my srart by incredibar ..... mich hat´s auch erwischt!

cosinus · 03.08.2012, 09:41

Tja, lass das Backupset doch einfach in Ruhe

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

hai123 · 03.08.2012, 10:21

Hi Arne, schön von Dir zu hören
Zitat:
1.) Geht der normale Modus von Windows uneingeschränkt? ** Ja **
2.) Vermisst du irgendwas im Startmenü? ** Nein ** Sind da leere Ordner unter alle Programme oder ist alles vorhanden? ** Keine leeren Ordner-vermisse nichts! **
Es ist rein gar nichts vorgekommen, was mich irgendwie beunruhigt; bis auf die 2 detektierten " Plager "

Gruß
RS

cosinus · 03.08.2012, 18:51

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

hai123 · 06.08.2012, 19:34

Hi Arne,
ich hab, so hoffe ich doch, alles gemacht wie gewünscht; vielen Dank schon mal im Voraus:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 06.08.2012 19:54:50 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Roland \Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 75,57% Memory free
7,00 Gb Paging File | 5,93 Gb Available in Paging File | 84,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 372,61 Gb Total Space | 328,77 Gb Free Space | 88,23% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 70,35 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
 
Computer Name: ROLAND-PC | User Name: Roland | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Roland \Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Roland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Programme\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\dradio-Recorder\phonostarTimer.exe ()
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\windows._cacheinvalidation.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._gdi_.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._misc_.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\pysqlite2._sqlite.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\pythoncom26.dll ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32com.shell.shell.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\pyexpat.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\pywintypes26.dll ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32api.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\_elementtree.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\_ctypes.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._html2.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\_socket.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32crypt.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._core_.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._controls_.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._windows_.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\_ssl.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\unicodedata.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\_hashlib.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\wx._wizard.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32file.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32inet.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32process.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32pdh.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\win32event.pyd ()
MOD - C:\Users\ROLAND~1\AppData\Local\Temp\_MEI242410\select.pyd ()
MOD - C:\Users\Roland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\dradio-Recorder\phonostarTimer.exe ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Programme\Yahoo!\Widgets\jsd.dll ()
MOD - C:\Programme\Yahoo!\Widgets\js32.dll ()
MOD - C:\Programme\Yahoo!\Widgets\sqlite3.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Programme\AAVUpdateManager\aavus.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 E5 32 FF D4 1E CD 01  [binary data]
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-889825940-3395924831-1080105970-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files\dradio-Recorder\npphonostarDetectNP.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.03 10:49:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.29 18:38:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.03 10:49:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.07.22 15:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roland AppData\Roaming\mozilla\Extensions
[2012.07.23 06:37:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\135r9kpp.default\extensions
[2012.01.02 20:09:06 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Roland \AppData\Roaming\mozilla\Firefox\Profiles\135r9kpp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.06 15:26:57 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\135r9kpp.default\extensions\DeviceDetection@logitech.com
[2011.08.11 08:33:10 | 000,006,253 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\135r9kpp.default\searchplugins\0180-telefonbuch.xml
[2011.08.11 08:33:28 | 000,002,422 | ---- | M] () -- C:\Users\Roland \AppData\Roaming\Mozilla\Firefox\Profiles\135r9kpp.default\searchplugins\0180info.xml
[2012.07.03 15:53:06 | 000,002,347 | ---- | M] () -- C:\Users\Roland \AppData\Roaming\Mozilla\Firefox\Profiles\135r9kpp.default\searchplugins\finanzennet.xml
[2012.08.03 10:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.03 10:49:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.03 10:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2012.07.12 08:23:39 | 000,061,228 | ---- | M] () (No name found) -- C:\USERS\ROLAND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\135R9KPP.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.02.16 12:54:13 | 000,006,850 | ---- | M] () (No name found) -- C:\USERS\ROLAND \APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\135R9KPP.DEFAULT\EXTENSIONS\JL@LEIMBACH-IT.DE.XPI
[2011.12.30 11:46:56 | 000,012,686 | ---- | M] () (No name found) -- C:\USERS\ROLAND \APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\135R9KPP.DEFAULT\EXTENSIONS\SHOPCLEVER@EXTENSION.XPI
[2012.07.23 06:37:45 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\ROLAND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\135R9KPP.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.08.03 10:49:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Snapform Viewer PlugIn for IE) - {00AF1458-D967-4C0E-B736-D6D010521EF5} - C:\Programme\SnapFormViewer\Viewer\bin\lib\SFVPlugInIE_x86.dll (Ringler Informatik AG)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-889825940-3395924831-1080105970-1001..\Run: [dradio-RecorderTimer] C:\Programme\dradio-Recorder\phonostarTimer.exe ()
O4 - HKU\S-1-5-21-889825940-3395924831-1080105970-1001..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-889825940-3395924831-1080105970-1001..\Run: [Spotify Web Helper] C:\Users\Roland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Programme\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Roland \AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.186.161 83.169.186.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1BBE9971-380C-4B49-A31D-5F656225FA0E}: DhcpNameServer = 83.169.186.161 83.169.186.225
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\Shell - "" = AutoRun
O33 - MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.03 10:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.08.02 16:17:52 | 000,000,000 | ---D | C] -- C:\Users\Roland\Desktop\
[2012.07.31 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\Roland \Documents\
[2012.07.30 13:14:35 | 000,000,000 | ---D | C] -- C:\Users\Roland \Documents\
[2012.07.17 08:31:01 | 000,000,000 | ---D | C] -- C:\Users\Roland \Documents\
[2012.07.10 16:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.07.10 16:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.06 19:32:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.06 19:29:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.06 18:27:27 | 000,016,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 18:27:27 | 000,016,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 18:20:11 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.06 18:19:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.06 18:19:51 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.03 10:14:28 | 001,744,400 | ---- | M] () -- C:\Users\Roland \Desktop\IMG_3067.JPG
[2012.08.02 16:12:24 | 003,408,739 | ---- | M] () -- C:\Users\Roland \Desktop\IMG_3054.JPG
[2012.07.30 13:15:08 | 000,014,305 | ---- | M] () -- C:\Users\Roland \Documents\.odt
[2012.07.29 18:08:23 | 006,438,320 | ---- | M] () -- C:\Users\Roland\Documents\Unbenannt 1.odt
[2012.07.21 13:35:20 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.18 21:36:05 | 000,438,849 | ---- | M] () -- C:\Users\Roland\Documents\
[2012.07.17 09:42:33 | 000,004,535 | ---- | M] () -- C:\Users\Roland\Desktop\roland
[2012.07.17 09:18:20 | 000,133,169 | ---- | M] () -- C:\Users\Roland\Documents\
[2012.07.17 09:10:09 | 000,004,535 | ---- | M] () -- C:\Users\Roland\Desktop\roland.bak
[2012.07.13 08:54:01 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.12 10:05:29 | 000,132,990 | ---- | M] () -- C:\Users\Roland\Documents
[2012.07.12 09:46:06 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Snapform Viewer.lnk
[2012.07.11 11:06:59 | 000,292,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.08.03 10:14:28 | 001,744,400 | ---- | C] () -- C:\Users\Roland\Desktop\IMG.JPG
[2012.08.02 16:12:23 | 003,408,739 | ---- | C] () -- C:\Users\Roland\Desktop\IMG.JPG
[2012.07.30 13:15:05 | 000,014,305 | ---- | C] () -- C:\Users\Roland\Documents\.odt
[2012.07.29 18:05:44 | 006,438,320 | ---- | C] () -- C:\Users\Roland Documents\Unbenannt 1.odt
[2012.07.18 21:36:05 | 000,438,849 | ---- | C] () -- C:\Users\Roland\Documents\
[2012.07.12 10:05:25 | 000,132,990 | ---- | C] () -- C:\Users\Roland \Documents\qdf
[2012.06.11 13:50:42 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.02.15 04:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.02.15 04:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.12.17 14:45:55 | 000,003,584 | ---- | C] () -- C:\Users\Roland AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.30 21:44:28 | 000,000,032 | ---- | C] () -- C:\Users\Roland \.simfy
[2011.11.26 20:48:00 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.08.29 10:50:33 | 000,007,605 | ---- | C] () -- C:\Users\Roland \AppData\Local\Resmon.ResmonCfg
[2011.07.30 00:05:16 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.07.23 20:11:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.07.22 14:39:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
========== LOP Check ==========
 
[2011.07.26 11:32:49 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming
[2012.06.12 11:40:18 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Canneverbe Limited
[2012.06.19 08:07:30 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Canon
[2012.01.02 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\DVDVideoSoft
[2012.01.02 20:09:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.17 15:18:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Guqeisy
[2012.08.02 16:25:43 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\IrfanView
[2012.03.20 12:43:51 | 000,000,000 | ---D | M] -- C:\Users\Roland AppData\Roaming\Obfyh
[2011.07.23 20:29:24 | 000,000,000 | ---D | M] -- C:\Users\Roland\AppData\Roaming\OpenOffice.org
[2012.06.14 10:13:02 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\phonostar GmbH
[2011.07.31 17:22:38 | 000,000,000 | ---D | M] -- C:\Users\Roland\AppData\Roaming\Simfy
[2012.07.21 13:37:13 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Spotify
[2011.07.22 21:04:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Thunderbird
[2012.07.23 11:15:58 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.07.31 17:21:46 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Adobe
[2011.07.26 11:32:49 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\
[2012.01.18 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\ATI
[2011.10.18 09:37:24 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Avira
[2012.06.12 11:40:18 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Canneverbe Limited
[2012.06.19 08:07:30 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Canon
[2012.01.02 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\DVDVideoSoft
[2012.01.02 20:09:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.17 15:18:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Guqeisy
[2011.07.22 14:47:00 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Identities
[2012.08.02 16:25:43 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\IrfanView
[2011.07.22 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Macromedia
[2012.07.02 12:47:01 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Malwarebytes
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\Roland\AppData\Roaming\Media Center Programs
[2012.03.17 15:18:12 | 000,000,000 | --SD | M] -- C:\Users\Roland\AppData\Roaming\Microsoft
[2011.07.22 15:49:42 | 000,000,000 | ---D | M] -- C:\Users\Roland\AppData\Roaming\Mozilla
[2012.03.20 12:43:51 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Obfyh
[2011.07.23 20:29:24 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\OpenOffice.org
[2012.06.14 10:13:02 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\phonostar GmbH
[2011.07.31 17:22:38 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Simfy
[2012.07.30 18:31:21 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Skype
[2012.07.21 13:37:13 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Spotify
[2011.07.22 21:04:05 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\Thunderbird
[2011.07.25 15:48:27 | 000,000,000 | ---D | M] -- C:\Users\Roland \AppData\Roaming\U3
 
< %APPDATA%\*.exe /s >
[2012.05.21 11:02:08 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Roland \AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.03.14 09:07:42 | 000,010,134 | R--- | M] () -- C:\Users\Roland \AppData\Roaming\Microsoft\Installer\{4F198874-3C7D-5983-02EB-9E234C43F174}\ARPPRODUCTICON.exe
[2012.07.21 13:36:51 | 007,609,560 | ---- | M] (Spotify Ltd) -- C:\Users\Roland \AppData\Roaming\Spotify\spotify.exe
[2012.07.21 13:36:51 | 000,114,392 | ---- | M] () -- C:\Users\Roland \AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012.07.21 13:36:51 | 001,192,664 | ---- | M] () -- C:\Users\Roland \AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Roland \AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Roland \AppData\Roaming\U3\temp\Launchpad Removal.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.04.06 04:16:52 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
<           >

< End of report >

--- --- ---

cosinus · 07.08.2012, 13:21

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - user.js - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\Shell - "" = AutoRun
O33 - MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
:Files
C:\Users\Roland AppData\Roaming\Obfyh
C:\Users\Roland \AppData\Roaming\Guqeisy
C:\Windows\System32\kdbsdk32.dll
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

hai123 · 07.08.2012, 18:18

Zitat: aus dem otl fix

ich gehe mal davon aus, dass es so aussehen sollte.
Das xxxxxxxxxxxxx\ ist der Nachname, wurde von mir gelöscht:

C:\Users\Roland xxxxxxxxxx\AppData\Roaming\Obfyh
C:\Users\Roland xxxxxxxxxx\AppData\Roaming\Guqeisy

Wäre das denn so richtiger?
Gruß

cosinus · 08.08.2012, 18:43

Das musst du doch wissen was du da wegeditiert hast!

Und ja natürlich muss es wieder so zurückeditiert werden, wie es original im Log auch stand

hai123 · 09.08.2012, 16:09

Hi Arne,
das sieht jetzt so aus: (editiert)
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37a97548-b6bf-11e0-8196-001e90e9e576}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37a97548-b6bf-11e0-8196-001e90e9e576}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37a97548-b6bf-11e0-8196-001e90e9e576}\ not found.
File E:\LaunchU3.exe -a not found.
========== FILES ==========
File\Folder C:\Users\Roland \ AppData\Roaming\Obfyh not found.
C:\Users\Roland \AppData\Roaming\Guqeisy folder moved successfully.
C:\Windows\System32\kdbsdk32.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Roland
->Temp folder emptied: 4005698087 bytes
->Temporary Internet Files folder emptied: 257116860 bytes
->Java cache emptied: 1865003 bytes
->FireFox cache emptied: 1151902231 bytes
->Flash cache emptied: 176089 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 213601598 bytes
RecycleBin emptied: 782671080 bytes

Total Files Cleaned = 6.116,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Roland
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.56.0 log created on 08092012_165216

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Hi Arne,
nach dem Hochfahren des Rechners erhalte ich jetzt folgende Fehlermeldung:

kdbsync.exe-Systemfehler
Das Programm kann nicht gestartet werden, da kdbsdk32.dll auf dem Computer fehlt. Installieren Sie das Programm erneut um das Problem zu beheben.

Das ist irgenwas mit AMD / Grafikkarten ....... oder so. Es wäre schön, wenn wir
dieses Warnschild auch noch irgendwie wegbekommen könnten.......
Danke im Voraus Gruß R

cosinus · 10.08.2012, 18:59

Ach ok, jetzt weiß ich dass die Datei doch ok ist

Code:

ATTFilter

C:\Windows\System32\kdbsdk32.dll moved successfully.

Diese kdbsdk32.dll solltest du innerhalb des Ordner C:\_OTL\MovedFiles finden
Einfach wieder nach C:\Windows\system32 kopieren
Dann sollte die Meldung eigentlich spätestens beim nächsten Neustart weg sein

hai123 · 12.08.2012, 18:44

Hi Arne, Du hast recht. Ich hab das so gemacht! Und die beschriebene Warnung kommt nicht mehr!
Es gibt noch eine zweite Warnung sofort nach dem Hochfahren: AMD Accelerated Video Transcoder - so eine Art MS-Dos Fenster, aber ohne Inhalt.
Dieses Fenster ist nur ganz kurz sichtbar ( so ne 1/4 Sekunde ) - und auf der Symbolleiste verschwindet der Eintrag nach 4~5 sec. Damit kann man wohl leben, denke ich.
Es sieht so aus, als ob jetzt alles wieder im Lot ist ??
War ja ne schwierige Geburt.......Vielen Dank, dass Du bis zum Ende mitgegangen bist. Ich bin Dir echt dankbar und Deine Tips für die Zukunft vergesse ich bestimmt nicht.
Viele Grüße
R

cosinus · 13.08.2012, 15:49

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

hai123 · 13.08.2012, 19:08

Hui, ob ich da wohl etwas voreilig war?????
Hier der REPORT:

19:52:58.0277 0876 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:52:58.0449 0876 ============================================================
19:52:58.0449 0876 Current date / time: 2012/08/13 19:52:58.0449
19:52:58.0449 0876 SystemInfo:
19:52:58.0449 0876
19:52:58.0449 0876 OS Version: 6.1.7601 ServicePack: 1.0
19:52:58.0449 0876 Product type: Workstation
19:52:58.0449 0876 ComputerName: ROLAND-PC
19:52:58.0449 0876 UserName: Roland
19:52:58.0449 0876 Windows directory: C:\Windows
19:52:58.0449 0876 System windows directory: C:\Windows
19:52:58.0449 0876 Processor architecture: Intel x86
19:52:58.0449 0876 Number of processors: 2
19:52:58.0449 0876 Page size: 0x1000
19:52:58.0449 0876 Boot type: Normal boot
19:52:58.0449 0876 ============================================================
19:53:00.0695 0876 Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:53:00.0695 0876 Drive \Device\Harddisk1\DR1 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:53:00.0695 0876 ============================================================
19:53:00.0695 0876 \Device\Harddisk0\DR0:
19:53:00.0695 0876 MBR partitions:
19:53:00.0695 0876 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E937800
19:53:00.0695 0876 \Device\Harddisk1\DR1:
19:53:00.0695 0876 MBR partitions:
19:53:00.0695 0876 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4000
19:53:00.0695 0876 ============================================================
19:53:00.0726 0876 C: <-> \Device\Harddisk0\DR0\Partition0
19:53:00.0726 0876 F: <-> \Device\Harddisk1\DR1\Partition0
19:53:00.0726 0876 ============================================================
19:53:00.0726 0876 Initialize success
19:53:00.0726 0876 ============================================================
19:57:44.0554 0696 ============================================================
19:57:44.0554 0696 Scan started
19:57:44.0554 0696 Mode: Manual; SigCheck; TDLFS;
19:57:44.0554 0696 ============================================================
19:57:44.0975 0696 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:57:45.0068 0696 1394ohci - ok
19:57:45.0162 0696 AAV UpdateService (7eeb488346fbfa3731276c3ee8a8fd9e) C:\Program Files\AAVUpdateManager\aavus.exe
19:57:45.0162 0696 AAV UpdateService - ok
19:57:45.0224 0696 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:57:45.0240 0696 ACPI - ok
19:57:45.0287 0696 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:57:45.0334 0696 AcpiPmi - ok
19:57:45.0427 0696 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:57:45.0443 0696 AdobeARMservice - ok
19:57:45.0521 0696 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:45.0536 0696 AdobeFlashPlayerUpdateSvc - ok
19:57:45.0599 0696 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:57:45.0614 0696 adp94xx - ok
19:57:45.0646 0696 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:57:45.0661 0696 adpahci - ok
19:57:45.0677 0696 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:57:45.0692 0696 adpu320 - ok
19:57:45.0724 0696 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:57:45.0786 0696 AeLookupSvc - ok
19:57:45.0833 0696 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:57:45.0895 0696 AFD - ok
19:57:45.0926 0696 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:57:45.0942 0696 agp440 - ok
19:57:45.0989 0696 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:57:45.0989 0696 aic78xx - ok
19:57:46.0036 0696 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:57:46.0082 0696 ALG - ok
19:57:46.0114 0696 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:57:46.0129 0696 aliide - ok
19:57:46.0176 0696 AMD External Events Utility (50ebbb86e493bd9ab7ddf914a90eef8e) C:\Windows\system32\atiesrxx.exe
19:57:46.0223 0696 AMD External Events Utility - ok
19:57:46.0316 0696 AMD FUEL Service - ok
19:57:46.0348 0696 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:57:46.0379 0696 amdagp - ok
19:57:46.0410 0696 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:57:46.0426 0696 amdide - ok
19:57:46.0441 0696 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
19:57:46.0457 0696 amdiox86 - ok
19:57:46.0519 0696 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:57:46.0582 0696 AmdK8 - ok
19:57:47.0159 0696 amdkmdag (70eb74785ab7fc603fef19d87b7a7946) C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:47.0424 0696 amdkmdag - ok
19:57:47.0580 0696 amdkmdap (ba99833bbde9c4ff389fc8114fb14843) C:\Windows\system32\DRIVERS\atikmpag.sys
19:57:47.0627 0696 amdkmdap - ok
19:57:47.0674 0696 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:57:47.0705 0696 AmdPPM - ok
19:57:47.0736 0696 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:57:47.0752 0696 amdsata - ok
19:57:47.0783 0696 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:57:47.0798 0696 amdsbs - ok
19:57:47.0814 0696 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:57:47.0830 0696 amdxata - ok
19:57:47.0939 0696 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:57:47.0954 0696 AntiVirSchedulerService - ok
19:57:47.0986 0696 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:57:48.0001 0696 AntiVirService - ok
19:57:48.0032 0696 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:57:48.0142 0696 AppID - ok
19:57:48.0188 0696 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:57:48.0235 0696 AppIDSvc - ok
19:57:48.0251 0696 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:57:48.0298 0696 Appinfo - ok
19:57:48.0329 0696 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
19:57:48.0376 0696 AppMgmt - ok
19:57:48.0407 0696 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:57:48.0422 0696 arc - ok
19:57:48.0438 0696 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:57:48.0454 0696 arcsas - ok
19:57:48.0485 0696 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:48.0578 0696 AsyncMac - ok
19:57:48.0625 0696 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:57:48.0656 0696 atapi - ok
19:57:48.0719 0696 AtiHDAudioService (6adc42cf4a6ab84975ca63dccfaaf5d8) C:\Windows\system32\drivers\AtihdW73.sys
19:57:48.0719 0696 AtiHDAudioService - ok
19:57:49.0249 0696 atikmdag (70eb74785ab7fc603fef19d87b7a7946) C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:49.0390 0696 atikmdag - ok
19:57:49.0514 0696 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:57:49.0561 0696 AudioEndpointBuilder - ok
19:57:49.0561 0696 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:57:49.0592 0696 Audiosrv - ok
19:57:49.0670 0696 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
19:57:49.0686 0696 avgntflt - ok
19:57:49.0733 0696 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
19:57:49.0748 0696 avipbb - ok
19:57:49.0764 0696 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:57:49.0780 0696 avkmgr - ok
19:57:49.0811 0696 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:57:49.0873 0696 AxInstSV - ok
19:57:49.0920 0696 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:57:49.0967 0696 b06bdrv - ok
19:57:50.0014 0696 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:57:50.0029 0696 b57nd60x - ok
19:57:50.0076 0696 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:57:50.0107 0696 BDESVC - ok
19:57:50.0123 0696 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:57:50.0170 0696 Beep - ok
19:57:50.0232 0696 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:57:50.0279 0696 BFE - ok
19:57:50.0326 0696 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:57:50.0372 0696 BITS - ok
19:57:50.0404 0696 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:57:50.0435 0696 blbdrive - ok
19:57:50.0450 0696 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:57:50.0497 0696 bowser - ok
19:57:50.0513 0696 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:57:50.0560 0696 BrFiltLo - ok
19:57:50.0575 0696 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:57:50.0622 0696 BrFiltUp - ok
19:57:50.0653 0696 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:57:50.0700 0696 Browser - ok
19:57:50.0731 0696 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:57:50.0762 0696 Brserid - ok
19:57:50.0778 0696 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:50.0809 0696 BrSerWdm - ok
19:57:50.0840 0696 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:50.0872 0696 BrUsbMdm - ok
19:57:50.0887 0696 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:50.0918 0696 BrUsbSer - ok
19:57:50.0950 0696 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
19:57:50.0996 0696 BthEnum - ok
19:57:51.0028 0696 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:57:51.0043 0696 BTHMODEM - ok
19:57:51.0074 0696 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
19:57:51.0090 0696 BthPan - ok
19:57:51.0137 0696 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
19:57:51.0168 0696 BTHPORT - ok
19:57:51.0199 0696 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:57:51.0246 0696 bthserv - ok
19:57:51.0262 0696 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
19:57:51.0293 0696 BTHUSB - ok
19:57:51.0324 0696 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:57:51.0371 0696 cdfs - ok
19:57:51.0418 0696 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
19:57:51.0449 0696 cdrom - ok
19:57:51.0480 0696 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:57:51.0527 0696 CertPropSvc - ok
19:57:51.0542 0696 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:57:51.0558 0696 circlass - ok
19:57:51.0792 0696 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:57:51.0823 0696 CLFS - ok
19:57:51.0886 0696 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:51.0901 0696 clr_optimization_v2.0.50727_32 - ok
19:57:51.0964 0696 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:51.0979 0696 clr_optimization_v4.0.30319_32 - ok
19:57:51.0995 0696 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:57:52.0010 0696 CmBatt - ok
19:57:52.0042 0696 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:57:52.0042 0696 cmdide - ok
19:57:52.0088 0696 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
19:57:52.0120 0696 CNG - ok
19:57:52.0135 0696 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:57:52.0151 0696 Compbatt - ok
19:57:52.0198 0696 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:57:52.0213 0696 CompositeBus - ok
19:57:52.0213 0696 COMSysApp - ok
19:57:52.0229 0696 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:57:52.0244 0696 crcdisk - ok
19:57:52.0276 0696 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
19:57:52.0338 0696 CryptSvc - ok
19:57:52.0385 0696 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
19:57:52.0432 0696 CSC - ok
19:57:52.0478 0696 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
19:57:52.0510 0696 CscService - ok
19:57:52.0541 0696 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:57:52.0603 0696 DcomLaunch - ok
19:57:52.0634 0696 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:57:52.0681 0696 defragsvc - ok
19:57:52.0744 0696 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:57:52.0822 0696 DfsC - ok
19:57:52.0868 0696 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:57:52.0915 0696 Dhcp - ok
19:57:52.0946 0696 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:57:52.0993 0696 discache - ok
19:57:53.0040 0696 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:57:53.0040 0696 Disk - ok
19:57:53.0071 0696 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:57:53.0118 0696 Dnscache - ok
19:57:53.0149 0696 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:57:53.0196 0696 dot3svc - ok
19:57:53.0227 0696 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:57:53.0274 0696 DPS - ok
19:57:53.0321 0696 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:57:53.0336 0696 drmkaud - ok
19:57:53.0414 0696 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:57:53.0430 0696 DXGKrnl - ok
19:57:53.0461 0696 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:57:53.0508 0696 EapHost - ok
19:57:53.0711 0696 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:57:53.0804 0696 ebdrv - ok
19:57:53.0898 0696 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:57:53.0945 0696 EFS - ok
19:57:54.0007 0696 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:57:54.0054 0696 ehRecvr - ok
19:57:54.0085 0696 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:57:54.0132 0696 ehSched - ok
19:57:54.0210 0696 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:57:54.0257 0696 elxstor - ok
19:57:54.0272 0696 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:57:54.0304 0696 ErrDev - ok
19:57:54.0350 0696 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:57:54.0413 0696 EventSystem - ok
19:57:54.0428 0696 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:57:54.0475 0696 exfat - ok
19:57:54.0506 0696 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:57:54.0553 0696 fastfat - ok
19:57:54.0616 0696 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:57:54.0662 0696 Fax - ok
19:57:54.0694 0696 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:57:54.0725 0696 fdc - ok
19:57:54.0756 0696 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:57:54.0787 0696 fdPHost - ok
19:57:54.0803 0696 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:57:54.0850 0696 FDResPub - ok
19:57:54.0865 0696 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:57:54.0881 0696 FileInfo - ok
19:57:54.0896 0696 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:57:54.0928 0696 Filetrace - ok
19:57:54.0943 0696 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:57:54.0959 0696 flpydisk - ok
19:57:54.0990 0696 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:57:55.0006 0696 FltMgr - ok
19:57:55.0084 0696 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:57:55.0162 0696 FontCache - ok
19:57:55.0240 0696 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:57:55.0255 0696 FontCache3.0.0.0 - ok
19:57:55.0271 0696 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:57:55.0286 0696 FsDepends - ok
19:57:55.0302 0696 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:57:55.0318 0696 Fs_Rec - ok
19:57:55.0364 0696 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:57:55.0380 0696 fvevol - ok
19:57:55.0411 0696 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:57:55.0427 0696 gagp30kx - ok
19:57:55.0474 0696 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
19:57:55.0474 0696 giveio ( UnsignedFile.Multi.Generic ) - warning
19:57:55.0474 0696 giveio - detected UnsignedFile.Multi.Generic (1)
19:57:55.0536 0696 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:57:55.0583 0696 gpsvc - ok
19:57:55.0692 0696 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:55.0723 0696 gupdate - ok
19:57:55.0723 0696 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:55.0739 0696 gupdatem - ok
19:57:55.0770 0696 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:57:55.0801 0696 hcw85cir - ok
19:57:55.0864 0696 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
19:57:55.0895 0696 HdAudAddService - ok
19:57:55.0942 0696 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:57:55.0973 0696 HDAudBus - ok
19:57:55.0988 0696 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:57:56.0004 0696 HidBatt - ok
19:57:56.0035 0696 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:57:56.0066 0696 HidBth - ok
19:57:56.0098 0696 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:57:56.0144 0696 HidIr - ok
19:57:56.0176 0696 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:57:56.0207 0696 hidserv - ok
19:57:56.0269 0696 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
19:57:56.0285 0696 HidUsb - ok
19:57:56.0300 0696 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:57:56.0347 0696 hkmsvc - ok
19:57:56.0378 0696 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:57:56.0425 0696 HomeGroupListener - ok
19:57:56.0456 0696 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:57:56.0488 0696 HomeGroupProvider - ok
19:57:56.0534 0696 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:57:56.0550 0696 HpSAMD - ok
19:57:56.0597 0696 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:57:56.0628 0696 HTTP - ok
19:57:56.0659 0696 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:57:56.0675 0696 hwpolicy - ok
19:57:56.0722 0696 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:57:56.0737 0696 i8042prt - ok
19:57:56.0800 0696 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:57:56.0846 0696 iaStorV - ok
19:57:56.0956 0696 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:57:57.0002 0696 idsvc - ok
19:57:57.0034 0696 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:57:57.0034 0696 iirsp - ok
19:57:57.0112 0696 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:57:57.0174 0696 IKEEXT - ok
19:57:57.0205 0696 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:57:57.0221 0696 intelide - ok
19:57:57.0236 0696 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:57:57.0268 0696 intelppm - ok
19:57:57.0299 0696 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:57:57.0330 0696 IPBusEnum - ok
19:57:57.0346 0696 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:57:57.0392 0696 IpFilterDriver - ok
19:57:57.0455 0696 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:57:57.0517 0696 iphlpsvc - ok
19:57:57.0548 0696 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:57:57.0580 0696 IPMIDRV - ok
19:57:57.0595 0696 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:57:57.0642 0696 IPNAT - ok
19:57:57.0673 0696 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:57:57.0689 0696 IRENUM - ok
19:57:57.0736 0696 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:57:57.0751 0696 isapnp - ok
19:57:57.0767 0696 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:57:57.0798 0696 iScsiPrt - ok
19:57:57.0829 0696 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:57:57.0829 0696 kbdclass - ok
19:57:57.0860 0696 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
19:57:57.0892 0696 kbdhid - ok
19:57:57.0907 0696 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:57:57.0923 0696 KeyIso - ok
19:57:57.0938 0696 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
19:57:57.0954 0696 KSecDD - ok
19:57:57.0985 0696 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
19:57:58.0001 0696 KSecPkg - ok
19:57:58.0048 0696 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:57:58.0079 0696 KtmRm - ok
19:57:58.0141 0696 L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\Windows\system32\DRIVERS\L8042Kbd.sys
19:57:58.0157 0696 L8042Kbd - ok
19:57:58.0204 0696 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:57:58.0250 0696 LanmanServer - ok
19:57:58.0266 0696 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:57:58.0313 0696 LanmanWorkstation - ok
19:57:58.0375 0696 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:57:58.0422 0696 lltdio - ok
19:57:58.0453 0696 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:57:58.0500 0696 lltdsvc - ok
19:57:58.0516 0696 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:57:58.0547 0696 lmhosts - ok
19:57:58.0578 0696 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:57:58.0594 0696 LSI_FC - ok
19:57:58.0609 0696 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:57:58.0625 0696 LSI_SAS - ok
19:57:58.0656 0696 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:57:58.0656 0696 LSI_SAS2 - ok
19:57:58.0687 0696 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:57:58.0703 0696 LSI_SCSI - ok
19:57:58.0718 0696 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:57:58.0750 0696 luafv - ok
19:57:58.0796 0696 LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
19:57:58.0812 0696 LVUSBSta - ok
19:57:58.0828 0696 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:57:58.0843 0696 Mcx2Svc - ok
19:57:58.0859 0696 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:57:58.0874 0696 megasas - ok
19:57:58.0906 0696 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:57:58.0921 0696 MegaSR - ok
19:57:58.0952 0696 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:57:58.0999 0696 MMCSS - ok
19:57:59.0015 0696 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:57:59.0062 0696 Modem - ok
19:57:59.0077 0696 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:57:59.0108 0696 monitor - ok
19:57:59.0140 0696 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:57:59.0155 0696 mouclass - ok
19:57:59.0186 0696 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:57:59.0218 0696 mouhid - ok
19:57:59.0249 0696 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:57:59.0264 0696 mountmgr - ok
19:57:59.0389 0696 MozillaMaintenance (c1b935882344f9db73168611ebda1c11) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:57:59.0405 0696 MozillaMaintenance - ok
19:57:59.0436 0696 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:57:59.0452 0696 mpio - ok
19:57:59.0467 0696 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:57:59.0514 0696 mpsdrv - ok
19:57:59.0576 0696 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:57:59.0623 0696 MpsSvc - ok
19:57:59.0654 0696 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:57:59.0686 0696 MRxDAV - ok
19:57:59.0717 0696 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:57:59.0764 0696 mrxsmb - ok
19:57:59.0795 0696 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:57:59.0826 0696 mrxsmb10 - ok
19:57:59.0857 0696 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:57:59.0873 0696 mrxsmb20 - ok
19:57:59.0888 0696 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:57:59.0904 0696 msahci - ok
19:57:59.0935 0696 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:57:59.0951 0696 msdsm - ok
19:57:59.0982 0696 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:58:00.0013 0696 MSDTC - ok
19:58:00.0060 0696 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:58:00.0076 0696 Msfs - ok
19:58:00.0091 0696 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:58:00.0138 0696 mshidkmdf - ok
19:58:00.0169 0696 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:58:00.0185 0696 msisadrv - ok
19:58:00.0216 0696 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:58:00.0263 0696 MSiSCSI - ok
19:58:00.0263 0696 msiserver - ok
19:58:00.0294 0696 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:58:00.0325 0696 MSKSSRV - ok
19:58:00.0325 0696 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:58:00.0372 0696 MSPCLOCK - ok
19:58:00.0388 0696 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:58:00.0434 0696 MSPQM - ok
19:58:00.0450 0696 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:58:00.0481 0696 MsRPC - ok
19:58:00.0497 0696 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:58:00.0512 0696 mssmbios - ok
19:58:00.0528 0696 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:58:00.0559 0696 MSTEE - ok
19:58:00.0559 0696 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:58:00.0575 0696 MTConfig - ok
19:58:00.0606 0696 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:58:00.0622 0696 Mup - ok
19:58:00.0653 0696 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:58:00.0700 0696 napagent - ok
19:58:00.0731 0696 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:58:00.0762 0696 NativeWifiP - ok
19:58:00.0824 0696 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:58:00.0856 0696 NDIS - ok
19:58:00.0887 0696 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:58:00.0934 0696 NdisCap - ok
19:58:00.0949 0696 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:58:00.0996 0696 NdisTapi - ok
19:58:01.0043 0696 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:58:01.0074 0696 Ndisuio - ok
19:58:01.0121 0696 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:58:01.0152 0696 NdisWan - ok
19:58:01.0168 0696 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:58:01.0199 0696 NDProxy - ok
19:58:01.0214 0696 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:58:01.0261 0696 NetBIOS - ok
19:58:01.0308 0696 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:58:01.0339 0696 NetBT - ok
19:58:01.0355 0696 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:01.0370 0696 Netlogon - ok
19:58:01.0417 0696 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:58:01.0511 0696 Netman - ok
19:58:01.0542 0696 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:58:01.0589 0696 netprofm - ok
19:58:01.0667 0696 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:58:01.0682 0696 NetTcpPortSharing - ok
19:58:01.0714 0696 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:58:01.0729 0696 nfrd960 - ok
19:58:01.0776 0696 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:58:01.0807 0696 NlaSvc - ok
19:58:01.0854 0696 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:58:01.0901 0696 Npfs - ok
19:58:01.0916 0696 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:58:01.0948 0696 nsi - ok
19:58:01.0963 0696 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:58:01.0994 0696 nsiproxy - ok
19:58:02.0088 0696 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:58:02.0119 0696 Ntfs - ok
19:58:02.0135 0696 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:58:02.0182 0696 Null - ok
19:58:02.0228 0696 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
19:58:02.0275 0696 NVENETFD - ok
19:58:02.0322 0696 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
19:58:02.0338 0696 NVNET - ok
19:58:02.0369 0696 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:58:02.0384 0696 nvraid - ok
19:58:02.0416 0696 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:58:02.0416 0696 nvstor - ok
19:58:02.0447 0696 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:58:02.0462 0696 nv_agp - ok
19:58:02.0478 0696 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:58:02.0509 0696 ohci1394 - ok
19:58:02.0556 0696 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:58:02.0618 0696 p2pimsvc - ok
19:58:02.0665 0696 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:58:02.0696 0696 p2psvc - ok
19:58:02.0743 0696 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:58:02.0759 0696 Parport - ok
19:58:02.0790 0696 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:58:02.0806 0696 partmgr - ok
19:58:02.0821 0696 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:58:02.0852 0696 Parvdm - ok
19:58:02.0868 0696 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:58:02.0884 0696 PcaSvc - ok
19:58:02.0915 0696 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:58:02.0930 0696 pci - ok
19:58:02.0946 0696 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:58:02.0962 0696 pciide - ok
19:58:02.0977 0696 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:58:03.0008 0696 pcmcia - ok
19:58:03.0024 0696 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:58:03.0040 0696 pcw - ok
19:58:03.0102 0696 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:58:03.0149 0696 PEAUTH - ok
19:58:03.0227 0696 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
19:58:03.0305 0696 PeerDistSvc - ok
19:58:03.0367 0696 pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
19:58:03.0383 0696 pepifilter - ok
19:58:03.0476 0696 PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
19:58:03.0523 0696 PID_PEPI - ok
19:58:03.0617 0696 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:58:03.0664 0696 pla - ok
19:58:03.0804 0696 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:58:03.0835 0696 PlugPlay - ok
19:58:03.0866 0696 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:58:03.0882 0696 PNRPAutoReg - ok
19:58:03.0913 0696 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:58:03.0929 0696 PNRPsvc - ok
19:58:03.0976 0696 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:58:04.0007 0696 PolicyAgent - ok
19:58:04.0054 0696 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:58:04.0085 0696 Power - ok
19:58:04.0163 0696 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:58:04.0225 0696 PptpMiniport - ok
19:58:04.0241 0696 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:58:04.0288 0696 Processor - ok
19:58:04.0319 0696 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
19:58:04.0366 0696 ProfSvc - ok
19:58:04.0397 0696 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:04.0412 0696 ProtectedStorage - ok
19:58:04.0444 0696 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:58:04.0475 0696 Psched - ok
19:58:04.0553 0696 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:58:04.0600 0696 ql2300 - ok
19:58:04.0709 0696 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:58:04.0740 0696 ql40xx - ok
19:58:04.0771 0696 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:58:04.0787 0696 QWAVE - ok
19:58:04.0802 0696 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:58:04.0818 0696 QWAVEdrv - ok
19:58:04.0880 0696 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
19:58:04.0896 0696 RapiMgr - ok
19:58:04.0912 0696 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:58:04.0958 0696 RasAcd - ok
19:58:04.0990 0696 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:58:05.0036 0696 RasAgileVpn - ok
19:58:05.0068 0696 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:58:05.0099 0696 RasAuto - ok
19:58:05.0130 0696 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:58:05.0177 0696 Rasl2tp - ok
19:58:05.0224 0696 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:58:05.0270 0696 RasMan - ok
19:58:05.0286 0696 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:58:05.0333 0696 RasPppoe - ok
19:58:05.0348 0696 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:58:05.0395 0696 RasSstp - ok
19:58:05.0442 0696 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:58:05.0520 0696 rdbss - ok
19:58:05.0536 0696 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:58:05.0551 0696 rdpbus - ok
19:58:05.0582 0696 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:58:05.0614 0696 RDPCDD - ok
19:58:05.0645 0696 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
19:58:05.0676 0696 RDPDR - ok
19:58:05.0692 0696 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:58:05.0723 0696 RDPENCDD - ok
19:58:05.0738 0696 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:58:05.0754 0696 RDPREFMP - ok
19:58:05.0801 0696 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
19:58:05.0848 0696 RDPWD - ok
19:58:05.0894 0696 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:58:05.0926 0696 rdyboost - ok
19:58:05.0957 0696 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:58:06.0035 0696 RemoteAccess - ok
19:58:06.0066 0696 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:58:06.0113 0696 RemoteRegistry - ok
19:58:06.0160 0696 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
19:58:06.0191 0696 RFCOMM - ok
19:58:06.0206 0696 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:58:06.0238 0696 RpcEptMapper - ok
19:58:06.0269 0696 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:58:06.0284 0696 RpcLocator - ok
19:58:06.0331 0696 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:58:06.0362 0696 RpcSs - ok
19:58:06.0409 0696 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:58:06.0440 0696 rspndr - ok
19:58:06.0472 0696 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
19:58:06.0503 0696 s3cap - ok
19:58:06.0518 0696 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:06.0534 0696 SamSs - ok
19:58:06.0581 0696 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:58:06.0596 0696 sbp2port - ok
19:58:06.0628 0696 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:58:06.0659 0696 SCardSvr - ok
19:58:06.0674 0696 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:58:06.0721 0696 scfilter - ok
19:58:06.0784 0696 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:58:06.0877 0696 Schedule - ok
19:58:06.0893 0696 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:58:06.0924 0696 SCPolicySvc - ok
19:58:06.0955 0696 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:58:07.0002 0696 SDRSVC - ok
19:58:07.0033 0696 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:58:07.0080 0696 secdrv - ok
19:58:07.0111 0696 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:58:07.0142 0696 seclogon - ok
19:58:07.0174 0696 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:58:07.0220 0696 SENS - ok
19:58:07.0252 0696 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:58:07.0283 0696 SensrSvc - ok
19:58:07.0298 0696 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:58:07.0314 0696 Serenum - ok
19:58:07.0330 0696 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:58:07.0361 0696 Serial - ok
19:58:07.0376 0696 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:58:07.0408 0696 sermouse - ok
19:58:07.0439 0696 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:58:07.0486 0696 SessionEnv - ok
19:58:07.0517 0696 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:58:07.0548 0696 sffdisk - ok
19:58:07.0564 0696 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:58:07.0595 0696 sffp_mmc - ok
19:58:07.0610 0696 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:58:07.0626 0696 sffp_sd - ok
19:58:07.0657 0696 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:58:07.0673 0696 sfloppy - ok
19:58:07.0720 0696 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:58:07.0766 0696 SharedAccess - ok
19:58:07.0813 0696 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:58:07.0891 0696 ShellHWDetection - ok
19:58:07.0922 0696 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:58:07.0922 0696 sisagp - ok
19:58:07.0954 0696 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:58:07.0969 0696 SiSRaid2 - ok
19:58:07.0985 0696 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:58:08.0000 0696 SiSRaid4 - ok
19:58:08.0266 0696 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:58:08.0344 0696 Skype C2C Service - ok
19:58:08.0453 0696 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
19:58:08.0468 0696 SkypeUpdate - ok
19:58:08.0609 0696 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:58:08.0640 0696 Smb - ok
19:58:08.0687 0696 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:58:08.0702 0696 SNMPTRAP - ok
19:58:08.0765 0696 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\Windows\system32\speedfan.sys
19:58:08.0780 0696 speedfan - ok
19:58:08.0812 0696 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:58:08.0827 0696 spldr - ok
19:58:08.0874 0696 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:58:08.0921 0696 Spooler - ok
19:58:09.0108 0696 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:58:09.0202 0696 sppsvc - ok
19:58:09.0295 0696 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:58:09.0342 0696 sppuinotify - ok
19:58:09.0404 0696 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:58:09.0451 0696 srv - ok
19:58:09.0467 0696 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:58:09.0498 0696 srv2 - ok
19:58:09.0529 0696 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:58:09.0545 0696 srvnet - ok
19:58:09.0576 0696 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:58:09.0623 0696 SSDPSRV - ok
19:58:09.0670 0696 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:58:09.0685 0696 ssmdrv - ok
19:58:09.0701 0696 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:58:09.0763 0696 SstpSvc - ok
19:58:09.0794 0696 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:58:09.0794 0696 stexstor - ok
19:58:09.0841 0696 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:58:09.0888 0696 StiSvc - ok
19:58:09.0919 0696 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
19:58:09.0935 0696 storflt - ok
19:58:09.0966 0696 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
19:58:09.0997 0696 StorSvc - ok
19:58:10.0013 0696 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
19:58:10.0028 0696 storvsc - ok
19:58:10.0044 0696 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:58:10.0060 0696 swenum - ok
19:58:10.0106 0696 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:58:10.0138 0696 swprv - ok
19:58:10.0231 0696 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:58:10.0294 0696 SysMain - ok
19:58:10.0325 0696 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:58:10.0356 0696 TabletInputService - ok
19:58:10.0387 0696 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:58:10.0418 0696 TapiSrv - ok
19:58:10.0450 0696 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:58:10.0496 0696 TBS - ok
19:58:10.0606 0696 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:58:10.0637 0696 Tcpip - ok
19:58:10.0668 0696 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:58:10.0699 0696 TCPIP6 - ok
19:58:10.0808 0696 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:58:10.0871 0696 tcpipreg - ok
19:58:10.0902 0696 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:58:10.0933 0696 TDPIPE - ok
19:58:10.0949 0696 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:58:10.0964 0696 TDTCP - ok
19:58:10.0996 0696 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:58:11.0042 0696 tdx - ok
19:58:11.0074 0696 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:58:11.0089 0696 TermDD - ok
19:58:11.0152 0696 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:58:11.0198 0696 TermService - ok
19:58:11.0230 0696 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:58:11.0261 0696 Themes - ok
19:58:11.0292 0696 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:58:11.0323 0696 THREADORDER - ok
19:58:11.0339 0696 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:58:11.0386 0696 TrkWks - ok
19:58:11.0448 0696 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:58:11.0510 0696 TrustedInstaller - ok
19:58:11.0542 0696 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:11.0573 0696 tssecsrv - ok
19:58:11.0620 0696 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:58:11.0651 0696 TsUsbFlt - ok
19:58:11.0698 0696 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:58:11.0744 0696 tunnel - ok
19:58:11.0760 0696 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:58:11.0776 0696 uagp35 - ok
19:58:11.0807 0696 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:58:11.0854 0696 udfs - ok
19:58:11.0900 0696 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:58:11.0932 0696 UI0Detect - ok
19:58:11.0963 0696 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:58:11.0994 0696 uliagpkx - ok
19:58:12.0025 0696 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
19:58:12.0072 0696 umbus - ok
19:58:12.0119 0696 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:58:12.0150 0696 UmPass - ok
19:58:12.0181 0696 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
19:58:12.0212 0696 UmRdpService - ok
19:58:12.0259 0696 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:58:12.0306 0696 upnphost - ok
19:58:12.0337 0696 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
19:58:12.0368 0696 usbaudio - ok
19:58:12.0400 0696 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:12.0446 0696 usbccgp - ok
19:58:12.0478 0696 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:58:12.0509 0696 usbcir - ok
19:58:12.0540 0696 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
19:58:12.0556 0696 usbehci - ok
19:58:12.0587 0696 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:58:12.0618 0696 usbhub - ok
19:58:12.0634 0696 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
19:58:12.0649 0696 usbohci - ok
19:58:12.0696 0696 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:58:12.0712 0696 usbprint - ok
19:58:12.0727 0696 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:58:12.0758 0696 usbscan - ok
19:58:12.0774 0696 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:58:12.0805 0696 USBSTOR - ok
19:58:12.0805 0696 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
19:58:12.0821 0696 usbuhci - ok
19:58:12.0852 0696 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:58:12.0883 0696 UxSms - ok
19:58:12.0914 0696 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:12.0930 0696 VaultSvc - ok
19:58:12.0946 0696 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:58:12.0961 0696 vdrvroot - ok
19:58:13.0008 0696 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:58:13.0055 0696 vds - ok
19:58:13.0086 0696 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:13.0102 0696 vga - ok
19:58:13.0117 0696 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:58:13.0148 0696 VgaSave - ok
19:58:13.0195 0696 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:58:13.0211 0696 vhdmp - ok
19:58:13.0226 0696 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:58:13.0242 0696 viaagp - ok
19:58:13.0258 0696 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:58:13.0289 0696 ViaC7 - ok
19:58:13.0304 0696 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:58:13.0320 0696 viaide - ok
19:58:13.0351 0696 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
19:58:13.0367 0696 vmbus - ok
19:58:13.0382 0696 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
19:58:13.0398 0696 VMBusHID - ok
19:58:13.0414 0696 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:58:13.0429 0696 volmgr - ok
19:58:13.0460 0696 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:58:13.0476 0696 volmgrx - ok
19:58:13.0507 0696 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:58:13.0523 0696 volsnap - ok
19:58:13.0554 0696 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:58:13.0570 0696 vsmraid - ok
19:58:13.0648 0696 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:58:13.0694 0696 VSS - ok
19:58:13.0726 0696 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:58:13.0741 0696 vwifibus - ok
19:58:13.0788 0696 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:58:13.0835 0696 W32Time - ok
19:58:13.0866 0696 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:58:13.0897 0696 WacomPen - ok
19:58:13.0928 0696 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:58:14.0006 0696 WANARP - ok
19:58:14.0006 0696 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:58:14.0053 0696 Wanarpv6 - ok
19:58:14.0162 0696 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:58:14.0225 0696 wbengine - ok
19:58:14.0256 0696 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:58:14.0287 0696 WbioSrvc - ok
19:58:14.0350 0696 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
19:58:14.0365 0696 WcesComm - ok
19:58:14.0412 0696 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:58:14.0443 0696 wcncsvc - ok
19:58:14.0459 0696 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:58:14.0506 0696 WcsPlugInService - ok
19:58:14.0568 0696 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:58:14.0599 0696 Wd - ok
19:58:14.0630 0696 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:58:14.0662 0696 Wdf01000 - ok
19:58:14.0677 0696 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:58:14.0724 0696 WdiServiceHost - ok
19:58:14.0724 0696 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:58:14.0755 0696 WdiSystemHost - ok
19:58:14.0786 0696 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:58:14.0818 0696 WebClient - ok
19:58:14.0833 0696 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:58:14.0864 0696 Wecsvc - ok
19:58:14.0864 0696 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:58:14.0896 0696 wercplsupport - ok
19:58:14.0927 0696 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:58:14.0958 0696 WerSvc - ok
19:58:14.0989 0696 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:15.0005 0696 WfpLwf - ok
19:58:15.0020 0696 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:58:15.0036 0696 WIMMount - ok
19:58:15.0130 0696 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:58:15.0192 0696 WinDefend - ok
19:58:15.0223 0696 WinHttpAutoProxySvc - ok
19:58:15.0286 0696 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:58:15.0317 0696 Winmgmt - ok
19:58:15.0395 0696 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:58:15.0457 0696 WinRM - ok
19:58:15.0520 0696 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
19:58:15.0566 0696 WinUsb - ok
19:58:15.0660 0696 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:58:15.0691 0696 Wlansvc - ok
19:58:15.0722 0696 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:58:15.0738 0696 WmiAcpi - ok
19:58:15.0800 0696 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:58:15.0832 0696 wmiApSrv - ok
19:58:15.0956 0696 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:58:16.0003 0696 WMPNetworkSvc - ok
19:58:16.0019 0696 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:58:16.0066 0696 WPCSvc - ok
19:58:16.0097 0696 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:58:16.0128 0696 WPDBusEnum - ok
19:58:16.0175 0696 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:58:16.0222 0696 ws2ifsl - ok
19:58:16.0253 0696 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:58:16.0284 0696 wscsvc - ok
19:58:16.0284 0696 WSearch - ok
19:58:16.0409 0696 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:58:16.0456 0696 wuauserv - ok
19:58:16.0596 0696 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:58:16.0627 0696 WudfPf - ok
19:58:16.0674 0696 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:16.0705 0696 WUDFRd - ok
19:58:16.0736 0696 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:58:16.0768 0696 wudfsvc - ok
19:58:16.0799 0696 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:58:16.0846 0696 WwanSvc - ok
19:58:16.0877 0696 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:58:17.0189 0696 \Device\Harddisk0\DR0 - ok
19:58:17.0204 0696 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:58:17.0267 0696 \Device\Harddisk1\DR1 - ok
19:58:17.0298 0696 Boot (0x1200) (9886de89c5c5d3c69595bc4452f700ed) \Device\Harddisk0\DR0\Partition0
19:58:17.0298 0696 \Device\Harddisk0\DR0\Partition0 - ok
19:58:17.0314 0696 Boot (0x1200) (67535f5cbdfbd0f6102ccaff19ac2328) \Device\Harddisk1\DR1\Partition0
19:58:17.0329 0696 \Device\Harddisk1\DR1\Partition0 - ok
19:58:17.0329 0696 ============================================================
19:58:17.0329 0696 Scan finished
19:58:17.0329 0696 ============================================================
19:58:17.0329 4000 Detected object count: 1
19:58:17.0329 4000 Actual detected object count: 1
19:59:27.0139 4000 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
19:59:27.0139 4000 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 13.08.2012, 19:36

Die Logs bitte in CODE-Tags posten!!!

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

hai123 · 13.08.2012, 20:04

Die Logs bitte in CODE-Tags posten!!!
Sorry - wie geht das?

Na, habs doch noch geschafft:
hier bitte

Code:

ATTFilter

19:52:58.0277 0876	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:52:58.0449 0876	============================================================
19:52:58.0449 0876	Current date / time: 2012/08/13 19:52:58.0449
19:52:58.0449 0876	SystemInfo:
19:52:58.0449 0876	
19:52:58.0449 0876	OS Version: 6.1.7601 ServicePack: 1.0
19:52:58.0449 0876	Product type: Workstation
19:52:58.0449 0876	ComputerName: ROLAND-PC
19:52:58.0449 0876	UserName: Roland 
19:52:58.0449 0876	Windows directory: C:\Windows
19:52:58.0449 0876	System windows directory: C:\Windows
19:52:58.0449 0876	Processor architecture: Intel x86
19:52:58.0449 0876	Number of processors: 2
19:52:58.0449 0876	Page size: 0x1000
19:52:58.0449 0876	Boot type: Normal boot
19:52:58.0449 0876	============================================================
19:53:00.0695 0876	Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:53:00.0695 0876	Drive \Device\Harddisk1\DR1 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:53:00.0695 0876	============================================================
19:53:00.0695 0876	\Device\Harddisk0\DR0:
19:53:00.0695 0876	MBR partitions:
19:53:00.0695 0876	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E937800
19:53:00.0695 0876	\Device\Harddisk1\DR1:
19:53:00.0695 0876	MBR partitions:
19:53:00.0695 0876	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4000
19:53:00.0695 0876	============================================================
19:53:00.0726 0876	C: <-> \Device\Harddisk0\DR0\Partition0
19:53:00.0726 0876	F: <-> \Device\Harddisk1\DR1\Partition0
19:53:00.0726 0876	============================================================
19:53:00.0726 0876	Initialize success
19:53:00.0726 0876	============================================================
19:57:44.0554 0696	============================================================
19:57:44.0554 0696	Scan started
19:57:44.0554 0696	Mode: Manual; SigCheck; TDLFS; 
19:57:44.0554 0696	============================================================
19:57:44.0975 0696	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:57:45.0068 0696	1394ohci - ok
19:57:45.0162 0696	AAV UpdateService (7eeb488346fbfa3731276c3ee8a8fd9e) C:\Program Files\AAVUpdateManager\aavus.exe
19:57:45.0162 0696	AAV UpdateService - ok
19:57:45.0224 0696	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:57:45.0240 0696	ACPI - ok
19:57:45.0287 0696	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:57:45.0334 0696	AcpiPmi - ok
19:57:45.0427 0696	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:57:45.0443 0696	AdobeARMservice - ok
19:57:45.0521 0696	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:45.0536 0696	AdobeFlashPlayerUpdateSvc - ok
19:57:45.0599 0696	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:57:45.0614 0696	adp94xx - ok
19:57:45.0646 0696	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:57:45.0661 0696	adpahci - ok
19:57:45.0677 0696	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:57:45.0692 0696	adpu320 - ok
19:57:45.0724 0696	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:57:45.0786 0696	AeLookupSvc - ok
19:57:45.0833 0696	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:57:45.0895 0696	AFD - ok
19:57:45.0926 0696	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:57:45.0942 0696	agp440 - ok
19:57:45.0989 0696	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:57:45.0989 0696	aic78xx - ok
19:57:46.0036 0696	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:57:46.0082 0696	ALG - ok
19:57:46.0114 0696	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:57:46.0129 0696	aliide - ok
19:57:46.0176 0696	AMD External Events Utility (50ebbb86e493bd9ab7ddf914a90eef8e) C:\Windows\system32\atiesrxx.exe
19:57:46.0223 0696	AMD External Events Utility - ok
19:57:46.0316 0696	AMD FUEL Service - ok
19:57:46.0348 0696	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:57:46.0379 0696	amdagp - ok
19:57:46.0410 0696	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:57:46.0426 0696	amdide - ok
19:57:46.0441 0696	amdiox86        (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
19:57:46.0457 0696	amdiox86 - ok
19:57:46.0519 0696	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:57:46.0582 0696	AmdK8 - ok
19:57:47.0159 0696	amdkmdag        (70eb74785ab7fc603fef19d87b7a7946) C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:47.0424 0696	amdkmdag - ok
19:57:47.0580 0696	amdkmdap        (ba99833bbde9c4ff389fc8114fb14843) C:\Windows\system32\DRIVERS\atikmpag.sys
19:57:47.0627 0696	amdkmdap - ok
19:57:47.0674 0696	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:57:47.0705 0696	AmdPPM - ok
19:57:47.0736 0696	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:57:47.0752 0696	amdsata - ok
19:57:47.0783 0696	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:57:47.0798 0696	amdsbs - ok
19:57:47.0814 0696	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:57:47.0830 0696	amdxata - ok
19:57:47.0939 0696	AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:57:47.0954 0696	AntiVirSchedulerService - ok
19:57:47.0986 0696	AntiVirService  (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:57:48.0001 0696	AntiVirService - ok
19:57:48.0032 0696	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:57:48.0142 0696	AppID - ok
19:57:48.0188 0696	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:57:48.0235 0696	AppIDSvc - ok
19:57:48.0251 0696	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:57:48.0298 0696	Appinfo - ok
19:57:48.0329 0696	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
19:57:48.0376 0696	AppMgmt - ok
19:57:48.0407 0696	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:57:48.0422 0696	arc - ok
19:57:48.0438 0696	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:57:48.0454 0696	arcsas - ok
19:57:48.0485 0696	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:48.0578 0696	AsyncMac - ok
19:57:48.0625 0696	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:57:48.0656 0696	atapi - ok
19:57:48.0719 0696	AtiHDAudioService (6adc42cf4a6ab84975ca63dccfaaf5d8) C:\Windows\system32\drivers\AtihdW73.sys
19:57:48.0719 0696	AtiHDAudioService - ok
19:57:49.0249 0696	atikmdag        (70eb74785ab7fc603fef19d87b7a7946) C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:49.0390 0696	atikmdag - ok
19:57:49.0514 0696	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:57:49.0561 0696	AudioEndpointBuilder - ok
19:57:49.0561 0696	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:57:49.0592 0696	Audiosrv - ok
19:57:49.0670 0696	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
19:57:49.0686 0696	avgntflt - ok
19:57:49.0733 0696	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
19:57:49.0748 0696	avipbb - ok
19:57:49.0764 0696	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:57:49.0780 0696	avkmgr - ok
19:57:49.0811 0696	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:57:49.0873 0696	AxInstSV - ok
19:57:49.0920 0696	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:57:49.0967 0696	b06bdrv - ok
19:57:50.0014 0696	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:57:50.0029 0696	b57nd60x - ok
19:57:50.0076 0696	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:57:50.0107 0696	BDESVC - ok
19:57:50.0123 0696	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:57:50.0170 0696	Beep - ok
19:57:50.0232 0696	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:57:50.0279 0696	BFE - ok
19:57:50.0326 0696	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:57:50.0372 0696	BITS - ok
19:57:50.0404 0696	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:57:50.0435 0696	blbdrive - ok
19:57:50.0450 0696	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:57:50.0497 0696	bowser - ok
19:57:50.0513 0696	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:57:50.0560 0696	BrFiltLo - ok
19:57:50.0575 0696	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:57:50.0622 0696	BrFiltUp - ok
19:57:50.0653 0696	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:57:50.0700 0696	Browser - ok
19:57:50.0731 0696	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:57:50.0762 0696	Brserid - ok
19:57:50.0778 0696	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:50.0809 0696	BrSerWdm - ok
19:57:50.0840 0696	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:50.0872 0696	BrUsbMdm - ok
19:57:50.0887 0696	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:50.0918 0696	BrUsbSer - ok
19:57:50.0950 0696	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
19:57:50.0996 0696	BthEnum - ok
19:57:51.0028 0696	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:57:51.0043 0696	BTHMODEM - ok
19:57:51.0074 0696	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
19:57:51.0090 0696	BthPan - ok
19:57:51.0137 0696	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
19:57:51.0168 0696	BTHPORT - ok
19:57:51.0199 0696	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:57:51.0246 0696	bthserv - ok
19:57:51.0262 0696	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
19:57:51.0293 0696	BTHUSB - ok
19:57:51.0324 0696	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:57:51.0371 0696	cdfs - ok
19:57:51.0418 0696	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
19:57:51.0449 0696	cdrom - ok
19:57:51.0480 0696	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:57:51.0527 0696	CertPropSvc - ok
19:57:51.0542 0696	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:57:51.0558 0696	circlass - ok
19:57:51.0792 0696	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:57:51.0823 0696	CLFS - ok
19:57:51.0886 0696	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:51.0901 0696	clr_optimization_v2.0.50727_32 - ok
19:57:51.0964 0696	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:51.0979 0696	clr_optimization_v4.0.30319_32 - ok
19:57:51.0995 0696	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:57:52.0010 0696	CmBatt - ok
19:57:52.0042 0696	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:57:52.0042 0696	cmdide - ok
19:57:52.0088 0696	CNG             (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
19:57:52.0120 0696	CNG - ok
19:57:52.0135 0696	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:57:52.0151 0696	Compbatt - ok
19:57:52.0198 0696	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:57:52.0213 0696	CompositeBus - ok
19:57:52.0213 0696	COMSysApp - ok
19:57:52.0229 0696	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:57:52.0244 0696	crcdisk - ok
19:57:52.0276 0696	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
19:57:52.0338 0696	CryptSvc - ok
19:57:52.0385 0696	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
19:57:52.0432 0696	CSC - ok
19:57:52.0478 0696	CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
19:57:52.0510 0696	CscService - ok
19:57:52.0541 0696	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:57:52.0603 0696	DcomLaunch - ok
19:57:52.0634 0696	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:57:52.0681 0696	defragsvc - ok
19:57:52.0744 0696	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:57:52.0822 0696	DfsC - ok
19:57:52.0868 0696	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:57:52.0915 0696	Dhcp - ok
19:57:52.0946 0696	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:57:52.0993 0696	discache - ok
19:57:53.0040 0696	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:57:53.0040 0696	Disk - ok
19:57:53.0071 0696	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:57:53.0118 0696	Dnscache - ok
19:57:53.0149 0696	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:57:53.0196 0696	dot3svc - ok
19:57:53.0227 0696	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:57:53.0274 0696	DPS - ok
19:57:53.0321 0696	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:57:53.0336 0696	drmkaud - ok
19:57:53.0414 0696	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:57:53.0430 0696	DXGKrnl - ok
19:57:53.0461 0696	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:57:53.0508 0696	EapHost - ok
19:57:53.0711 0696	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:57:53.0804 0696	ebdrv - ok
19:57:53.0898 0696	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:57:53.0945 0696	EFS - ok
19:57:54.0007 0696	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:57:54.0054 0696	ehRecvr - ok
19:57:54.0085 0696	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:57:54.0132 0696	ehSched - ok
19:57:54.0210 0696	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:57:54.0257 0696	elxstor - ok
19:57:54.0272 0696	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:57:54.0304 0696	ErrDev - ok
19:57:54.0350 0696	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:57:54.0413 0696	EventSystem - ok
19:57:54.0428 0696	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:57:54.0475 0696	exfat - ok
19:57:54.0506 0696	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:57:54.0553 0696	fastfat - ok
19:57:54.0616 0696	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:57:54.0662 0696	Fax - ok
19:57:54.0694 0696	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:57:54.0725 0696	fdc - ok
19:57:54.0756 0696	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:57:54.0787 0696	fdPHost - ok
19:57:54.0803 0696	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:57:54.0850 0696	FDResPub - ok
19:57:54.0865 0696	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:57:54.0881 0696	FileInfo - ok
19:57:54.0896 0696	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:57:54.0928 0696	Filetrace - ok
19:57:54.0943 0696	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:57:54.0959 0696	flpydisk - ok
19:57:54.0990 0696	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:57:55.0006 0696	FltMgr - ok
19:57:55.0084 0696	FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:57:55.0162 0696	FontCache - ok
19:57:55.0240 0696	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:57:55.0255 0696	FontCache3.0.0.0 - ok
19:57:55.0271 0696	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:57:55.0286 0696	FsDepends - ok
19:57:55.0302 0696	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:57:55.0318 0696	Fs_Rec - ok
19:57:55.0364 0696	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:57:55.0380 0696	fvevol - ok
19:57:55.0411 0696	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:57:55.0427 0696	gagp30kx - ok
19:57:55.0474 0696	giveio          (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
19:57:55.0474 0696	giveio ( UnsignedFile.Multi.Generic ) - warning
19:57:55.0474 0696	giveio - detected UnsignedFile.Multi.Generic (1)
19:57:55.0536 0696	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:57:55.0583 0696	gpsvc - ok
19:57:55.0692 0696	gupdate         (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:55.0723 0696	gupdate - ok
19:57:55.0723 0696	gupdatem        (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:55.0739 0696	gupdatem - ok
19:57:55.0770 0696	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:57:55.0801 0696	hcw85cir - ok
19:57:55.0864 0696	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
19:57:55.0895 0696	HdAudAddService - ok
19:57:55.0942 0696	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:57:55.0973 0696	HDAudBus - ok
19:57:55.0988 0696	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:57:56.0004 0696	HidBatt - ok
19:57:56.0035 0696	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:57:56.0066 0696	HidBth - ok
19:57:56.0098 0696	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:57:56.0144 0696	HidIr - ok
19:57:56.0176 0696	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:57:56.0207 0696	hidserv - ok
19:57:56.0269 0696	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
19:57:56.0285 0696	HidUsb - ok
19:57:56.0300 0696	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:57:56.0347 0696	hkmsvc - ok
19:57:56.0378 0696	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:57:56.0425 0696	HomeGroupListener - ok
19:57:56.0456 0696	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:57:56.0488 0696	HomeGroupProvider - ok
19:57:56.0534 0696	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:57:56.0550 0696	HpSAMD - ok
19:57:56.0597 0696	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:57:56.0628 0696	HTTP - ok
19:57:56.0659 0696	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:57:56.0675 0696	hwpolicy - ok
19:57:56.0722 0696	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:57:56.0737 0696	i8042prt - ok
19:57:56.0800 0696	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:57:56.0846 0696	iaStorV - ok
19:57:56.0956 0696	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:57:57.0002 0696	idsvc - ok
19:57:57.0034 0696	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:57:57.0034 0696	iirsp - ok
19:57:57.0112 0696	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:57:57.0174 0696	IKEEXT - ok
19:57:57.0205 0696	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:57:57.0221 0696	intelide - ok
19:57:57.0236 0696	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:57:57.0268 0696	intelppm - ok
19:57:57.0299 0696	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:57:57.0330 0696	IPBusEnum - ok
19:57:57.0346 0696	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:57:57.0392 0696	IpFilterDriver - ok
19:57:57.0455 0696	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:57:57.0517 0696	iphlpsvc - ok
19:57:57.0548 0696	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:57:57.0580 0696	IPMIDRV - ok
19:57:57.0595 0696	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:57:57.0642 0696	IPNAT - ok
19:57:57.0673 0696	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:57:57.0689 0696	IRENUM - ok
19:57:57.0736 0696	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:57:57.0751 0696	isapnp - ok
19:57:57.0767 0696	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:57:57.0798 0696	iScsiPrt - ok
19:57:57.0829 0696	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:57:57.0829 0696	kbdclass - ok
19:57:57.0860 0696	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
19:57:57.0892 0696	kbdhid - ok
19:57:57.0907 0696	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:57:57.0923 0696	KeyIso - ok
19:57:57.0938 0696	KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
19:57:57.0954 0696	KSecDD - ok
19:57:57.0985 0696	KSecPkg         (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
19:57:58.0001 0696	KSecPkg - ok
19:57:58.0048 0696	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:57:58.0079 0696	KtmRm - ok
19:57:58.0141 0696	L8042Kbd        (d88846f9f4f27ae9be584a6e5b6b8753) C:\Windows\system32\DRIVERS\L8042Kbd.sys
19:57:58.0157 0696	L8042Kbd - ok
19:57:58.0204 0696	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:57:58.0250 0696	LanmanServer - ok
19:57:58.0266 0696	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:57:58.0313 0696	LanmanWorkstation - ok
19:57:58.0375 0696	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:57:58.0422 0696	lltdio - ok
19:57:58.0453 0696	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:57:58.0500 0696	lltdsvc - ok
19:57:58.0516 0696	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:57:58.0547 0696	lmhosts - ok
19:57:58.0578 0696	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:57:58.0594 0696	LSI_FC - ok
19:57:58.0609 0696	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:57:58.0625 0696	LSI_SAS - ok
19:57:58.0656 0696	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:57:58.0656 0696	LSI_SAS2 - ok
19:57:58.0687 0696	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:57:58.0703 0696	LSI_SCSI - ok
19:57:58.0718 0696	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:57:58.0750 0696	luafv - ok
19:57:58.0796 0696	LVUSBSta        (9e9306063ecd8aa91b3fb76678d3cee2) C:\Windows\system32\drivers\LVUSBSta.sys
19:57:58.0812 0696	LVUSBSta - ok
19:57:58.0828 0696	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:57:58.0843 0696	Mcx2Svc - ok
19:57:58.0859 0696	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:57:58.0874 0696	megasas - ok
19:57:58.0906 0696	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:57:58.0921 0696	MegaSR - ok
19:57:58.0952 0696	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:57:58.0999 0696	MMCSS - ok
19:57:59.0015 0696	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:57:59.0062 0696	Modem - ok
19:57:59.0077 0696	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:57:59.0108 0696	monitor - ok
19:57:59.0140 0696	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:57:59.0155 0696	mouclass - ok
19:57:59.0186 0696	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:57:59.0218 0696	mouhid - ok
19:57:59.0249 0696	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:57:59.0264 0696	mountmgr - ok
19:57:59.0389 0696	MozillaMaintenance (c1b935882344f9db73168611ebda1c11) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:57:59.0405 0696	MozillaMaintenance - ok
19:57:59.0436 0696	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:57:59.0452 0696	mpio - ok
19:57:59.0467 0696	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:57:59.0514 0696	mpsdrv - ok
19:57:59.0576 0696	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:57:59.0623 0696	MpsSvc - ok
19:57:59.0654 0696	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:57:59.0686 0696	MRxDAV - ok
19:57:59.0717 0696	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:57:59.0764 0696	mrxsmb - ok
19:57:59.0795 0696	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:57:59.0826 0696	mrxsmb10 - ok
19:57:59.0857 0696	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:57:59.0873 0696	mrxsmb20 - ok
19:57:59.0888 0696	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:57:59.0904 0696	msahci - ok
19:57:59.0935 0696	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:57:59.0951 0696	msdsm - ok
19:57:59.0982 0696	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:58:00.0013 0696	MSDTC - ok
19:58:00.0060 0696	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:58:00.0076 0696	Msfs - ok
19:58:00.0091 0696	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:58:00.0138 0696	mshidkmdf - ok
19:58:00.0169 0696	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:58:00.0185 0696	msisadrv - ok
19:58:00.0216 0696	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:58:00.0263 0696	MSiSCSI - ok
19:58:00.0263 0696	msiserver - ok
19:58:00.0294 0696	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:58:00.0325 0696	MSKSSRV - ok
19:58:00.0325 0696	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:58:00.0372 0696	MSPCLOCK - ok
19:58:00.0388 0696	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:58:00.0434 0696	MSPQM - ok
19:58:00.0450 0696	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:58:00.0481 0696	MsRPC - ok
19:58:00.0497 0696	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:58:00.0512 0696	mssmbios - ok
19:58:00.0528 0696	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:58:00.0559 0696	MSTEE - ok
19:58:00.0559 0696	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:58:00.0575 0696	MTConfig - ok
19:58:00.0606 0696	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:58:00.0622 0696	Mup - ok
19:58:00.0653 0696	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:58:00.0700 0696	napagent - ok
19:58:00.0731 0696	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:58:00.0762 0696	NativeWifiP - ok
19:58:00.0824 0696	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:58:00.0856 0696	NDIS - ok
19:58:00.0887 0696	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:58:00.0934 0696	NdisCap - ok
19:58:00.0949 0696	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:58:00.0996 0696	NdisTapi - ok
19:58:01.0043 0696	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:58:01.0074 0696	Ndisuio - ok
19:58:01.0121 0696	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:58:01.0152 0696	NdisWan - ok
19:58:01.0168 0696	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:58:01.0199 0696	NDProxy - ok
19:58:01.0214 0696	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:58:01.0261 0696	NetBIOS - ok
19:58:01.0308 0696	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:58:01.0339 0696	NetBT - ok
19:58:01.0355 0696	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:01.0370 0696	Netlogon - ok
19:58:01.0417 0696	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:58:01.0511 0696	Netman - ok
19:58:01.0542 0696	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:58:01.0589 0696	netprofm - ok
19:58:01.0667 0696	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:58:01.0682 0696	NetTcpPortSharing - ok
19:58:01.0714 0696	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:58:01.0729 0696	nfrd960 - ok
19:58:01.0776 0696	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:58:01.0807 0696	NlaSvc - ok
19:58:01.0854 0696	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:58:01.0901 0696	Npfs - ok
19:58:01.0916 0696	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:58:01.0948 0696	nsi - ok
19:58:01.0963 0696	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:58:01.0994 0696	nsiproxy - ok
19:58:02.0088 0696	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:58:02.0119 0696	Ntfs - ok
19:58:02.0135 0696	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:58:02.0182 0696	Null - ok
19:58:02.0228 0696	NVENETFD        (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
19:58:02.0275 0696	NVENETFD - ok
19:58:02.0322 0696	NVNET           (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
19:58:02.0338 0696	NVNET - ok
19:58:02.0369 0696	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:58:02.0384 0696	nvraid - ok
19:58:02.0416 0696	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:58:02.0416 0696	nvstor - ok
19:58:02.0447 0696	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:58:02.0462 0696	nv_agp - ok
19:58:02.0478 0696	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:58:02.0509 0696	ohci1394 - ok
19:58:02.0556 0696	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:58:02.0618 0696	p2pimsvc - ok
19:58:02.0665 0696	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:58:02.0696 0696	p2psvc - ok
19:58:02.0743 0696	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:58:02.0759 0696	Parport - ok
19:58:02.0790 0696	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:58:02.0806 0696	partmgr - ok
19:58:02.0821 0696	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:58:02.0852 0696	Parvdm - ok
19:58:02.0868 0696	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:58:02.0884 0696	PcaSvc - ok
19:58:02.0915 0696	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:58:02.0930 0696	pci - ok
19:58:02.0946 0696	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:58:02.0962 0696	pciide - ok
19:58:02.0977 0696	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:58:03.0008 0696	pcmcia - ok
19:58:03.0024 0696	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:58:03.0040 0696	pcw - ok
19:58:03.0102 0696	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:58:03.0149 0696	PEAUTH - ok
19:58:03.0227 0696	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
19:58:03.0305 0696	PeerDistSvc - ok
19:58:03.0367 0696	pepifilter      (d30eda6e1ab3c8c82f2ca085ab79040a) C:\Windows\system32\DRIVERS\lv302af.sys
19:58:03.0383 0696	pepifilter - ok
19:58:03.0476 0696	PID_PEPI        (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\Windows\system32\DRIVERS\LV302V32.SYS
19:58:03.0523 0696	PID_PEPI - ok
19:58:03.0617 0696	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:58:03.0664 0696	pla - ok
19:58:03.0804 0696	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:58:03.0835 0696	PlugPlay - ok
19:58:03.0866 0696	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:58:03.0882 0696	PNRPAutoReg - ok
19:58:03.0913 0696	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:58:03.0929 0696	PNRPsvc - ok
19:58:03.0976 0696	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:58:04.0007 0696	PolicyAgent - ok
19:58:04.0054 0696	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:58:04.0085 0696	Power - ok
19:58:04.0163 0696	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:58:04.0225 0696	PptpMiniport - ok
19:58:04.0241 0696	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:58:04.0288 0696	Processor - ok
19:58:04.0319 0696	ProfSvc         (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
19:58:04.0366 0696	ProfSvc - ok
19:58:04.0397 0696	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:04.0412 0696	ProtectedStorage - ok
19:58:04.0444 0696	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:58:04.0475 0696	Psched - ok
19:58:04.0553 0696	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:58:04.0600 0696	ql2300 - ok
19:58:04.0709 0696	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:58:04.0740 0696	ql40xx - ok
19:58:04.0771 0696	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:58:04.0787 0696	QWAVE - ok
19:58:04.0802 0696	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:58:04.0818 0696	QWAVEdrv - ok
19:58:04.0880 0696	RapiMgr         (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
19:58:04.0896 0696	RapiMgr - ok
19:58:04.0912 0696	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:58:04.0958 0696	RasAcd - ok
19:58:04.0990 0696	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:58:05.0036 0696	RasAgileVpn - ok
19:58:05.0068 0696	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:58:05.0099 0696	RasAuto - ok
19:58:05.0130 0696	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:58:05.0177 0696	Rasl2tp - ok
19:58:05.0224 0696	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:58:05.0270 0696	RasMan - ok
19:58:05.0286 0696	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:58:05.0333 0696	RasPppoe - ok
19:58:05.0348 0696	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:58:05.0395 0696	RasSstp - ok
19:58:05.0442 0696	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:58:05.0520 0696	rdbss - ok
19:58:05.0536 0696	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:58:05.0551 0696	rdpbus - ok
19:58:05.0582 0696	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:58:05.0614 0696	RDPCDD - ok
19:58:05.0645 0696	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
19:58:05.0676 0696	RDPDR - ok
19:58:05.0692 0696	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:58:05.0723 0696	RDPENCDD - ok
19:58:05.0738 0696	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:58:05.0754 0696	RDPREFMP - ok
19:58:05.0801 0696	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
19:58:05.0848 0696	RDPWD - ok
19:58:05.0894 0696	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:58:05.0926 0696	rdyboost - ok
19:58:05.0957 0696	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:58:06.0035 0696	RemoteAccess - ok
19:58:06.0066 0696	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:58:06.0113 0696	RemoteRegistry - ok
19:58:06.0160 0696	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
19:58:06.0191 0696	RFCOMM - ok
19:58:06.0206 0696	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:58:06.0238 0696	RpcEptMapper - ok
19:58:06.0269 0696	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:58:06.0284 0696	RpcLocator - ok
19:58:06.0331 0696	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:58:06.0362 0696	RpcSs - ok
19:58:06.0409 0696	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:58:06.0440 0696	rspndr - ok
19:58:06.0472 0696	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
19:58:06.0503 0696	s3cap - ok
19:58:06.0518 0696	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:06.0534 0696	SamSs - ok
19:58:06.0581 0696	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:58:06.0596 0696	sbp2port - ok
19:58:06.0628 0696	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:58:06.0659 0696	SCardSvr - ok
19:58:06.0674 0696	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:58:06.0721 0696	scfilter - ok
19:58:06.0784 0696	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:58:06.0877 0696	Schedule - ok
19:58:06.0893 0696	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:58:06.0924 0696	SCPolicySvc - ok
19:58:06.0955 0696	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:58:07.0002 0696	SDRSVC - ok
19:58:07.0033 0696	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:58:07.0080 0696	secdrv - ok
19:58:07.0111 0696	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:58:07.0142 0696	seclogon - ok
19:58:07.0174 0696	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:58:07.0220 0696	SENS - ok
19:58:07.0252 0696	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:58:07.0283 0696	SensrSvc - ok
19:58:07.0298 0696	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:58:07.0314 0696	Serenum - ok
19:58:07.0330 0696	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:58:07.0361 0696	Serial - ok
19:58:07.0376 0696	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:58:07.0408 0696	sermouse - ok
19:58:07.0439 0696	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:58:07.0486 0696	SessionEnv - ok
19:58:07.0517 0696	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:58:07.0548 0696	sffdisk - ok
19:58:07.0564 0696	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:58:07.0595 0696	sffp_mmc - ok
19:58:07.0610 0696	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:58:07.0626 0696	sffp_sd - ok
19:58:07.0657 0696	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:58:07.0673 0696	sfloppy - ok
19:58:07.0720 0696	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:58:07.0766 0696	SharedAccess - ok
19:58:07.0813 0696	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:58:07.0891 0696	ShellHWDetection - ok
19:58:07.0922 0696	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:58:07.0922 0696	sisagp - ok
19:58:07.0954 0696	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:58:07.0969 0696	SiSRaid2 - ok
19:58:07.0985 0696	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:58:08.0000 0696	SiSRaid4 - ok
19:58:08.0266 0696	Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:58:08.0344 0696	Skype C2C Service - ok
19:58:08.0453 0696	SkypeUpdate     (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
19:58:08.0468 0696	SkypeUpdate - ok
19:58:08.0609 0696	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:58:08.0640 0696	Smb - ok
19:58:08.0687 0696	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:58:08.0702 0696	SNMPTRAP - ok
19:58:08.0765 0696	speedfan        (3fa2e254bfbce52b3c6f1bf23aab6911) C:\Windows\system32\speedfan.sys
19:58:08.0780 0696	speedfan - ok
19:58:08.0812 0696	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:58:08.0827 0696	spldr - ok
19:58:08.0874 0696	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:58:08.0921 0696	Spooler - ok
19:58:09.0108 0696	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:58:09.0202 0696	sppsvc - ok
19:58:09.0295 0696	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:58:09.0342 0696	sppuinotify - ok
19:58:09.0404 0696	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:58:09.0451 0696	srv - ok
19:58:09.0467 0696	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:58:09.0498 0696	srv2 - ok
19:58:09.0529 0696	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:58:09.0545 0696	srvnet - ok
19:58:09.0576 0696	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:58:09.0623 0696	SSDPSRV - ok
19:58:09.0670 0696	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:58:09.0685 0696	ssmdrv - ok
19:58:09.0701 0696	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:58:09.0763 0696	SstpSvc - ok
19:58:09.0794 0696	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:58:09.0794 0696	stexstor - ok
19:58:09.0841 0696	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:58:09.0888 0696	StiSvc - ok
19:58:09.0919 0696	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
19:58:09.0935 0696	storflt - ok
19:58:09.0966 0696	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
19:58:09.0997 0696	StorSvc - ok
19:58:10.0013 0696	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
19:58:10.0028 0696	storvsc - ok
19:58:10.0044 0696	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:58:10.0060 0696	swenum - ok
19:58:10.0106 0696	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:58:10.0138 0696	swprv - ok
19:58:10.0231 0696	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:58:10.0294 0696	SysMain - ok
19:58:10.0325 0696	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:58:10.0356 0696	TabletInputService - ok
19:58:10.0387 0696	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:58:10.0418 0696	TapiSrv - ok
19:58:10.0450 0696	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:58:10.0496 0696	TBS - ok
19:58:10.0606 0696	Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:58:10.0637 0696	Tcpip - ok
19:58:10.0668 0696	TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:58:10.0699 0696	TCPIP6 - ok
19:58:10.0808 0696	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:58:10.0871 0696	tcpipreg - ok
19:58:10.0902 0696	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:58:10.0933 0696	TDPIPE - ok
19:58:10.0949 0696	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:58:10.0964 0696	TDTCP - ok
19:58:10.0996 0696	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:58:11.0042 0696	tdx - ok
19:58:11.0074 0696	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:58:11.0089 0696	TermDD - ok
19:58:11.0152 0696	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:58:11.0198 0696	TermService - ok
19:58:11.0230 0696	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:58:11.0261 0696	Themes - ok
19:58:11.0292 0696	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:58:11.0323 0696	THREADORDER - ok
19:58:11.0339 0696	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:58:11.0386 0696	TrkWks - ok
19:58:11.0448 0696	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:58:11.0510 0696	TrustedInstaller - ok
19:58:11.0542 0696	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:11.0573 0696	tssecsrv - ok
19:58:11.0620 0696	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:58:11.0651 0696	TsUsbFlt - ok
19:58:11.0698 0696	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:58:11.0744 0696	tunnel - ok
19:58:11.0760 0696	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:58:11.0776 0696	uagp35 - ok
19:58:11.0807 0696	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:58:11.0854 0696	udfs - ok
19:58:11.0900 0696	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:58:11.0932 0696	UI0Detect - ok
19:58:11.0963 0696	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:58:11.0994 0696	uliagpkx - ok
19:58:12.0025 0696	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
19:58:12.0072 0696	umbus - ok
19:58:12.0119 0696	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:58:12.0150 0696	UmPass - ok
19:58:12.0181 0696	UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
19:58:12.0212 0696	UmRdpService - ok
19:58:12.0259 0696	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:58:12.0306 0696	upnphost - ok
19:58:12.0337 0696	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
19:58:12.0368 0696	usbaudio - ok
19:58:12.0400 0696	usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:12.0446 0696	usbccgp - ok
19:58:12.0478 0696	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:58:12.0509 0696	usbcir - ok
19:58:12.0540 0696	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
19:58:12.0556 0696	usbehci - ok
19:58:12.0587 0696	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:58:12.0618 0696	usbhub - ok
19:58:12.0634 0696	usbohci         (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
19:58:12.0649 0696	usbohci - ok
19:58:12.0696 0696	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:58:12.0712 0696	usbprint - ok
19:58:12.0727 0696	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:58:12.0758 0696	usbscan - ok
19:58:12.0774 0696	USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:58:12.0805 0696	USBSTOR - ok
19:58:12.0805 0696	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
19:58:12.0821 0696	usbuhci - ok
19:58:12.0852 0696	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:58:12.0883 0696	UxSms - ok
19:58:12.0914 0696	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:58:12.0930 0696	VaultSvc - ok
19:58:12.0946 0696	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:58:12.0961 0696	vdrvroot - ok
19:58:13.0008 0696	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:58:13.0055 0696	vds - ok
19:58:13.0086 0696	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:13.0102 0696	vga - ok
19:58:13.0117 0696	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:58:13.0148 0696	VgaSave - ok
19:58:13.0195 0696	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:58:13.0211 0696	vhdmp - ok
19:58:13.0226 0696	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:58:13.0242 0696	viaagp - ok
19:58:13.0258 0696	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:58:13.0289 0696	ViaC7 - ok
19:58:13.0304 0696	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:58:13.0320 0696	viaide - ok
19:58:13.0351 0696	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
19:58:13.0367 0696	vmbus - ok
19:58:13.0382 0696	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
19:58:13.0398 0696	VMBusHID - ok
19:58:13.0414 0696	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:58:13.0429 0696	volmgr - ok
19:58:13.0460 0696	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:58:13.0476 0696	volmgrx - ok
19:58:13.0507 0696	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:58:13.0523 0696	volsnap - ok
19:58:13.0554 0696	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:58:13.0570 0696	vsmraid - ok
19:58:13.0648 0696	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:58:13.0694 0696	VSS - ok
19:58:13.0726 0696	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:58:13.0741 0696	vwifibus - ok
19:58:13.0788 0696	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:58:13.0835 0696	W32Time - ok
19:58:13.0866 0696	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:58:13.0897 0696	WacomPen - ok
19:58:13.0928 0696	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:58:14.0006 0696	WANARP - ok
19:58:14.0006 0696	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:58:14.0053 0696	Wanarpv6 - ok
19:58:14.0162 0696	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:58:14.0225 0696	wbengine - ok
19:58:14.0256 0696	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:58:14.0287 0696	WbioSrvc - ok
19:58:14.0350 0696	WcesComm        (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
19:58:14.0365 0696	WcesComm - ok
19:58:14.0412 0696	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:58:14.0443 0696	wcncsvc - ok
19:58:14.0459 0696	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:58:14.0506 0696	WcsPlugInService - ok
19:58:14.0568 0696	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:58:14.0599 0696	Wd - ok
19:58:14.0630 0696	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:58:14.0662 0696	Wdf01000 - ok
19:58:14.0677 0696	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:58:14.0724 0696	WdiServiceHost - ok
19:58:14.0724 0696	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:58:14.0755 0696	WdiSystemHost - ok
19:58:14.0786 0696	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:58:14.0818 0696	WebClient - ok
19:58:14.0833 0696	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:58:14.0864 0696	Wecsvc - ok
19:58:14.0864 0696	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:58:14.0896 0696	wercplsupport - ok
19:58:14.0927 0696	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:58:14.0958 0696	WerSvc - ok
19:58:14.0989 0696	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:15.0005 0696	WfpLwf - ok
19:58:15.0020 0696	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:58:15.0036 0696	WIMMount - ok
19:58:15.0130 0696	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:58:15.0192 0696	WinDefend - ok
19:58:15.0223 0696	WinHttpAutoProxySvc - ok
19:58:15.0286 0696	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:58:15.0317 0696	Winmgmt - ok
19:58:15.0395 0696	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:58:15.0457 0696	WinRM - ok
19:58:15.0520 0696	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
19:58:15.0566 0696	WinUsb - ok
19:58:15.0660 0696	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:58:15.0691 0696	Wlansvc - ok
19:58:15.0722 0696	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:58:15.0738 0696	WmiAcpi - ok
19:58:15.0800 0696	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:58:15.0832 0696	wmiApSrv - ok
19:58:15.0956 0696	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:58:16.0003 0696	WMPNetworkSvc - ok
19:58:16.0019 0696	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:58:16.0066 0696	WPCSvc - ok
19:58:16.0097 0696	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:58:16.0128 0696	WPDBusEnum - ok
19:58:16.0175 0696	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:58:16.0222 0696	ws2ifsl - ok
19:58:16.0253 0696	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:58:16.0284 0696	wscsvc - ok
19:58:16.0284 0696	WSearch - ok
19:58:16.0409 0696	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:58:16.0456 0696	wuauserv - ok
19:58:16.0596 0696	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:58:16.0627 0696	WudfPf - ok
19:58:16.0674 0696	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:16.0705 0696	WUDFRd - ok
19:58:16.0736 0696	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:58:16.0768 0696	wudfsvc - ok
19:58:16.0799 0696	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:58:16.0846 0696	WwanSvc - ok
19:58:16.0877 0696	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:58:17.0189 0696	\Device\Harddisk0\DR0 - ok
19:58:17.0204 0696	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:58:17.0267 0696	\Device\Harddisk1\DR1 - ok
19:58:17.0298 0696	Boot (0x1200)   (9886de89c5c5d3c69595bc4452f700ed) \Device\Harddisk0\DR0\Partition0
19:58:17.0298 0696	\Device\Harddisk0\DR0\Partition0 - ok
19:58:17.0314 0696	Boot (0x1200)   (67535f5cbdfbd0f6102ccaff19ac2328) \Device\Harddisk1\DR1\Partition0
19:58:17.0329 0696	\Device\Harddisk1\DR1\Partition0 - ok
19:58:17.0329 0696	============================================================
19:58:17.0329 0696	Scan finished
19:58:17.0329 0696	============================================================
19:58:17.0329 4000	Detected object count: 1
19:58:17.0329 4000	Actual detected object count: 1
19:59:27.0139 4000	giveio ( UnsignedFile.Multi.Generic ) - skipped by user
19:59:27.0139 4000	giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:42:23.0944 3884	Deinitialize success

PS : giveio soll etwas zu tun haben mit " SpeedFan Hardware und SMART Monitor"
So ein kleines Programm zur Temperaturüberwachung, Lüfter-Drehzahl, Zustand der Festplatten usw

cosinus · 14.08.2012, 14:01

Ja schön, aber was ist jetzt mit Combofix?

03.08.2012, 09:41	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	my srart by incredibar ..... mich hat´s auch erwischt! Tja, lass das Backupset doch einfach in Ruhe Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

08.08.2012, 18:43	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	my srart by incredibar ..... mich hat´s auch erwischt! Das musst du doch wissen was du da wegeditiert hast! Und ja natürlich muss es wieder so zurückeditiert werden, wie es original im Log auch stand __________________ Logfiles bitte immer in CODE-Tags posten

14.08.2012, 14:01	#30
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	my srart by incredibar ..... mich hat´s auch erwischt! Ja schön, aber was ist jetzt mit Combofix? __________________ Logfiles bitte immer in CODE-Tags posten

my srart by incredibar ..... mich hat´s auch erwischt!

Plagegeister aller Art und deren Bekämpfung: my srart by incredibar ..... mich hat´s auch erwischt!