
09:53:36.0397 5200 HSXHWAZL (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:53:36.0397 5200 HSXHWAZL - ok
09:53:36.0568 5200 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
09:53:36.0568 5200 HTTP - ok
09:53:36.0678 5200 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:53:36.0678 5200 hwdatacard - ok
09:53:36.0740 5200 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
09:53:36.0740 5200 i2omp - ok
09:53:36.0834 5200 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
09:53:36.0834 5200 i8042prt - ok
09:53:36.0912 5200 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
09:53:36.0912 5200 iaStor - ok
09:53:37.0005 5200 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
09:53:37.0005 5200 iaStorV - ok
09:53:37.0114 5200 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:53:37.0114 5200 IDriverT - ok
09:53:37.0208 5200 idsvc (e7cc3aeaed9893a88876744cd439f76c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:53:37.0208 5200 idsvc - ok
09:53:37.0239 5200 igfx - ok
09:53:37.0302 5200 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
09:53:37.0302 5200 iirsp - ok
09:53:37.0395 5200 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
09:53:37.0395 5200 IKEEXT - ok
09:53:37.0473 5200 inspect (bd2e5fab6f73c57ff67d3e1428e5b8ee) C:\Windows\system32\DRIVERS\inspect.sys
09:53:37.0473 5200 inspect - ok
09:53:37.0551 5200 IntcHdmiAddService - ok
09:53:37.0645 5200 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
09:53:37.0645 5200 intelide - ok
09:53:37.0676 5200 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
09:53:37.0676 5200 intelppm - ok
09:53:37.0707 5200 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
09:53:37.0707 5200 IPBusEnum - ok
09:53:37.0832 5200 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:53:37.0832 5200 IpFilterDriver - ok
09:53:37.0863 5200 iphlpsvc (cad416b8a4309b5e1ce75425381e7d2f) C:\Windows\System32\iphlpsvc.dll
09:53:37.0863 5200 iphlpsvc - ok
09:53:37.0879 5200 IpInIp - ok
09:53:37.0910 5200 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
09:53:37.0910 5200 IPMIDRV - ok
09:53:37.0910 5200 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
09:53:37.0910 5200 IPNAT - ok
09:53:37.0926 5200 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
09:53:37.0926 5200 IRENUM - ok
09:53:38.0004 5200 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
09:53:38.0004 5200 isapnp - ok
09:53:38.0050 5200 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
09:53:38.0050 5200 iScsiPrt - ok
09:53:38.0066 5200 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
09:53:38.0066 5200 iteatapi - ok
09:53:38.0082 5200 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
09:53:38.0082 5200 iteraid - ok
09:53:38.0113 5200 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:53:38.0113 5200 kbdclass - ok
09:53:38.0191 5200 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
09:53:38.0191 5200 kbdhid - ok
09:53:38.0222 5200 KeyIso (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
09:53:38.0222 5200 KeyIso - ok
09:53:38.0284 5200 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
09:53:38.0284 5200 KSecDD - ok
09:53:38.0394 5200 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
09:53:38.0394 5200 KtmRm - ok
09:53:38.0425 5200 LanmanServer (05ce901a4472b3fbf9407c94ad1db693) C:\Windows\system32\srvsvc.dll
09:53:38.0440 5200 LanmanServer - ok
09:53:38.0472 5200 LanmanWorkstation (dec1a338b86c5d582c25c40836dd76c3) C:\Windows\System32\wkssvc.dll
09:53:38.0472 5200 LanmanWorkstation - ok
09:53:38.0581 5200 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
09:53:38.0581 5200 lltdio - ok
09:53:38.0628 5200 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
09:53:38.0628 5200 lltdsvc - ok
09:53:38.0643 5200 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
09:53:38.0643 5200 lmhosts - ok
09:53:38.0752 5200 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
09:53:38.0752 5200 LSI_FC - ok
09:53:38.0768 5200 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
09:53:38.0768 5200 LSI_SAS - ok
09:53:38.0784 5200 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
09:53:38.0784 5200 LSI_SCSI - ok
09:53:38.0799 5200 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
09:53:38.0799 5200 luafv - ok
09:53:38.0924 5200 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
09:53:38.0924 5200 MBAMProtector - ok
09:53:38.0986 5200 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:53:39.0002 5200 MBAMService - ok
09:53:39.0096 5200 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
09:53:39.0096 5200 Mcx2Svc - ok
09:53:39.0158 5200 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:53:39.0158 5200 mdmxsdk - ok
09:53:39.0267 5200 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
09:53:39.0267 5200 megasas - ok
09:53:39.0298 5200 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
09:53:39.0314 5200 MegaSR - ok
09:53:39.0392 5200 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
09:53:39.0392 5200 MMCSS - ok
09:53:39.0439 5200 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
09:53:39.0439 5200 Modem - ok
09:53:39.0454 5200 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
09:53:39.0454 5200 monitor - ok
09:53:39.0486 5200 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
09:53:39.0486 5200 mouclass - ok
09:53:39.0548 5200 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
09:53:39.0548 5200 mouhid - ok
09:53:39.0564 5200 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
09:53:39.0564 5200 MountMgr - ok
09:53:39.0657 5200 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
09:53:39.0657 5200 mpio - ok
09:53:39.0688 5200 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
09:53:39.0688 5200 mpsdrv - ok
09:53:39.0766 5200 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
09:53:39.0766 5200 MpsSvc - ok
09:53:39.0844 5200 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
09:53:39.0844 5200 Mraid35x - ok
09:53:39.0907 5200 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
09:53:39.0938 5200 MRxDAV - ok
09:53:40.0000 5200 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:53:40.0032 5200 mrxsmb - ok
09:53:40.0078 5200 mrxsmb10 (67e55ced3fc143c82a8197988bfc1f9a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:53:40.0078 5200 mrxsmb10 - ok
09:53:40.0094 5200 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:53:40.0094 5200 mrxsmb20 - ok
09:53:40.0156 5200 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
09:53:40.0156 5200 msahci - ok
09:53:40.0188 5200 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
09:53:40.0188 5200 msdsm - ok
09:53:40.0250 5200 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
09:53:40.0250 5200 MSDTC - ok
09:53:40.0297 5200 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
09:53:40.0297 5200 Msfs - ok
09:53:40.0375 5200 msisadrv (1e00b9b8601f24a96ad71a7d0fc5f136) C:\Windows\system32\drivers\msisadrv.sys
09:53:40.0375 5200 msisadrv - ok
09:53:40.0437 5200 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
09:53:40.0437 5200 MSiSCSI - ok
09:53:40.0453 5200 msiserver - ok
09:53:40.0624 5200 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
09:53:40.0624 5200 MSKSSRV - ok
09:53:40.0687 5200 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
09:53:40.0687 5200 MSPCLOCK - ok
09:53:40.0765 5200 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
09:53:40.0765 5200 MSPQM - ok
09:53:40.0796 5200 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
09:53:40.0812 5200 MsRPC - ok
09:53:40.0874 5200 mssmbios (215634cf935b696e3ebca813d02e9165) C:\Windows\system32\DRIVERS\mssmbios.sys
09:53:40.0874 5200 mssmbios - ok
09:53:40.0968 5200 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
09:53:40.0999 5200 MSTEE - ok
09:53:41.0046 5200 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
09:53:41.0061 5200 Mup - ok
09:53:41.0108 5200 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
09:53:41.0124 5200 napagent - ok
09:53:41.0202 5200 NativeWifiP (dd721f8635191132992e7ceaa3c43c84) C:\Windows\system32\DRIVERS\nwifi.sys
09:53:41.0217 5200 NativeWifiP - ok
09:53:41.0264 5200 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
09:53:41.0264 5200 NDIS - ok
09:53:41.0295 5200 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
09:53:41.0295 5200 NdisTapi - ok
09:53:41.0373 5200 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
09:53:41.0373 5200 Ndisuio - ok
09:53:41.0420 5200 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
09:53:41.0420 5200 NdisWan - ok
09:53:41.0436 5200 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
09:53:41.0451 5200 NDProxy - ok
09:53:41.0514 5200 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
09:53:41.0529 5200 Net Driver HPZ12 - ok
09:53:41.0560 5200 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
09:53:41.0560 5200 NetBIOS - ok
09:53:41.0592 5200 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
09:53:41.0592 5200 netbt - ok
09:53:41.0623 5200 Netlogon (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
09:53:41.0623 5200 Netlogon - ok
09:53:41.0701 5200 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
09:53:41.0716 5200 Netman - ok
09:53:41.0732 5200 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
09:53:41.0732 5200 netprofm - ok
09:53:41.0779 5200 NetTcpPortSharing (f9102685f97f9ba85f4a70afcf722cfe) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:53:41.0794 5200 NetTcpPortSharing - ok
09:53:41.0966 5200 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
09:53:41.0997 5200 NETw5v32 - ok
09:53:42.0122 5200 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
09:53:42.0122 5200 nfrd960 - ok
09:53:42.0169 5200 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
09:53:42.0169 5200 NlaSvc - ok
09:53:42.0184 5200 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
09:53:42.0200 5200 Npfs - ok
09:53:42.0278 5200 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
09:53:42.0278 5200 nsi - ok
09:53:42.0301 5200 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
09:53:42.0322 5200 nsiproxy - ok
09:53:42.0371 5200 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
09:53:42.0442 5200 Ntfs - ok
09:53:42.0707 5200 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
09:53:42.0708 5200 ntrigdigi - ok
09:53:42.0780 5200 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
09:53:42.0785 5200 Null - ok
09:53:42.0808 5200 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
09:53:42.0809 5200 nvraid - ok
09:53:42.0835 5200 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
09:53:42.0837 5200 nvstor - ok
09:53:42.0854 5200 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
09:53:42.0855 5200 nv_agp - ok
09:53:42.0892 5200 NwlnkFlt - ok
09:53:42.0946 5200 NwlnkFwd - ok
09:53:43.0009 5200 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
09:53:43.0024 5200 o2flash - ok
09:53:43.0102 5200 O2MDRDR (78575368974962042472f18b24d3cf28) C:\Windows\system32\DRIVERS\o2media.sys
09:53:43.0102 5200 O2MDRDR - ok
09:53:43.0165 5200 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
09:53:43.0165 5200 ohci1394 - ok
09:53:43.0227 5200 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
09:53:43.0243 5200 p2pimsvc - ok
09:53:43.0258 5200 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
09:53:43.0258 5200 p2psvc - ok
09:53:43.0368 5200 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
09:53:43.0368 5200 Parport - ok
09:53:43.0399 5200 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
09:53:43.0414 5200 partmgr - ok
09:53:43.0461 5200 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
09:53:43.0461 5200 Parvdm - ok
09:53:43.0555 5200 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
09:53:43.0570 5200 PcaSvc - ok
09:53:43.0617 5200 pci (eca39351296d905baa4fa3244c152b00) C:\Windows\system32\drivers\pci.sys
09:53:43.0617 5200 pci - ok
09:53:43.0633 5200 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
09:53:43.0633 5200 pciide - ok
09:53:43.0711 5200 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
09:53:43.0711 5200 pcmcia - ok
09:53:43.0789 5200 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
09:53:43.0804 5200 PEAUTH - ok
09:53:44.0101 5200 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
09:53:44.0116 5200 pla - ok
09:53:44.0226 5200 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
09:53:44.0226 5200 PlugPlay - ok
09:53:44.0382 5200 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
09:53:44.0428 5200 Pml Driver HPZ12 - ok
09:53:44.0491 5200 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
09:53:44.0491 5200 PNRPAutoReg - ok
09:53:44.0506 5200 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
09:53:44.0522 5200 PNRPsvc - ok
09:53:44.0662 5200 PolicyAgent (017fb87911583b00da1581f07cb7e7f2) C:\Windows\System32\ipsecsvc.dll
09:53:44.0662 5200 PolicyAgent - ok
09:53:44.0725 5200 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
09:53:44.0725 5200 PptpMiniport - ok
09:53:44.0787 5200 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
09:53:44.0787 5200 Processor - ok
09:53:44.0834 5200 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
09:53:44.0850 5200 ProfSvc - ok
09:53:44.0881 5200 ProtectedStorage (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
09:53:44.0881 5200 ProtectedStorage - ok
09:53:44.0928 5200 PSched (a114cfe308c24b8235b03cfdffe11e99) C:\Windows\system32\DRIVERS\pacer.sys
09:53:44.0928 5200 PSched - ok
09:53:44.0990 5200 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
09:53:44.0990 5200 PxHelp20 - ok
09:53:45.0037 5200 QIOMem (674eba70a52c02696e503b0a57ae6372) C:\Windows\system32\DRIVERS\QIOMem.sys
09:53:45.0037 5200 QIOMem - ok
09:53:45.0115 5200 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
09:53:45.0115 5200 ql2300 - ok
09:53:45.0224 5200 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
09:53:45.0240 5200 ql40xx - ok
09:53:45.0286 5200 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
09:53:45.0302 5200 QWAVE - ok
09:53:45.0317 5200 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
09:53:45.0317 5200 QWAVEdrv - ok
09:53:45.0377 5200 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
09:53:45.0382 5200 RasAcd - ok
09:53:45.0452 5200 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
09:53:45.0457 5200 RasAuto - ok
09:53:45.0517 5200 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:53:45.0522 5200 Rasl2tp - ok
09:53:45.0567 5200 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
09:53:45.0572 5200 RasMan - ok
09:53:45.0617 5200 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
09:53:45.0617 5200 RasPppoe - ok
09:53:45.0667 5200 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
09:53:45.0672 5200 RasSstp - ok
09:53:45.0697 5200 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
09:53:45.0697 5200 rdbss - ok
09:53:45.0722 5200 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:53:45.0722 5200 RDPCDD - ok
09:53:45.0752 5200 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
09:53:45.0752 5200 rdpdr - ok
09:53:45.0812 5200 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
09:53:45.0882 5200 RDPENCDD - ok
09:53:45.0917 5200 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
09:53:45.0927 5200 RDPWD - ok
09:53:45.0987 5200 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
09:53:45.0992 5200 RemoteAccess - ok
09:53:46.0067 5200 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
09:53:46.0072 5200 RemoteRegistry - ok
09:53:46.0097 5200 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
09:53:46.0102 5200 RpcLocator - ok
09:53:46.0152 5200 RpcSs (33fb1f0193ee2051067441492d56113c) C:\Windows\system32\rpcss.dll
09:53:46.0162 5200 RpcSs - ok
09:53:46.0237 5200 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
09:53:46.0237 5200 rspndr - ok
09:53:46.0287 5200 SamSs (dcf733788c7d088d814e5f80eb4b3e0f) C:\Windows\system32\lsass.exe
09:53:46.0292 5200 SamSs - ok
09:53:46.0317 5200 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
09:53:46.0317 5200 sbp2port - ok
09:53:46.0499 5200 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
09:53:46.0499 5200 SCardSvr - ok
09:53:46.0546 5200 Schedule (1d5e99db3c10f4fa034010dc49043ca4) C:\Windows\system32\schedsvc.dll
09:53:46.0562 5200 Schedule - ok
09:53:46.0655 5200 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
09:53:46.0655 5200 SCPolicySvc - ok
09:53:46.0733 5200 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
09:53:46.0733 5200 sdbus - ok
09:53:46.0780 5200 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
09:53:46.0780 5200 SDRSVC - ok
09:53:46.0858 5200 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:53:46.0874 5200 secdrv - ok
09:53:46.0889 5200 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
09:53:46.0889 5200 seclogon - ok
09:53:46.0999 5200 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
09:53:46.0999 5200 SENS - ok
09:53:47.0061 5200 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
09:53:47.0061 5200 Serenum - ok
09:53:47.0077 5200 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
09:53:47.0092 5200 Serial - ok
09:53:47.0123 5200 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
09:53:47.0123 5200 sermouse - ok
09:53:47.0201 5200 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
09:53:47.0217 5200 SessionEnv - ok
09:53:47.0264 5200 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
09:53:47.0264 5200 sffdisk - ok
09:53:47.0264 5200 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
09:53:47.0264 5200 sffp_mmc - ok
09:53:47.0279 5200 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
09:53:47.0279 5200 sffp_sd - ok
09:53:47.0295 5200 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
09:53:47.0295 5200 sfloppy - ok
09:53:47.0326 5200 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
09:53:47.0326 5200 SharedAccess - ok
09:53:47.0357 5200 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
09:53:47.0373 5200 ShellHWDetection - ok
09:53:47.0404 5200 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
09:53:47.0404 5200 sisagp - ok
09:53:47.0467 5200 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
09:53:47.0467 5200 SiSRaid2 - ok
09:53:47.0498 5200 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
09:53:47.0498 5200 SiSRaid4 - ok
09:53:47.0607 5200 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
09:53:47.0607 5200 SkypeUpdate - ok
09:53:47.0763 5200 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
09:53:47.0794 5200 slsvc - ok
09:53:47.0888 5200 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
09:53:47.0888 5200 SLUINotify - ok
09:53:47.0981 5200 SmartFaceVWatchSrv (3566310df25ea5c3b2e9f50f5b50eac1) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
09:53:47.0981 5200 SmartFaceVWatchSrv - ok
09:53:48.0075 5200 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
09:53:48.0075 5200 Smb - ok
09:53:48.0106 5200 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
09:53:48.0106 5200 SNMPTRAP - ok
09:53:48.0137 5200 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
09:53:48.0153 5200 spldr - ok
09:53:48.0247 5200 Spooler (846cdf9a3cf4da9b306adfb7d55ee4c2) C:\Windows\System32\spoolsv.exe
09:53:48.0247 5200 Spooler - ok
09:53:48.0278 5200 srv (3d7c04aba41ac96ba7e9d123ec8f7fa3) C:\Windows\system32\DRIVERS\srv.sys
09:53:48.0278 5200 srv - ok
09:53:48.0309 5200 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
09:53:48.0325 5200 srv2 - ok
09:53:48.0356 5200 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
09:53:48.0356 5200 srvnet - ok
09:53:48.0465 5200 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
09:53:48.0481 5200 SSDPSRV - ok
09:53:48.0512 5200 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
09:53:48.0527 5200 ssmdrv - ok
09:53:48.0543 5200 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
09:53:48.0559 5200 SstpSvc - ok
09:53:48.0652 5200 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
09:53:48.0652 5200 StillCam - ok
09:53:48.0683 5200 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
09:53:48.0699 5200 stisvc - ok
09:53:48.0746 5200 swenum (97e089971a6aba49ad5592bd6298e416) C:\Windows\system32\DRIVERS\swenum.sys
09:53:48.0761 5200 swenum - ok
09:53:48.0886 5200 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
09:53:48.0886 5200 swprv - ok
09:53:48.0933 5200 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
09:53:48.0933 5200 Symc8xx - ok
09:53:48.0995 5200 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
09:53:48.0995 5200 Sym_hi - ok
09:53:49.0011 5200 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
09:53:49.0011 5200 Sym_u3 - ok
09:53:49.0058 5200 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
09:53:49.0073 5200 SysMain - ok
09:53:49.0089 5200 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
09:53:49.0089 5200 TabletInputService - ok
09:53:49.0105 5200 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
09:53:49.0105 5200 TapiSrv - ok
09:53:49.0120 5200 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
09:53:49.0120 5200 TBS - ok
09:53:49.0245 5200 Tcpip (fc6e2835d667774d409c7c7021eaf9c4) C:\Windows\system32\drivers\tcpip.sys
09:53:49.0292 5200 Tcpip - ok
09:53:49.0401 5200 Tcpip6 (fc6e2835d667774d409c7c7021eaf9c4) C:\Windows\system32\DRIVERS\tcpip.sys
09:53:49.0401 5200 Tcpip6 - ok
09:53:49.0432 5200 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
09:53:49.0432 5200 tcpipreg - ok
09:53:49.0541 5200 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
09:53:49.0541 5200 tdcmdpst - ok
09:53:49.0588 5200 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
09:53:49.0588 5200 TDPIPE - ok
09:53:49.0604 5200 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
09:53:49.0604 5200 TDTCP - ok
09:53:49.0635 5200 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
09:53:49.0635 5200 tdx - ok
09:53:49.0682 5200 TempoMonitoringService (ce0b5d587839614a16480d7b8395ffe9) C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
09:53:49.0697 5200 TempoMonitoringService - ok
09:53:49.0791 5200 TermDD (718b2f4355cd8eb2844741addac0e622) C:\Windows\system32\DRIVERS\termdd.sys
09:53:49.0791 5200 TermDD - ok
09:53:49.0838 5200 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
09:53:49.0838 5200 TermService - ok
09:53:49.0947 5200 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
09:53:49.0947 5200 Themes - ok
09:53:49.0978 5200 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
09:53:49.0978 5200 THREADORDER - ok
09:53:50.0087 5200 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
09:53:50.0087 5200 TNaviSrv - ok
09:53:50.0197 5200 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
09:53:50.0197 5200 TODDSrv - ok
09:53:50.0275 5200 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
09:53:50.0368 5200 TosCoSrv - ok
09:53:50.0368 5200 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
09:53:50.0368 5200 TOSHIBA SMART Log Service - ok
09:53:50.0446 5200 Tosrfcom - ok
09:53:50.0493 5200 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
09:53:50.0493 5200 tosrfec - ok
09:53:50.0540 5200 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
09:53:50.0540 5200 tos_sps32 - ok
09:53:50.0633 5200 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
09:53:50.0649 5200 TrkWks - ok
09:53:50.0696 5200 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
09:53:50.0696 5200 TrustedInstaller - ok
09:53:50.0774 5200 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:53:50.0774 5200 tssecsrv - ok
09:53:50.0836 5200 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
09:53:50.0836 5200 tunmp - ok
09:53:50.0867 5200 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
09:53:50.0867 5200 tunnel - ok
09:53:50.0899 5200 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
09:53:50.0930 5200 TVALZ - ok
09:53:50.0977 5200 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
09:53:50.0977 5200 uagp35 - ok
09:53:51.0055 5200 udfs (c985b36e127ea9b8a92396120bff52d8) C:\Windows\system32\DRIVERS\udfs.sys
09:53:51.0055 5200 udfs - ok
09:53:51.0101 5200 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
09:53:51.0101 5200 UI0Detect - ok
09:53:51.0179 5200 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
09:53:51.0179 5200 UleadBurningHelper - ok
09:53:51.0273 5200 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
09:53:51.0273 5200 uliagpkx - ok
09:53:51.0289 5200 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
09:53:51.0289 5200 uliahci - ok
09:53:51.0320 5200 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
09:53:51.0320 5200 UlSata - ok
09:53:51.0351 5200 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
09:53:51.0351 5200 ulsata2 - ok
09:53:51.0445 5200 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
09:53:51.0445 5200 umbus - ok
09:53:51.0476 5200 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
09:53:51.0491 5200 upnphost - ok
09:53:51.0523 5200 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
09:53:51.0523 5200 usbccgp - ok
09:53:51.0616 5200 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
09:53:51.0616 5200 usbcir - ok
09:53:51.0663 5200 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
09:53:51.0663 5200 usbehci - ok
09:53:51.0803 5200 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
09:53:51.0819 5200 usbhub - ok
09:53:51.0835 5200 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
09:53:51.0850 5200 usbohci - ok
09:53:51.0897 5200 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
09:53:51.0897 5200 usbprint - ok
09:53:51.0975 5200 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
09:53:51.0975 5200 usbscan - ok
09:53:52.0053 5200 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:53:52.0053 5200 USBSTOR - ok
09:53:52.0147 5200 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
09:53:52.0147 5200 usbuhci - ok
09:53:52.0193 5200 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
09:53:52.0209 5200 usbvideo - ok
09:53:52.0287 5200 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
09:53:52.0287 5200 UVCFTR - ok
09:53:52.0365 5200 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
09:53:52.0365 5200 UxSms - ok
09:53:52.0396 5200 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
09:53:52.0427 5200 vds - ok
09:53:52.0505 5200 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
09:53:52.0505 5200 vga - ok
09:53:52.0552 5200 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
09:53:52.0552 5200 VgaSave - ok
09:53:52.0568 5200 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
09:53:52.0568 5200 viaagp - ok
09:53:52.0583 5200 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
09:53:52.0583 5200 ViaC7 - ok
09:53:52.0615 5200 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
09:53:52.0615 5200 viaide - ok
09:53:52.0646 5200 volmgr (bdd98bbe7323fc0975a26373d8050471) C:\Windows\system32\drivers\volmgr.sys
09:53:52.0646 5200 volmgr - ok
09:53:52.0661 5200 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
09:53:52.0661 5200 volmgrx - ok
09:53:52.0739 5200 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
09:53:52.0739 5200 volsnap - ok
09:53:52.0802 5200 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
09:53:52.0802 5200 vsmraid - ok
09:53:52.0864 5200 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
09:53:52.0880 5200 VSS - ok
09:53:52.0927 5200 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
09:53:52.0927 5200 W32Time - ok
09:53:53.0005 5200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
09:53:53.0005 5200 WacomPen - ok
09:53:53.0036 5200 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:53:53.0036 5200 Wanarp - ok
09:53:53.0036 5200 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:53:53.0036 5200 Wanarpv6 - ok
09:53:53.0098 5200 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
09:53:53.0098 5200 wcncsvc - ok
09:53:53.0192 5200 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
09:53:53.0192 5200 WcsPlugInService - ok
09:53:53.0223 5200 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
09:53:53.0223 5200 Wd - ok
09:53:53.0254 5200 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
09:53:53.0270 5200 Wdf01000 - ok
09:53:53.0348 5200 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
09:53:53.0348 5200 WdiServiceHost - ok
09:53:53.0348 5200 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
09:53:53.0363 5200 WdiSystemHost - ok
09:53:53.0395 5200 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
09:53:53.0395 5200 WebClient - ok
09:53:53.0426 5200 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
09:53:53.0426 5200 Wecsvc - ok
09:53:53.0457 5200 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
09:53:53.0457 5200 wercplsupport - ok
09:53:53.0488 5200 WerSvc (4081288554294f144e5a7d4ee20e3ce6) C:\Windows\System32\WerSvc.dll
09:53:53.0488 5200 WerSvc - ok
09:53:53.0551 5200 winachsf (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:53:53.0566 5200 winachsf - ok
09:53:53.0613 5200 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
09:53:53.0613 5200 WinDefend - ok
09:53:53.0629 5200 WinHttpAutoProxySvc - ok
09:53:53.0738 5200 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
09:53:53.0738 5200 Winmgmt - ok
09:53:53.0800 5200 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
09:53:53.0800 5200 WinRM - ok
09:53:53.0925 5200 Wlansvc (4b40ff01db5357299dcbdb5a5746ad21) C:\Windows\System32\wlansvc.dll
09:53:53.0925 5200 Wlansvc - ok
09:53:53.0956 5200 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:53:53.0956 5200 WmiAcpi - ok
09:53:54.0019 5200 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
09:53:54.0065 5200 wmiApSrv - ok
09:53:54.0128 5200 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:53:54.0143 5200 WMPNetworkSvc - ok
09:53:54.0237 5200 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
09:53:54.0237 5200 WPCSvc - ok
09:53:54.0253 5200 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
09:53:54.0253 5200 WPDBusEnum - ok
09:53:54.0299 5200 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
09:53:54.0299 5200 WpdUsb - ok
09:53:54.0331 5200 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
09:53:54.0331 5200 ws2ifsl - ok
09:53:54.0424 5200 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
09:53:54.0424 5200 wscsvc - ok
09:53:54.0455 5200 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:53:54.0471 5200 WSDPrintDevice - ok
09:53:54.0471 5200 WSearch - ok
09:53:54.0565 5200 wuauserv (d79538b67fa641e986855def651e78fe) C:\Windows\system32\wuaueng.dll
09:53:54.0580 5200 wuauserv - ok
09:53:54.0658 5200 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:53:54.0674 5200 WUDFRd - ok
09:53:54.0721 5200 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
09:53:54.0721 5200 wudfsvc - ok
09:53:54.0767 5200 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
09:53:54.0767 5200 XAudio - ok
09:53:54.0845 5200 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
09:53:54.0861 5200 XAudioService - ok
09:53:54.0955 5200 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
09:53:54.0955 5200 yukonwlh - ok
09:53:54.0970 5200 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:53:55.0033 5200 \Device\Harddisk0\DR0 - ok
09:53:55.0033 5200 Boot (0x1200) (328a52a96f555f409d105fc198fa17c4) \Device\Harddisk0\DR0\Partition0
09:53:55.0033 5200 \Device\Harddisk0\DR0\Partition0 - ok
09:53:55.0064 5200 Boot (0x1200) (ce6b970bf812175b1b7cfdda7d3a959a) \Device\Harddisk0\DR0\Partition1
09:53:55.0064 5200 \Device\Harddisk0\DR0\Partition1 - ok
09:53:55.0064 5200 ============================================================
09:53:55.0064 5200 Scan finished
09:53:55.0064 5200 ============================================================
09:53:55.0079 5180 Detected object count: 0
09:53:55.0079 5180 Actual detected object count: 0
|
|
15.04.2012, 15:32
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O Virus entfernen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2012, 05:44
| #15 |
| | BOO/TDss.O Virus entfernen Ich hatte Probleme Comodo auszuschalten. Malware hat Fehler 5 angezeigt? Hier das log. Combofix Logfile: Code:
ATTFilter ComboFix 12-04-15.02 - Köter 15.04.2012 21:23:24.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.3066.1787 [GMT 2:00]
ausgeführt von:: c:\users\K÷ter\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: COMODO Antivirus *Enabled/Outdated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 4
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Zugriff verweigert
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Köter\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
c:\users\Public\Favorites\mxfilerelatedcache.mxc2
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-15 bis 2012-04-15 ))))))))))))))))))))))))))))))
.
.
2012-04-15 19:33 . 2012-04-15 19:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-12 20:05 . 2012-04-12 20:05 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-06 17:57 . 2012-04-06 17:57 -------- d-----w- c:\users\Köter\AppData\Roaming\Malwarebytes
2012-04-06 17:56 . 2012-04-06 17:56 -------- d-----w- c:\programdata\Malwarebytes
2012-04-06 17:56 . 2012-04-06 17:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-06 17:56 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 16:40 . 2012-04-06 16:40 -------- d-----w- c:\users\Köter\AppData\Roaming\Mozilla
2012-04-06 16:40 . 2012-04-06 16:40 -------- d-----w- c:\users\Köter\AppData\Roaming\Thunderbird
2012-04-06 16:40 . 2012-04-06 16:40 -------- d-----w- c:\users\Köter\AppData\Local\Thunderbird
2012-04-06 16:40 . 2012-04-06 16:40 -------- d-----w- c:\program files\Mozilla Thunderbird
2012-04-06 15:52 . 2012-04-06 15:52 -------- d-----w- c:\program files\Common Files\Skype
2012-04-06 15:52 . 2012-04-06 15:52 -------- d-----r- c:\program files\Skype
2012-04-06 15:37 . 2012-04-06 15:37 -------- d-----w- c:\programdata\CA
2012-04-06 15:37 . 2012-04-06 15:37 -------- d-----w- c:\program files\Common Files\Scanner
2012-04-06 15:37 . 2012-04-06 15:37 -------- d-----w- c:\program files\CA
2012-04-06 15:33 . 2012-04-06 15:33 -------- d-----w- c:\program files\CCleaner
2012-04-06 09:08 . 2012-04-06 09:08 -------- d-----w- c:\program files\Microsoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-10 17:31 . 2012-01-21 09:25 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-01-21 09:59 . 2012-01-21 09:59 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-01-21 09:59 . 2012-01-21 09:59 1060864 ----a-w- c:\windows\system32\mfc71.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 87952369
*Deregistered* - 87952369
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/ig?hl=de&source=webhp
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
TCP: DhcpNameServer = 192.168.0.1
.
.
------- Dateityp-Verknüpfung -------
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-15 21:34
Windows 6.0.6001 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwClose
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????RZrU?\??P?V?x?V???V???V??
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ACPI]
"ImagePath"="system32\drivers\acpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adp94xx]
"ImagePath"="\SystemRoot\system32\drivers\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpahci]
"ImagePath"="\SystemRoot\system32\drivers\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpu160m]
"ImagePath"="\SystemRoot\system32\drivers\adpu160m.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpu320]
"ImagePath"="\SystemRoot\system32\drivers\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adsi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\agp440]
"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aic78xx]
"ImagePath"="\SystemRoot\system32\drivers\djsvs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aliide]
"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdagp]
"ImagePath"="\SystemRoot\system32\drivers\amdagp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdide]
"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdK7]
"ImagePath"="\SystemRoot\system32\drivers\amdk7.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdK8]
"ImagePath"="\SystemRoot\system32\drivers\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirSchedulerService]
"ImagePath"="\"c:\program files\Avira\AntiVir Desktop\sched.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
"ImagePath"="\"c:\program files\Avira\AntiVir Desktop\avguard.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ApfiltrService]
"ImagePath"="system32\DRIVERS\Apfiltr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arc]
"ImagePath"="\SystemRoot\system32\drivers\arc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arcsas]
"ImagePath"="\SystemRoot\system32\drivers\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi]
"ImagePath"="system32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ati External Event Utility]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Atierecord]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atikmdag]
"ImagePath"="system32\DRIVERS\atikmdag.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Audiosrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
"ImagePath"="system32\DRIVERS\avgntflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb]
"ImagePath"="system32\DRIVERS\avipbb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avkmgr]
"ImagePath"="system32\DRIVERS\avkmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\blbdrive]
"ImagePath"="\SystemRoot\system32\drivers\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\drivers\brfiltlo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\drivers\brfiltup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Brserid]
"ImagePath"="\SystemRoot\system32\drivers\brserid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrSerWdm]
"ImagePath"="\SystemRoot\system32\drivers\brserwdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrUsbMdm]
"ImagePath"="\SystemRoot\system32\drivers\brusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrUsbSer]
"ImagePath"="\SystemRoot\system32\drivers\brusbser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\drivers\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\users\KTER~1\AppData\Local\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\circlass]
"ImagePath"="\SystemRoot\system32\drivers\circlass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLPSLS]
"ImagePath"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdAgent]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmderd]
"ImagePath"="System32\DRIVERS\cmderd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdGuard]
"ImagePath"="System32\DRIVERS\cmdguard.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdHlp]
"ImagePath"="System32\DRIVERS\cmdhlp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdide]
"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CnxtHdAudService]
"ImagePath"="system32\drivers\CHDRT32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ConfigFree Service]
"ImagePath"="\"c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\crcdisk]
"ImagePath"="system32\drivers\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Crusoe]
"ImagePath"="\SystemRoot\system32\drivers\crusoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\crypt32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DCLocator]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DFSR]
"ImagePath"="%SystemRoot%\system32\DFSR.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcsvc.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\disk]
"ImagePath"="system32\drivers\disk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\E1G60]
"ImagePath"="system32\DRIVERS\E1G60I32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ecache]
"ImagePath"="System32\drivers\ecache.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ehstart]
"ServiceDll"="%SystemRoot%\ehome\ehstart.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\elxstor]
"ImagePath"="\SystemRoot\system32\drivers\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EmdCache]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EMDMgmt]
"ServiceDll"="%systemroot%\system32\emdmgmt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ErrDev]
"ImagePath"="\SystemRoot\system32\drivers\errdev.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESENT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\exfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fastfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FirebirdServerMAGIXInstance]
"ImagePath"="c:\program files\MAGIX\Common\Database\bin\fbserver.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gagp30kx]
"ImagePath"="\SystemRoot\system32\drivers\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GoogleDesktopManager-022208-143751]
"ImagePath"="\"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HdAudAddService]
"ImagePath"="system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidBth]
"ImagePath"="\SystemRoot\system32\drivers\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidIr]
"ImagePath"="\SystemRoot\system32\drivers\hidir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HpCISSs]
"ImagePath"="\SystemRoot\system32\drivers\hpcisss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqcxs08.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqddsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HPSLPSVC]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\HPSLPSVC32.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HSF_DPV]
"ImagePath"="system32\DRIVERS\HSX_DPV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HSXHWAZL]
"ImagePath"="system32\DRIVERS\HSXHWAZL.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hwdatacard]
"ImagePath"="system32\DRIVERS\ewusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i2omp]
"ImagePath"="\SystemRoot\system32\drivers\i2omp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ialm]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStor]
"ImagePath"="system32\DRIVERS\iaStor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStorV]
"ImagePath"="\SystemRoot\system32\drivers\iastorv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IDriverT]
"ImagePath"="\"c:\program files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\igfx]
"ImagePath"="system32\DRIVERS\igdkmd32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iirsp]
"ImagePath"="\SystemRoot\system32\drivers\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inspect]
"ImagePath"="system32\DRIVERS\inspect.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IntcHdmiAddService]
"ImagePath"="system32\drivers\IntcHdmi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelide]
"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\drivers\ipmidrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPNAT]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\isapnp]
"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iScsiPrt]
"ImagePath"="system32\DRIVERS\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iteatapi]
"ImagePath"="\SystemRoot\system32\drivers\iteatapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iteraid]
"ImagePath"="\SystemRoot\system32\drivers\iteraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdhid]
"ImagePath"="\SystemRoot\system32\drivers\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Lsa]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_FC]
"ImagePath"="\SystemRoot\system32\drivers\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\drivers\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mdmxsdk]
"ImagePath"="system32\DRIVERS\mdmxsdk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\megasas]
"ImagePath"="\SystemRoot\system32\drivers\megasas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MegaSR]
"ImagePath"="\SystemRoot\system32\drivers\megasr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MountMgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mpio]
"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mraid35x]
"ImagePath"="\SystemRoot\system32\drivers\mraid35x.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msahci]
"ImagePath"="system32\drivers\msahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msdsm]
"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msisadrv]
"ImagePath"="system32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsRPC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZinw12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netbt]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NETw5v32]
"ImagePath"="system32\DRIVERS\NETw5v32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nfrd960]
"ImagePath"="\SystemRoot\system32\drivers\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ntrigdigi]
"ImagePath"="\SystemRoot\system32\drivers\ntrigdigi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvraid]
"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvstor]
"ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nv_agp]
"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\o2flash]
"ImagePath"="\"c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\O2MDRDR]
"ImagePath"="system32\DRIVERS\o2media.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ohci1394]
"ImagePath"="system32\DRIVERS\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Parport]
"ImagePath"="\SystemRoot\system32\drivers\parport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Parvdm]
"ImagePath"="\SystemRoot\system32\drivers\parvdm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pci]
"ImagePath"="system32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pciide]
"ImagePath"="\SystemRoot\system32\drivers\pciide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pcmcia]
"ImagePath"="\SystemRoot\system32\drivers\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZipm12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PortProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Processor]
"ImagePath"="\SystemRoot\system32\drivers\processr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QIOMem]
"ImagePath"="system32\DRIVERS\QIOMem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ql2300]
"ImagePath"="\SystemRoot\system32\drivers\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ql40xx]
"ImagePath"="\SystemRoot\system32\drivers\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdpdr]
"ImagePath"="\SystemRoot\system32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sbp2port]
"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdbus]
"ImagePath"="system32\DRIVERS\sdbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\secdrv]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serenum]
"ImagePath"="\SystemRoot\system32\drivers\serenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serial]
"ImagePath"="\SystemRoot\system32\drivers\serial.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sermouse]
"ImagePath"="\SystemRoot\system32\drivers\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sffdisk]
"ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sffp_sd]
"ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sfloppy]
"ImagePath"="\SystemRoot\system32\drivers\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sisagp]
"ImagePath"="\SystemRoot\system32\drivers\sisagp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\drivers\sisraid2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SkypeUpdate]
"ImagePath"="\"c:\program files\Skype\Updater\Updater.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\slsvc]
"ImagePath"="%SystemRoot%\system32\SLsvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SLUINotify]
"ServiceDll"="%SystemRoot%\system32\SLUINotify.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SmartFaceVWatchSrv]
"ImagePath"="\"c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\spldr]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv]
"ImagePath"="system32\DRIVERS\ssmdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\StillCam]
"ImagePath"="system32\DRIVERS\serscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Symc8xx]
"ImagePath"="\SystemRoot\system32\drivers\symc8xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sym_hi]
"ImagePath"="\SystemRoot\system32\drivers\sym_hi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sym_u3]
"ImagePath"="\SystemRoot\system32\drivers\sym_u3.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdcmdpst]
"ImagePath"="system32\DRIVERS\tdcmdpst.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TempoMonitoringService]
"ImagePath"="\"c:\program files\Toshiba TEMPRO\TempoSVC.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\system32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TNaviSrv]
"ImagePath"="c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TODDSrv]
"ImagePath"="c:\windows\system32\TODDSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TosCoSrv]
"ImagePath"="\"c:\program files\Toshiba\Power Saver\TosCoSrv.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TOSHIBA SMART Log Service]
"ImagePath"="\"c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tosrfcom]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tosrfec]
"ImagePath"="system32\DRIVERS\tosrfec.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tosrfusb]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tos_sps32]
"ImagePath"="system32\DRIVERS\tos_sps32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tunmp]
"ImagePath"="system32\DRIVERS\tunmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TVALZ]
"ImagePath"="system32\DRIVERS\TVALZ_O.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uagp35]
"ImagePath"="\SystemRoot\system32\drivers\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGatherer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UleadBurningHelper]
"ImagePath"="c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uliagpkx]
"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uliahci]
"ImagePath"="\SystemRoot\system32\drivers\uliahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UlSata]
"ImagePath"="\SystemRoot\system32\drivers\ulsata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ulsata2]
"ImagePath"="\SystemRoot\system32\drivers\ulsata2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usb]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbcir]
"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbohci]
"ImagePath"="\SystemRoot\system32\drivers\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbvideo]
"ImagePath"="System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UVCFTR]
"ImagePath"="System32\Drivers\UVCFTR_S.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\viaagp]
"ImagePath"="\SystemRoot\system32\drivers\viaagp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ViaC7]
"ImagePath"="\SystemRoot\system32\drivers\viac7.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\viaide]
"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgr]
"ImagePath"="system32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volsnap]
"ImagePath"="system32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vsmraid]
"ImagePath"="\SystemRoot\system32\drivers\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WacomPen]
"ImagePath"="\SystemRoot\system32\drivers\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wd]
"ImagePath"="\SystemRoot\system32\drivers\wd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winachsf]
"ImagePath"="system32\DRIVERS\HSX_CNXT.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiAcpi]
"ImagePath"="system32\DRIVERS\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"%ProgramFiles%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WpdUsb]
"ImagePath"="system32\DRIVERS\wpdusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSDPrintDevice]
"ImagePath"="system32\DRIVERS\WSDPrint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XAudio]
"ImagePath"="system32\DRIVERS\xaudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XAudioService]
"ImagePath"="%SystemRoot%\system32\DRIVERS\xaudio.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\xmlprov]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\yukonwlh]
"ImagePath"="system32\DRIVERS\yk60x86.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{A4465A29-F182-424F-A5AD-9EDBC3D66ABF}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE3FA299-49D7-4577-8BBB-DEB1D18B62AE}]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(732)
c:\windows\system32\guard32.dll
.
Zeit der Fertigstellung: 2012-04-15 21:38:16
ComboFix-quarantined-files.txt 2012-04-15 19:38
.
Vor Suchlauf: 7 Verzeichnis(se), 125.078.646.784 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 125.090.885.632 Bytes frei
.
- - End Of File - - AB97045CBB72DA6D5630C042883EE0BE
|
|
| Themen zu BOO/TDss.O Virus entfernen |
| boo/tdss.o, entferne, entfernen, entfernung, troja, virus, virus entfernen |
Linear-Darstellung
