Liebe Community,

Meine Freundin hat seit kurzem anscheinend einen redirect virus/trojaner? auf dem laptop.
Suchergebnisse verschiedener Suchmaschinen ( auch auf unterschiedlichen Browser) werden auf falsche Seiten umgeleitet..
Beim zweiten, dritten Mal stimmt der Link dann.

Auf dem PC wurde eigentlich keine Software aus dubiosen Quellen installiert und die freie Version von Avira ist aktiv ..

Da ich es vermeiden möchte den Laptop neu aufzusetzen, das ist immer so eine Qual mit den Treibern, bitte ich euch um Hilfe.

Vielen Dank im Voraus,
Norbert Freiberger

Vielleicht zu Erwähnen wäre noch dass Malwarebytes schon einiges gefunden und entfernt hat.
LG,
Norbert

OTL log angehängt

hi
und woher sollen wir wissen wer was gefunden hatt, wenn du die logs nicht postest?
öffne malwarebytes, logdateien, poste alle berichte.
öffne avira, ereignisse, poste fundmeldungen.
öffne avira, berichte, poste logs mit funden

hi,
könnt ihr natürlich nicht, sorry
ich habe jetzt die logfiles von den malwarebyte - scans, sowie alle avira reports angehängt.


logs.zip->mapwarebytes
AVSCAN*->AVIRA Berichte/Reports
avira_ereignisse.txt -> AVIRA Fund


Vielen Dank für deine Zeit,
Norbert

danke

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop

• Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-04-12.03 - Petra 12.04.2012  22:29:05.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.4002.2093 [GMT 2:00]
ausgeführt von:: c:\users\Petra\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Petra\Desktop\Internet Security.lnk
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-12 bis 2012-04-12  ))))))))))))))))))))))))))))))
.
.
2012-04-12 20:33 . 2012-04-12 20:33	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-04-12 20:33 . 2012-04-12 20:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-12 16:32 . 2012-04-12 16:32	--------	d-----w-	c:\windows\system32\Macromed
2012-04-11 20:04 . 2012-04-11 20:04	--------	d-----w-	c:\program files (x86)\7-Zip
2012-03-14 20:38 . 2012-03-14 20:38	--------	d-----w-	c:\users\Petra\AppData\Roaming\Malwarebytes
2012-03-14 20:38 . 2012-03-14 20:38	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-14 20:38 . 2012-04-11 17:44	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-14 20:38 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-13 22:15 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-13 22:15 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-13 22:15 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-08 16:36 . 2012-03-08 16:36	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-03-08 16:36 . 2011-12-14 15:23	824144	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-02-27 08:56 . 2012-02-27 08:56	162664	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-17 06:38 . 2012-03-13 17:25	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-13 17:25	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-13 17:25	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-13 17:25	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-15 16:48 . 2012-01-29 15:40	132320	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-10 06:36 . 2012-03-13 19:03	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-13 19:03	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-02-03 04:34 . 2012-03-13 19:03	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 06:38 . 2012-03-13 17:25	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-01-25 06:38 . 2012-03-13 17:25	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:33 . 2012-03-13 17:25	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-28 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2011-08-06 207400]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2011-08-06 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2011-08-13 447016]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
c:\users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2011-10-28 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-28 136176]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-28 136176]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-07-25 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-25 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-28 2656280]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [2011-08-06 118560]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-28 12:37]
.
2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-28 12:37]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-01 12661352]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aldi.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten österreichischen Shopping-Websites
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21 192.168.1.1
FF - ProfilePath - c:\users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\9ivsoqhu.default\
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Uqsmaflat - c:\users\Petra\AppData\Roaming\MFC71KOR6.dll
Wow6432Node-HKLM-Run-LMgrOSD - c:\program files (x86)\Launch Manager\OSDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-IT9130 DriverInstaller_11.4.26.1 - c:\users\ADMINI~1\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-12  22:35:29
ComboFix-quarantined-files.txt  2012-04-12 20:35
.
Vor Suchlauf: 6 Verzeichnis(se), 647.829.938.176 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 647.771.463.680 Bytes frei
.
- - End Of File - - 9EB92D1DDF2528C0F3113239635B04F6
         

--- --- ---

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

hier der report, danke

22:20:52.0891 2400 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
22:20:53.0219 2400 ============================================================
22:20:53.0219 2400 Current date / time: 2012/04/15 22:20:53.0219
22:20:53.0219 2400 SystemInfo:
22:20:53.0219 2400
22:20:53.0219 2400 OS Version: 6.1.7601 ServicePack: 1.0
22:20:53.0219 2400 Product type: Workstation
22:20:53.0220 2400 ComputerName: PETRA-PC
22:20:53.0220 2400 UserName: Petra
22:20:53.0220 2400 Windows directory: C:\Windows
22:20:53.0220 2400 System windows directory: C:\Windows
22:20:53.0220 2400 Running under WOW64
22:20:53.0220 2400 Processor architecture: Intel x64
22:20:53.0220 2400 Number of processors: 4
22:20:53.0220 2400 Page size: 0x1000
22:20:53.0220 2400 Boot type: Normal boot
22:20:53.0220 2400 ============================================================
22:20:57.0532 2400 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:20:57.0571 2400 \Device\Harddisk0\DR0:
22:20:57.0572 2400 MBR used
22:20:57.0572 2400 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:20:57.0572 2400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x50F12800
22:20:57.0973 2400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x50F45800, BlocksNum 0x5FFE000
22:20:58.0451 2400 Initialize success
22:20:58.0451 2400 ============================================================
22:21:38.0264 1068 ============================================================
22:21:38.0264 1068 Scan started
22:21:38.0264 1068 Mode: Manual; SigCheck; TDLFS;
22:21:38.0264 1068 ============================================================
22:21:45.0221 1068 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:21:45.0320 1068 1394ohci - ok
22:21:45.0580 1068 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:21:45.0595 1068 ACPI - ok
22:21:45.0909 1068 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:21:46.0040 1068 AcpiPmi - ok
22:21:46.0249 1068 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:21:46.0260 1068 AdobeARMservice - ok
22:21:46.0586 1068 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
22:21:46.0622 1068 adp94xx - ok
22:21:46.0801 1068 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
22:21:46.0823 1068 adpahci - ok
22:21:47.0151 1068 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
22:21:47.0168 1068 adpu320 - ok
22:21:47.0372 1068 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:21:47.0553 1068 AeLookupSvc - ok
22:21:47.0836 1068 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:21:47.0982 1068 AFD - ok
22:21:48.0152 1068 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:21:48.0173 1068 agp440 - ok
22:21:48.0339 1068 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:21:48.0425 1068 ALG - ok
22:21:48.0578 1068 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:21:48.0599 1068 aliide - ok
22:21:49.0099 1068 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:21:49.0123 1068 amdide - ok
22:21:49.0631 1068 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
22:21:49.0696 1068 AmdK8 - ok
22:21:49.0930 1068 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
22:21:50.0113 1068 AmdPPM - ok
22:21:50.0419 1068 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:21:50.0502 1068 amdsata - ok
22:21:50.0962 1068 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
22:21:51.0053 1068 amdsbs - ok
22:21:51.0793 1068 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:21:51.0809 1068 amdxata - ok
22:21:52.0089 1068 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
22:21:52.0145 1068 AMPPAL - ok
22:21:52.0323 1068 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
22:21:52.0337 1068 AMPPALP - ok
22:21:52.0578 1068 AMPPALR3 (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
22:21:52.0725 1068 AMPPALR3 - ok
22:21:53.0239 1068 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:21:53.0324 1068 AntiVirSchedulerService - ok
22:21:53.0437 1068 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:21:53.0457 1068 AntiVirService - ok
22:21:53.0576 1068 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:21:54.0003 1068 AppID - ok
22:21:54.0129 1068 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:21:54.0200 1068 AppIDSvc - ok
22:21:54.0441 1068 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:21:54.0571 1068 Appinfo - ok
22:21:55.0027 1068 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
22:21:55.0373 1068 arc - ok
22:21:55.0721 1068 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
22:21:55.0797 1068 arcsas - ok
22:21:56.0140 1068 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:21:56.0233 1068 AsyncMac - ok
22:21:56.0364 1068 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:21:56.0394 1068 atapi - ok
22:21:56.0761 1068 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:21:57.0403 1068 AudioEndpointBuilder - ok
22:21:57.0449 1068 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:21:57.0525 1068 AudioSrv - ok
22:21:57.0719 1068 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
22:21:57.0757 1068 avgntflt - ok
22:21:57.0969 1068 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
22:21:58.0001 1068 avipbb - ok
22:21:58.0196 1068 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
22:21:58.0233 1068 avkmgr - ok
22:21:58.0487 1068 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:21:58.0653 1068 AxInstSV - ok
22:21:59.0542 1068 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
22:21:59.0660 1068 b06bdrv - ok
22:21:59.0783 1068 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:21:59.0872 1068 b57nd60a - ok
22:22:00.0008 1068 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:22:00.0068 1068 BDESVC - ok
22:22:00.0216 1068 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:22:00.0323 1068 Beep - ok
22:22:00.0565 1068 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:22:00.0678 1068 BFE - ok
22:22:01.0737 1068 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
22:22:01.0833 1068 BITS - ok
22:22:01.0968 1068 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
22:22:02.0025 1068 blbdrive - ok
22:22:02.0181 1068 Bluetooth Device Monitor (55b0c8441de7d91a819a39d0351154a2) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
22:22:02.0225 1068 Bluetooth Device Monitor - ok
22:22:02.0567 1068 Bluetooth Media Service (7e262330df0c4be4ece853b59b9cbe4c) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
22:22:02.0623 1068 Bluetooth Media Service - ok
22:22:02.0911 1068 Bluetooth OBEX Service (8bf4b9956e13871a88a3810074e2e110) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
22:22:02.0952 1068 Bluetooth OBEX Service - ok
22:22:03.0071 1068 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:22:03.0089 1068 Bonjour Service - ok
22:22:03.0355 1068 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:22:03.0681 1068 bowser - ok
22:22:03.0959 1068 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
22:22:04.0059 1068 BrFiltLo - ok
22:22:04.0294 1068 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
22:22:04.0406 1068 BrFiltUp - ok
22:22:04.0631 1068 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:22:04.0727 1068 BridgeMP - ok
22:22:04.0933 1068 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:22:05.0439 1068 Browser - ok
22:22:05.0887 1068 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:22:05.0936 1068 Brserid - ok
22:22:06.0095 1068 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:22:06.0141 1068 BrSerWdm - ok
22:22:06.0328 1068 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:22:06.0387 1068 BrUsbMdm - ok
22:22:06.0608 1068 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:22:06.0663 1068 BrUsbSer - ok
22:22:07.0225 1068 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
22:22:07.0425 1068 BthEnum - ok
22:22:08.0634 1068 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
22:22:08.0771 1068 BTHMODEM - ok
22:22:09.0109 1068 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:22:09.0243 1068 BthPan - ok
22:22:09.0735 1068 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
22:22:09.0845 1068 BTHPORT - ok
22:22:10.0102 1068 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:22:10.0204 1068 bthserv - ok
22:22:10.0281 1068 BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
22:22:10.0311 1068 BTHSSecurityMgr - ok
22:22:10.0437 1068 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
22:22:10.0491 1068 BTHUSB - ok
22:22:10.0617 1068 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys
22:22:10.0779 1068 btmaux - ok
22:22:11.0214 1068 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
22:22:11.0325 1068 btmhsf - ok
22:22:11.0367 1068 catchme - ok
22:22:11.0630 1068 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:22:11.0712 1068 cdfs - ok
22:22:11.0930 1068 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:22:11.0976 1068 cdrom - ok
22:22:12.0135 1068 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:22:12.0208 1068 CertPropSvc - ok
22:22:12.0474 1068 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
22:22:12.0533 1068 circlass - ok
22:22:12.0703 1068 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:22:12.0737 1068 CLFS - ok
22:22:13.0807 1068 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:22:13.0840 1068 clr_optimization_v2.0.50727_32 - ok
22:22:15.0738 1068 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:22:15.0775 1068 clr_optimization_v2.0.50727_64 - ok
22:22:16.0131 1068 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:22:16.0154 1068 clr_optimization_v4.0.30319_32 - ok
22:22:16.0392 1068 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:22:16.0437 1068 clr_optimization_v4.0.30319_64 - ok
22:22:16.0647 1068 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
22:22:16.0674 1068 clwvd - ok
22:22:17.0022 1068 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
22:22:17.0095 1068 CmBatt - ok
22:22:17.0262 1068 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:22:17.0299 1068 cmdide - ok
22:22:17.0605 1068 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:22:17.0684 1068 CNG - ok
22:22:18.0367 1068 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
22:22:18.0394 1068 Compbatt - ok
22:22:18.0632 1068 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:22:18.0881 1068 CompositeBus - ok
22:22:18.0966 1068 COMSysApp - ok
22:22:19.0089 1068 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
22:22:19.0119 1068 crcdisk - ok
22:22:19.0328 1068 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
22:22:19.0437 1068 CryptSvc - ok
22:22:19.0697 1068 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:22:19.0751 1068 cvhsvc - ok
22:22:20.0039 1068 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:22:20.0215 1068 DcomLaunch - ok
22:22:20.0384 1068 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:22:20.0522 1068 defragsvc - ok
22:22:20.0781 1068 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:22:20.0882 1068 DfsC - ok
22:22:21.0598 1068 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:22:21.0723 1068 Dhcp - ok
22:22:21.0914 1068 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:22:22.0127 1068 discache - ok
22:22:22.0358 1068 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
22:22:22.0406 1068 Disk - ok
22:22:22.0674 1068 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:22:22.0798 1068 Dnscache - ok
22:22:23.0148 1068 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:22:23.0315 1068 dot3svc - ok
22:22:23.0537 1068 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:22:23.0625 1068 DPS - ok
22:22:23.0857 1068 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:22:23.0919 1068 drmkaud - ok
22:22:24.0125 1068 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:22:24.0150 1068 DXGKrnl - ok
22:22:24.0299 1068 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:22:24.0375 1068 EapHost - ok
22:22:24.0791 1068 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
22:22:24.0947 1068 ebdrv - ok
22:22:25.0119 1068 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:22:25.0167 1068 EFS - ok
22:22:25.0375 1068 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:22:25.0487 1068 ehRecvr - ok
22:22:25.0622 1068 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:22:25.0684 1068 ehSched - ok
22:22:25.0993 1068 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
22:22:26.0045 1068 elxstor - ok
22:22:26.0458 1068 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:22:26.0540 1068 ErrDev - ok
22:22:26.0944 1068 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:22:27.0043 1068 EventSystem - ok
22:22:27.0495 1068 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:22:27.0660 1068 EvtEng - ok
22:22:27.0972 1068 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:22:28.0068 1068 exfat - ok
22:22:28.0411 1068 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:22:28.0629 1068 fastfat - ok
22:22:29.0161 1068 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:22:29.0193 1068 Fax - ok
22:22:29.0386 1068 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
22:22:29.0458 1068 fdc - ok
22:22:29.0704 1068 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:22:29.0792 1068 fdPHost - ok
22:22:30.0057 1068 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:22:30.0145 1068 FDResPub - ok
22:22:30.0364 1068 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:22:30.0405 1068 FileInfo - ok
22:22:30.0561 1068 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:22:31.0075 1068 Filetrace - ok
22:22:31.0769 1068 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
22:22:31.0790 1068 flpydisk - ok
22:22:32.0053 1068 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:22:32.0146 1068 FltMgr - ok
22:22:32.0428 1068 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:22:32.0463 1068 FontCache - ok
22:22:32.0650 1068 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:22:32.0688 1068 FontCache3.0.0.0 - ok
22:22:33.0035 1068 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:22:33.0053 1068 FsDepends - ok
22:22:33.0257 1068 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:22:33.0267 1068 Fs_Rec - ok
22:22:33.0425 1068 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:22:33.0452 1068 fvevol - ok
22:22:33.0563 1068 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
22:22:33.0590 1068 gagp30kx - ok
22:22:33.0718 1068 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:22:33.0727 1068 GEARAspiWDM - ok
22:22:33.0863 1068 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:22:33.0990 1068 gpsvc - ok
22:22:34.0193 1068 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:22:34.0214 1068 gupdate - ok
22:22:34.0268 1068 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:22:34.0276 1068 gupdatem - ok
22:22:34.0432 1068 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:22:34.0440 1068 gusvc - ok
22:22:34.0661 1068 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:22:34.0699 1068 hcw85cir - ok
22:22:34.0934 1068 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:22:35.0019 1068 HdAudAddService - ok
22:22:35.0228 1068 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:22:35.0265 1068 HDAudBus - ok
22:22:35.0487 1068 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
22:22:35.0552 1068 HidBatt - ok
22:22:35.0705 1068 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
22:22:35.0744 1068 HidBth - ok
22:22:35.0885 1068 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
22:22:35.0912 1068 HidIr - ok
22:22:36.0040 1068 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
22:22:36.0116 1068 hidserv - ok
22:22:36.0311 1068 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:22:36.0345 1068 HidUsb - ok
22:22:36.0446 1068 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:22:36.0525 1068 hkmsvc - ok
22:22:37.0015 1068 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:22:37.0124 1068 HomeGroupListener - ok
22:22:37.0287 1068 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:22:37.0337 1068 HomeGroupProvider - ok
22:22:37.0545 1068 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:22:37.0597 1068 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:22:37.0598 1068 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:22:37.0751 1068 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:22:37.0773 1068 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
22:22:37.0773 1068 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
22:22:38.0033 1068 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:22:38.0091 1068 HpSAMD - ok
22:22:38.0370 1068 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
22:22:38.0440 1068 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
22:22:38.0440 1068 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
22:22:38.0767 1068 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:22:39.0117 1068 HTTP - ok
22:22:39.0712 1068 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:22:39.0737 1068 hwpolicy - ok
22:22:39.0998 1068 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:22:40.0048 1068 i8042prt - ok
22:22:40.0892 1068 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys
22:22:40.0932 1068 iaStor - ok
22:22:41.0239 1068 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:22:41.0257 1068 IAStorDataMgrSvc - ok
22:22:41.0552 1068 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:22:41.0615 1068 iaStorV - ok
22:22:41.0832 1068 iBtFltCoex (de9e40baee2e48fd1e3eb423074c014c) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
22:22:41.0884 1068 iBtFltCoex - ok
22:22:42.0153 1068 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:22:42.0262 1068 idsvc - ok
22:22:43.0080 1068 igfx (10bb0dc3361c9420cc1b0b2128bb89db) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:22:43.0785 1068 igfx - ok
22:22:44.0015 1068 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
22:22:44.0055 1068 iirsp - ok
22:22:44.0312 1068 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:22:44.0473 1068 IKEEXT - ok
22:22:44.0685 1068 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
22:22:44.0714 1068 intaud_WaveExtensible - ok
22:22:45.0147 1068 IntcAzAudAddService (5205de9bd47f633e06ef3ef3de11ef99) C:\Windows\system32\drivers\RTKVHD64.sys
22:22:45.0223 1068 IntcAzAudAddService - ok
22:22:45.0445 1068 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:22:45.0573 1068 IntcDAud - ok
22:22:45.0770 1068 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:22:45.0798 1068 intelide - ok
22:22:45.0997 1068 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:22:46.0075 1068 intelppm - ok
22:22:46.0273 1068 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:22:46.0421 1068 IPBusEnum - ok
22:22:46.0722 1068 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:22:46.0862 1068 IpFilterDriver - ok
22:22:47.0111 1068 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:22:47.0217 1068 iphlpsvc - ok
22:22:47.0474 1068 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:22:47.0587 1068 IPMIDRV - ok
22:22:47.0859 1068 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:22:47.0997 1068 IPNAT - ok
22:22:48.0256 1068 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
22:22:48.0315 1068 iPod Service - ok
22:22:48.0513 1068 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:22:48.0600 1068 IRENUM - ok
22:22:48.0729 1068 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:22:48.0770 1068 isapnp - ok
22:22:49.0436 1068 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:22:49.0482 1068 iScsiPrt - ok
22:22:49.0726 1068 IT9135BDA (c85a3ca3ed24dd7336fbac1112c3d831) C:\Windows\system32\Drivers\IT9135BDA.sys
22:22:49.0830 1068 IT9135BDA - ok
22:22:50.0003 1068 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\drivers\iwdbus.sys
22:22:50.0028 1068 iwdbus - ok
22:22:50.0259 1068 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:22:50.0290 1068 kbdclass - ok
22:22:50.0449 1068 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:22:50.0522 1068 kbdhid - ok
22:22:50.0742 1068 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:22:50.0769 1068 KeyIso - ok
22:22:50.0936 1068 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:22:50.0971 1068 KSecDD - ok
22:22:51.0150 1068 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:22:51.0192 1068 KSecPkg - ok
22:22:51.0348 1068 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:22:51.0448 1068 ksthunk - ok
22:22:51.0608 1068 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:22:51.0770 1068 KtmRm - ok
22:22:51.0983 1068 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:22:52.0010 1068 L1C - ok
22:22:52.0160 1068 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
22:22:52.0289 1068 LanmanServer - ok
22:22:52.0530 1068 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:22:52.0643 1068 LanmanWorkstation - ok
22:22:52.0799 1068 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:22:52.0848 1068 lltdio - ok
22:22:53.0364 1068 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:22:53.0448 1068 lltdsvc - ok
22:22:53.0635 1068 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:22:53.0720 1068 lmhosts - ok
22:22:53.0904 1068 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:22:53.0920 1068 LMS - ok
22:22:54.0158 1068 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
22:22:54.0172 1068 LSI_FC - ok
22:22:54.0308 1068 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
22:22:54.0333 1068 LSI_SAS - ok
22:22:54.0549 1068 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
22:22:54.0588 1068 LSI_SAS2 - ok
22:22:54.0932 1068 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
22:22:54.0993 1068 LSI_SCSI - ok
22:22:55.0521 1068 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:22:55.0631 1068 luafv - ok
22:22:55.0851 1068 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:22:55.0901 1068 Mcx2Svc - ok
22:22:56.0186 1068 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
22:22:56.0262 1068 megasas - ok
22:22:56.0477 1068 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
22:22:56.0507 1068 MegaSR - ok
22:22:56.0626 1068 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
22:22:56.0651 1068 MEIx64 - ok
22:22:56.0787 1068 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:22:56.0879 1068 MMCSS - ok
22:22:57.0148 1068 mod7764 (97b041bb78636edc0a7b0ab68c98eb9b) C:\Windows\system32\DRIVERS\mod77-64.sys
22:22:57.0251 1068 mod7764 - ok
22:22:57.0449 1068 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:22:57.0572 1068 Modem - ok
22:22:57.0744 1068 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:22:57.0805 1068 monitor - ok
22:22:57.0985 1068 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:22:58.0015 1068 mouclass - ok
22:22:58.0248 1068 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:22:58.0319 1068 mouhid - ok
22:22:58.0443 1068 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:22:58.0458 1068 mountmgr - ok
22:22:58.0568 1068 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:22:58.0609 1068 mpio - ok
22:22:58.0944 1068 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:22:59.0052 1068 mpsdrv - ok
22:22:59.0192 1068 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:22:59.0393 1068 MpsSvc - ok
22:22:59.0490 1068 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:22:59.0555 1068 MRxDAV - ok
22:22:59.0844 1068 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:23:00.0116 1068 mrxsmb - ok
22:23:00.0393 1068 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:23:00.0457 1068 mrxsmb10 - ok
22:23:01.0141 1068 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:23:01.0211 1068 mrxsmb20 - ok
22:23:01.0514 1068 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:23:01.0622 1068 msahci - ok
22:23:01.0739 1068 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:23:01.0767 1068 msdsm - ok
22:23:01.0960 1068 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:23:02.0019 1068 MSDTC - ok
22:23:02.0330 1068 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:23:02.0443 1068 Msfs - ok
22:23:02.0748 1068 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:23:02.0844 1068 mshidkmdf - ok
22:23:03.0018 1068 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:23:03.0097 1068 msisadrv - ok
22:23:03.0243 1068 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:23:03.0390 1068 MSiSCSI - ok
22:23:03.0567 1068 msiserver - ok
22:23:03.0850 1068 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:23:04.0103 1068 MSKSSRV - ok
22:23:04.0388 1068 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:23:04.0473 1068 MSPCLOCK - ok
22:23:04.0707 1068 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:23:04.0807 1068 MSPQM - ok
22:23:05.0033 1068 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:23:05.0104 1068 MsRPC - ok
22:23:05.0437 1068 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:23:05.0459 1068 mssmbios - ok
22:23:05.0669 1068 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:23:05.0816 1068 MSTEE - ok
22:23:05.0956 1068 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
22:23:06.0036 1068 MTConfig - ok
22:23:06.0187 1068 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:23:06.0218 1068 Mup - ok
22:23:06.0378 1068 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:23:06.0430 1068 MyWiFiDHCPDNS - ok
22:23:06.0701 1068 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:23:06.0838 1068 napagent - ok
22:23:07.0236 1068 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:23:07.0262 1068 NativeWifiP - ok
22:23:07.0438 1068 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:23:07.0464 1068 NDIS - ok
22:23:07.0725 1068 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:23:07.0762 1068 NdisCap - ok
22:23:07.0916 1068 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:23:07.0979 1068 NdisTapi - ok
22:23:08.0261 1068 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:23:08.0361 1068 Ndisuio - ok
22:23:08.0585 1068 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:23:08.0715 1068 NdisWan - ok
22:23:08.0879 1068 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:23:08.0959 1068 NDProxy - ok
22:23:09.0158 1068 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
22:23:09.0206 1068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:23:09.0206 1068 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:23:09.0401 1068 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:23:09.0517 1068 NetBIOS - ok
22:23:09.0660 1068 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:23:09.0759 1068 NetBT - ok
22:23:09.0898 1068 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:23:09.0926 1068 Netlogon - ok
22:23:09.0981 1068 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:23:10.0085 1068 Netman - ok
22:23:10.0237 1068 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:23:10.0350 1068 netprofm - ok
22:23:10.0488 1068 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:23:10.0525 1068 NetTcpPortSharing - ok
22:23:11.0536 1068 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
22:23:11.0968 1068 NETwNs64 - ok
22:23:12.0127 1068 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
22:23:12.0171 1068 nfrd960 - ok
22:23:12.0331 1068 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:23:12.0423 1068 NlaSvc - ok
22:23:12.0542 1068 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:23:12.0701 1068 Npfs - ok
22:23:12.0905 1068 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:23:12.0940 1068 nsi - ok
22:23:13.0113 1068 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:23:13.0162 1068 nsiproxy - ok
22:23:13.0441 1068 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:23:13.0525 1068 Ntfs - ok
22:23:13.0722 1068 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:23:13.0777 1068 Null - ok
22:23:14.0712 1068 nvlddmkm (78b41fa4e5d84dbe0a45aadd9a5f6b21) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:23:14.0922 1068 nvlddmkm - ok
22:23:15.0074 1068 nvpciflt (5fc0f23e4abb83f2c54b78993742979f) C:\Windows\system32\DRIVERS\nvpciflt.sys
22:23:15.0098 1068 nvpciflt - ok
22:23:15.0333 1068 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:23:15.0357 1068 nvraid - ok
22:23:15.0699 1068 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:23:15.0740 1068 nvstor - ok
22:23:16.0184 1068 NVSvc (50ae09926b79db1a29700021afd442be) C:\Windows\system32\nvvsvc.exe
22:23:16.0217 1068 NVSvc - ok
22:23:16.0991 1068 nvUpdatusService (700794925c9590fcf5235995895e2baf) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
22:23:17.0081 1068 nvUpdatusService - ok
22:23:17.0426 1068 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:23:17.0441 1068 nv_agp - ok
22:23:17.0849 1068 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:23:17.0902 1068 ohci1394 - ok
22:23:18.0107 1068 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:23:18.0148 1068 ose - ok
22:23:18.0958 1068 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:23:19.0316 1068 osppsvc - ok
22:23:19.0471 1068 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:23:19.0522 1068 p2pimsvc - ok
22:23:19.0678 1068 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:23:19.0764 1068 p2psvc - ok
22:23:19.0905 1068 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
22:23:19.0965 1068 Parport - ok
22:23:20.0197 1068 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:23:20.0283 1068 partmgr - ok
22:23:20.0507 1068 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:23:20.0600 1068 PcaSvc - ok
22:23:20.0722 1068 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:23:20.0768 1068 pci - ok
22:23:20.0885 1068 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:23:20.0927 1068 pciide - ok
22:23:21.0046 1068 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
22:23:21.0105 1068 pcmcia - ok
22:23:21.0245 1068 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:23:21.0275 1068 pcw - ok
22:23:21.0440 1068 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:23:21.0612 1068 PEAUTH - ok
22:23:21.0907 1068 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:23:21.0962 1068 PerfHost - ok
22:23:22.0189 1068 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:23:22.0416 1068 pla - ok
22:23:22.0604 1068 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:23:22.0707 1068 PlugPlay - ok
22:23:22.0916 1068 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
22:23:22.0966 1068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:23:22.0966 1068 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:23:23.0161 1068 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:23:23.0240 1068 PNRPAutoReg - ok
22:23:23.0460 1068 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:23:23.0497 1068 PNRPsvc - ok
22:23:23.0745 1068 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:23:23.0876 1068 PolicyAgent - ok
22:23:24.0185 1068 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:23:25.0718 1068 Power - ok
22:23:26.0001 1068 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:23:26.0088 1068 PptpMiniport - ok
22:23:26.0272 1068 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
22:23:26.0337 1068 Processor - ok
22:23:26.0520 1068 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
22:23:26.0847 1068 ProfSvc - ok
22:23:27.0243 1068 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:23:27.0271 1068 ProtectedStorage - ok
22:23:27.0450 1068 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:23:27.0535 1068 Psched - ok
22:23:27.0637 1068 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
22:23:27.0728 1068 PSI_SVC_2 - ok
22:23:27.0902 1068 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
22:23:28.0055 1068 ql2300 - ok
22:23:28.0385 1068 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
22:23:28.0535 1068 ql40xx - ok
22:23:28.0635 1068 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:23:28.0741 1068 QWAVE - ok
22:23:28.0881 1068 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:23:28.0918 1068 QWAVEdrv - ok
22:23:29.0193 1068 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:23:29.0276 1068 RasAcd - ok
22:23:29.0555 1068 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:23:29.0707 1068 RasAgileVpn - ok
22:23:29.0929 1068 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:23:30.0078 1068 RasAuto - ok
22:23:30.0402 1068 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:23:30.0501 1068 Rasl2tp - ok
22:23:30.0809 1068 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:23:31.0158 1068 RasMan - ok
22:23:31.0439 1068 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:23:31.0541 1068 RasPppoe - ok
22:23:31.0666 1068 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:23:31.0764 1068 RasSstp - ok
22:23:31.0881 1068 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:23:32.0001 1068 rdbss - ok
22:23:32.0122 1068 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
22:23:32.0205 1068 rdpbus - ok
22:23:32.0475 1068 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:23:32.0560 1068 RDPCDD - ok
22:23:32.0712 1068 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:23:32.0791 1068 RDPENCDD - ok
22:23:32.0907 1068 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:23:32.0958 1068 RDPREFMP - ok
22:23:33.0115 1068 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
22:23:33.0170 1068 RDPWD - ok
22:23:33.0329 1068 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:23:33.0607 1068 rdyboost - ok
22:23:33.0744 1068 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:23:33.0792 1068 RegSrvc - ok
22:23:33.0888 1068 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:23:33.0978 1068 RemoteAccess - ok
22:23:34.0165 1068 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:23:34.0290 1068 RemoteRegistry - ok
22:23:34.0510 1068 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:23:34.0559 1068 RFCOMM - ok
22:23:34.0683 1068 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
22:23:34.0744 1068 RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:23:34.0744 1068 RichVideo - detected UnsignedFile.Multi.Generic (1)
22:23:34.0838 1068 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:23:34.0911 1068 RpcEptMapper - ok
22:23:35.0121 1068 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:23:35.0152 1068 RpcLocator - ok
22:23:35.0374 1068 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:23:35.0446 1068 RpcSs - ok
22:23:35.0886 1068 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:23:35.0950 1068 rspndr - ok
22:23:36.0210 1068 RSUSBVSTOR (ce0a1d8a59410e698140821e4e69da0d) C:\Windows\System32\Drivers\RtsUVStor.sys
22:23:36.0242 1068 RSUSBVSTOR - ok
22:23:36.0465 1068 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:23:36.0475 1068 SamSs - ok
22:23:36.0675 1068 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:23:37.0155 1068 sbp2port - ok
22:23:37.0383 1068 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:23:37.0482 1068 SCardSvr - ok
22:23:37.0771 1068 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:23:37.0871 1068 scfilter - ok
22:23:38.0248 1068 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:23:38.0770 1068 Schedule - ok
22:23:39.0471 1068 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:23:39.0519 1068 SCPolicySvc - ok
22:23:39.0754 1068 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:23:39.0821 1068 SDRSVC - ok
22:23:39.0987 1068 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:23:40.0054 1068 secdrv - ok
22:23:40.0290 1068 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:23:40.0421 1068 seclogon - ok
22:23:40.0690 1068 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
22:23:40.0972 1068 SENS - ok
22:23:41.0689 1068 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:23:41.0769 1068 SensrSvc - ok
22:23:42.0092 1068 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
22:23:42.0149 1068 Serenum - ok
22:23:42.0329 1068 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
22:23:42.0384 1068 Serial - ok
22:23:42.0650 1068 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
22:23:42.0723 1068 sermouse - ok
22:23:43.0144 1068 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:23:43.0299 1068 SessionEnv - ok
22:23:43.0722 1068 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:23:43.0785 1068 sffdisk - ok
22:23:44.0293 1068 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:23:44.0337 1068 sffp_mmc - ok
22:23:44.0633 1068 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:23:44.0715 1068 sffp_sd - ok
22:23:44.0912 1068 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
22:23:44.0947 1068 sfloppy - ok
22:23:45.0094 1068 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:23:45.0152 1068 Sftfs - ok
22:23:45.0331 1068 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:23:45.0415 1068 sftlist - ok
22:23:45.0582 1068 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:23:45.0612 1068 Sftplay - ok
22:23:45.0770 1068 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:23:45.0804 1068 Sftredir - ok
22:23:46.0039 1068 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:23:46.0212 1068 Sftvol - ok
22:23:46.0338 1068 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:23:46.0375 1068 sftvsa - ok
22:23:46.0472 1068 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:23:46.0533 1068 SharedAccess - ok
22:23:46.0685 1068 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:23:46.0752 1068 ShellHWDetection - ok
22:23:47.0377 1068 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
22:23:47.0534 1068 SiSRaid2 - ok
22:23:47.0807 1068 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
22:23:47.0878 1068 SiSRaid4 - ok
22:23:48.0062 1068 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:23:48.0178 1068 Smb - ok
22:23:48.0340 1068 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:23:48.0403 1068 SNMPTRAP - ok
22:23:48.0652 1068 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:23:48.0752 1068 spldr - ok
22:23:49.0281 1068 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:23:49.0343 1068 Spooler - ok
22:23:49.0759 1068 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:23:49.0940 1068 sppsvc - ok
22:23:50.0153 1068 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:23:50.0263 1068 sppuinotify - ok
22:23:50.0399 1068 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:23:50.0564 1068 srv - ok
22:23:50.0695 1068 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:23:50.0887 1068 srv2 - ok
22:23:51.0061 1068 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:23:51.0123 1068 srvnet - ok
22:23:51.0210 1068 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:23:51.0311 1068 SSDPSRV - ok
22:23:51.0471 1068 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:23:51.0868 1068 SstpSvc - ok
22:23:52.0196 1068 Stereo Service (2bfffc1bee0b5624248be4f0a461a921) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:23:52.0271 1068 Stereo Service - ok
22:23:52.0471 1068 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
22:23:52.0536 1068 stexstor - ok
22:23:52.0839 1068 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
22:23:52.0938 1068 StillCam - ok
22:23:53.0264 1068 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:23:53.0432 1068 stisvc - ok
22:23:53.0693 1068 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:23:53.0752 1068 swenum - ok
22:23:54.0036 1068 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:23:54.0162 1068 swprv - ok
22:23:54.0315 1068 SynTP (b3ad15fa10ebeafc1275f34050e4e230) C:\Windows\system32\drivers\SynTP.sys
22:23:54.0390 1068 SynTP - ok
22:23:54.0619 1068 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:23:54.0717 1068 SysMain - ok
22:23:54.0913 1068 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:23:55.0041 1068 TabletInputService - ok
22:23:55.0293 1068 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:23:55.0413 1068 TapiSrv - ok
22:23:55.0630 1068 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:23:55.0697 1068 TBS - ok
22:23:55.0879 1068 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:23:55.0974 1068 Tcpip - ok
22:23:56.0213 1068 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:23:56.0283 1068 TCPIP6 - ok
22:23:56.0436 1068 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:23:56.0544 1068 tcpipreg - ok
22:23:56.0694 1068 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:23:56.0750 1068 TDPIPE - ok
22:23:56.0983 1068 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:23:57.0221 1068 TDTCP - ok
22:23:57.0488 1068 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:23:57.0591 1068 tdx - ok
22:23:57.0824 1068 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:23:57.0898 1068 TermDD - ok
22:23:58.0031 1068 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:23:58.0168 1068 TermService - ok
22:23:58.0269 1068 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:23:58.0332 1068 Themes - ok
22:23:58.0456 1068 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:23:58.0523 1068 THREADORDER - ok
22:23:58.0680 1068 tihub3 (68fe3d89829e27d4fd5eea7bd2c41985) C:\Windows\system32\drivers\tihub3.sys
22:23:58.0728 1068 tihub3 - ok
22:23:58.0993 1068 tixhci (0102c9633ce1f18a6ac021f28b734db5) C:\Windows\system32\drivers\tixhci.sys
22:23:59.0086 1068 tixhci - ok
22:23:59.0350 1068 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:23:59.0461 1068 TrkWks - ok
22:23:59.0591 1068 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:23:59.0692 1068 TrustedInstaller - ok
22:23:59.0827 1068 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:23:59.0948 1068 tssecsrv - ok
22:24:00.0078 1068 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:24:00.0146 1068 TsUsbFlt - ok
22:24:00.0310 1068 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
22:24:00.0346 1068 TsUsbGD - ok
22:24:00.0535 1068 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:24:00.0630 1068 tunnel - ok
22:24:00.0790 1068 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
22:24:00.0886 1068 uagp35 - ok
22:24:01.0049 1068 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:24:01.0129 1068 udfs - ok
22:24:01.0211 1068 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:24:01.0267 1068 UI0Detect - ok
22:24:01.0415 1068 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:24:01.0482 1068 uliagpkx - ok
22:24:01.0724 1068 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:24:01.0783 1068 umbus - ok
22:24:01.0924 1068 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
22:24:01.0981 1068 UmPass - ok
22:24:02.0163 1068 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:24:02.0273 1068 UNS - ok
22:24:02.0366 1068 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:24:02.0476 1068 upnphost - ok
22:24:02.0882 1068 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:24:03.0109 1068 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
22:24:03.0109 1068 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
22:24:03.0591 1068 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:24:03.0644 1068 usbccgp - ok
22:24:03.0880 1068 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:24:04.0008 1068 usbcir - ok
22:24:04.0123 1068 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:24:04.0172 1068 usbehci - ok
22:24:04.0289 1068 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
22:24:04.0372 1068 usbhub - ok
22:24:04.0499 1068 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:24:04.0555 1068 usbohci - ok
22:24:04.0723 1068 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
22:24:04.0812 1068 usbprint - ok
22:24:04.0934 1068 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:24:05.0008 1068 USBSTOR - ok
22:24:05.0157 1068 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:24:05.0215 1068 usbuhci - ok
22:24:05.0380 1068 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:24:05.0530 1068 UxSms - ok
22:24:05.0656 1068 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:24:05.0682 1068 VaultSvc - ok
22:24:05.0805 1068 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:24:05.0840 1068 vdrvroot - ok
22:24:05.0982 1068 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:24:06.0076 1068 vds - ok
22:24:06.0186 1068 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:24:06.0227 1068 vga - ok
22:24:06.0352 1068 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:24:06.0451 1068 VgaSave - ok
22:24:06.0593 1068 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:24:06.0642 1068 vhdmp - ok
22:24:06.0801 1068 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:24:06.0854 1068 viaide - ok
22:24:06.0966 1068 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:24:07.0011 1068 volmgr - ok
22:24:07.0138 1068 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:24:07.0178 1068 volmgrx - ok
22:24:07.0292 1068 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:24:07.0357 1068 volsnap - ok
22:24:07.0501 1068 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
22:24:07.0536 1068 vsmraid - ok
22:24:07.0771 1068 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:24:07.0927 1068 VSS - ok
22:24:08.0056 1068 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:24:08.0132 1068 vwifibus - ok
22:24:08.0265 1068 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:24:08.0344 1068 vwififlt - ok
22:24:08.0544 1068 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:24:08.0583 1068 vwifimp - ok
22:24:08.0674 1068 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:24:08.0771 1068 W32Time - ok
22:24:08.0929 1068 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
22:24:08.0985 1068 WacomPen - ok
22:24:09.0098 1068 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:24:09.0210 1068 WANARP - ok
22:24:09.0242 1068 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:24:09.0295 1068 Wanarpv6 - ok
22:24:09.0495 1068 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:24:09.0664 1068 WatAdminSvc - ok
22:24:09.0747 1068 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
22:24:09.0780 1068 watchmi ( UnsignedFile.Multi.Generic ) - warning
22:24:09.0780 1068 watchmi - detected UnsignedFile.Multi.Generic (1)
22:24:10.0057 1068 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:24:10.0238 1068 wbengine - ok
22:24:10.0381 1068 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:24:10.0498 1068 WbioSrvc - ok
22:24:10.0685 1068 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:24:10.0778 1068 wcncsvc - ok
22:24:10.0868 1068 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:24:10.0929 1068 WcsPlugInService - ok
22:24:11.0038 1068 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
22:24:11.0084 1068 Wd - ok
22:24:11.0220 1068 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:24:11.0298 1068 Wdf01000 - ok
22:24:11.0403 1068 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:24:11.0502 1068 WdiServiceHost - ok
22:24:11.0536 1068 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:24:11.0575 1068 WdiSystemHost - ok
22:24:11.0710 1068 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:24:11.0827 1068 WebClient - ok
22:24:11.0990 1068 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:24:12.0094 1068 Wecsvc - ok
22:24:12.0276 1068 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:24:12.0392 1068 wercplsupport - ok
22:24:12.0564 1068 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:24:12.0666 1068 WerSvc - ok
22:24:12.0914 1068 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:24:13.0020 1068 WfpLwf - ok
22:24:13.0156 1068 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:24:13.0193 1068 WIMMount - ok
22:24:13.0236 1068 WinDefend - ok
22:24:13.0246 1068 WinHttpAutoProxySvc - ok
22:24:13.0367 1068 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:24:13.0501 1068 Winmgmt - ok
22:24:13.0700 1068 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:24:13.0889 1068 WinRM - ok
22:24:14.0037 1068 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:24:14.0092 1068 WinUsb - ok
22:24:14.0191 1068 WisLMSvc (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
22:24:14.0212 1068 WisLMSvc - ok
22:24:14.0371 1068 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:24:14.0463 1068 Wlansvc - ok
22:24:14.0550 1068 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:24:14.0594 1068 wlcrasvc - ok
22:24:14.0774 1068 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:24:15.0048 1068 wlidsvc - ok
22:24:15.0198 1068 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:24:15.0226 1068 WmiAcpi - ok
22:24:15.0376 1068 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:24:15.0502 1068 wmiApSrv - ok
22:24:15.0568 1068 WMPNetworkSvc - ok
22:24:15.0679 1068 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:24:16.0365 1068 WPCSvc - ok
22:24:16.0574 1068 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:24:16.0616 1068 WPDBusEnum - ok
22:24:16.0962 1068 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:24:17.0037 1068 ws2ifsl - ok
22:24:17.0239 1068 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
22:24:17.0319 1068 wscsvc - ok
22:24:17.0468 1068 WSearch - ok
22:24:17.0815 1068 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
22:24:17.0940 1068 wuauserv - ok
22:24:18.0060 1068 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:24:18.0171 1068 WudfPf - ok
22:24:18.0297 1068 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:24:18.0412 1068 WUDFRd - ok
22:24:18.0518 1068 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:24:18.0627 1068 wudfsvc - ok
22:24:18.0709 1068 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:24:18.0808 1068 WwanSvc - ok
22:24:18.0883 1068 MBR (0x1B8) (01c6ae8eadd5f5b4c22dd5848d9cb4b9) \Device\Harddisk0\DR0
22:24:22.0200 1068 \Device\Harddisk0\DR0 - ok
22:24:22.0203 1068 Boot (0x1200) (0893f851186ea76fbd050dbcead21dba) \Device\Harddisk0\DR0\Partition0
22:24:22.0204 1068 \Device\Harddisk0\DR0\Partition0 - ok
22:24:22.0234 1068 Boot (0x1200) (a26883ec8303b04ea25b634bcb018688) \Device\Harddisk0\DR0\Partition1
22:24:22.0235 1068 \Device\Harddisk0\DR0\Partition1 - ok
22:24:22.0265 1068 Boot (0x1200) (ff2e9fcd24c175364be0cad3c52c7abd) \Device\Harddisk0\DR0\Partition2
22:24:22.0297 1068 \Device\Harddisk0\DR0\Partition2 - ok
22:24:22.0297 1068 ============================================================
22:24:22.0297 1068 Scan finished
22:24:22.0297 1068 ============================================================
22:24:22.0308 5104 Detected object count: 8
22:24:22.0308 5104 Actual detected object count: 8
22:25:42.0411 5104 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0411 5104 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0412 5104 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0412 5104 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0416 5104 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0416 5104 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0420 5104 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0420 5104 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0424 5104 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0424 5104 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0427 5104 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0427 5104 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0432 5104 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0432 5104 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:25:42.0434 5104 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
22:25:42.0435 5104 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip

wird noch umgeleitet?

Hallo,

Nein, sieht jetzt gut aus!
Was wars denn für ein ein Trojaner, und ist das System jetzt noch sicher?

Vielen Dank,
Norbert

also einen trojaner direkt habe ich nicht gesehen, da combofix temp dateien automatisch löscht etc, kann es sein, das er von dort aus aktiev war, nutzt du den pc denn für wichtiges, wie banking, sonstige zahlungsabwicklungen oder einkäufe?

der pc wird hauptsächlich für die uni verwendet, aber sicherlich auch hin u wieder für einkäufe oder online banking. ich denke mal eine risikoabschätzung ist schwierig.. aber würdest du den neu aufsetzen? kann ich irgendwie checken ob noch eine gefahr besteht?
Auf jeden Fall vielen Dank für deine Hilfe!
Norbert

ich würd ihn neu aufsetzen und neue zugangsdaten fürs banking beantragen
o
1. Datenrettung:

• deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
• dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
  Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

• nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
• recovery cd oder recovery partition.
• falls dies ein fertig pc ist, nenne hersteller + typ.
• Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.