Musik kommt automatisch unter "Name nicht Verfügbar" im Audiomixer (Windows 7)

aypstyle · 06.08.2012, 23:49

Hallo,
zu erst einmal... habe vor ca 3 Monaten das letzte mal Windows neu aufgesetzt, (eine Partition gelassen um die Daten zu behalten und den Rest neu partitioniert inkl. neuinstallationauf windows 7 ehemals windows xp) weil ich den Bundestrojaner hatte. Den hatte ich soweit gefixt, dass äußerlich keine Erscheinungen mehr vorhanden waren, dachte mir jedoch neu aufsetzen ist sicherer.

Nun habe ich seit ca. 2 Wochen bemerkt, dass nach gewisser Zeit Musik kommt die ich nicht zuordnen kann. Im Audiomixer nachgeschaut: "Name nicht verfügbar". Wenn ich die Lautstärke runterfahre ist es für unbestimmte Zeit weg. Nun ist es jedoch so, dass nach einiger Zeit genau dasselbe Problem auftritt. Im Audiomixer sind dann 2 "Name nicht verfügbar" und der zuletzt "erstellte/geöffnete" spielt Musik ab wobei der alte stumm bleibt.

Beim Googlen bin ich nun hauptsächlich drauf gestoßen, dass viele einen Trojaner oder Malware dahinter vermuten. Im Forum habe ich bisher nur Einträge gefunden, bei denen sofort nach Systemstart die Musik kommt.

Daher wende ich mich an euch...

OTL Dateien und GMER findet ihr im Anhang...

Danke im Voraus

[Bin durch einen Missclick im falschen Unterforum gelandet ... hoffe er wird verschoben, da ich nicht neu Posten möchte und auch nicht soll (Regeln)]

cosinus · 14.08.2012, 13:02

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

aypstyle · 22.08.2012, 09:56

Hallo,
sorry dass ich erst so spät antworte, aber ich war selber im Urlaub.
Hoffe du findest nach deinem Urlaub noch die Zeit dir die Logs anzuschauen
Anbei 2 Malwarebyte logs und der ESET log.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.22.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
aYpStyle :: AYPSTYLE-PC [Administrator]

22.08.2012 08:45:28
mbam-log-2012-08-22 (08-45-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 267249
Laufzeit: 21 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Program Files\mozjs.dll (Spyware.OnlineGames) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\n. -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\aYpStyle\AppData\Local\Temp\5726609.exe (Trojan.Phex.THAGen1) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\n (Trojan.Dropper.PE4) -> Löschen bei Neustart.
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\n (Trojan.Dropper.PE4) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\mozjs.dll (Spyware.OnlineGames) -> Löschen bei Neustart.

(Ende)

log ca. 1 h später, weil ich dachte beim ersten check nix gespeichert zu haben.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.22.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
aYpStyle :: AYPSTYLE-PC [Administrator]

22.08.2012 09:39:54
mbam-log-2012-08-22 (10-08-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 267738
Laufzeit: 23 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Program Files\mozjs.dll (Spyware.OnlineGames) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\800000cb.@ (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Program Files\mozjs.dll (Spyware.OnlineGames) -> Keine Aktion durchgeführt.

(Ende)

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1240c08927c4f648a18279d476b2b701
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-22 07:39:28
# local_time=2012-08-22 09:39:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 66 94 3876956 97251404 0 0
# compatibility_mode=8192 67108863 100 0 406 406 0 0
# scanned=40614
# found=5
# cleaned=0
# scan_time=955
C:\Users\aYpStyle\AppData\Local\Temp\jar_cache1156092574209671914.tmp	Java/Exploit.Agent.NAV trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\6053605c-5ae58250	a variant of Java/Exploit.CVE-2012-1723.C trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\80000000.@	a variant of Win32/Sirefef.FA trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\800000cb.@	probably a variant of Win32/Agent.TEO trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\System32\services.exe	Win32/Sirefef.FC trojan (unable to clean)	00000000000000000000000000000000	I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1240c08927c4f648a18279d476b2b701
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-22 08:48:55
# local_time=2012-08-22 10:48:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 66 94 3879527 97253975 0 0
# compatibility_mode=8192 67108863 100 0 2977 2977 0 0
# scanned=100145
# found=6
# cleaned=0
# scan_time=2551
C:\Users\aYpStyle\AppData\Local\Temp\jar_cache1156092574209671914.tmp	Java/Exploit.Agent.NAV trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\6053605c-5ae58250	a variant of Java/Exploit.CVE-2012-1723.C trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\80000000.@	a variant of Win32/Sirefef.FA trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\800000cb.@	probably a variant of Win32/Agent.TEO trojan (unable to clean)	00000000000000000000000000000000	I
C:\Windows\System32\services.exe	Win32/Sirefef.FC trojan (unable to clean)	00000000000000000000000000000000	I
F:\Downloadz\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I

Hoffe du kannst nach deinem Urlaub weiterhelfen.
Vielen dank!

cosinus · 30.08.2012, 12:57

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

aypstyle · 01.09.2012, 21:37

Code:

ATTFilter

# AdwCleaner v2.000 - Datei am 09/01/2012 um 22:36:57 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : aYpStyle - AYPSTYLE-PC
# Normaler Modus : Normal
# Ausgeführt unter : F:\Downloadz\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Users\aYpStyle\AppData\LocalLow\boost_interprocess

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v13.0.1 (de)

Profilname : default 
Datei : C:\Users\aYpStyle\AppData\Roaming\Mozilla\Firefox\Profiles\2jmqqn5z.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [823 octets] - [01/09/2012 22:36:57]

########## EOF - C:\AdwCleaner[R1].txt - [882 octets] ##########

cosinus · 03.09.2012, 15:46

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

aypstyle · 03.09.2012, 20:22

Code:

ATTFilter

# AdwCleaner v2.000 - Datei am 09/03/2012 um 21:19:32 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : aYpStyle - AYPSTYLE-PC
# Normaler Modus : Normal
# Ausgeführt unter : F:\Downloadz\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\aYpStyle\AppData\LocalLow\boost_interprocess

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v13.0.1 (de)

Profilname : default 
Datei : C:\Users\aYpStyle\AppData\Roaming\Mozilla\Firefox\Profiles\2jmqqn5z.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [950 octets] - [01/09/2012 22:36:57]
AdwCleaner[S1].txt - [1141 octets] - [03/09/2012 21:19:32]

########## EOF - C:\AdwCleaner[S1].txt - [1201 octets] ##########

cosinus · 03.09.2012, 21:03

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

aypstyle · 04.09.2012, 07:58

1) der normale Modus geht... jedoch hatte ich heute Nacht als ich den Rechner testweise anließ, wieder diese Melodien...
2) Es sind Sachen gelöscht worden... jedoch keine die ich benutzt habe häufiger ... sonst wären mir die Namen eingefallen die fehlen..(Autostart ordner ist leer)

cosinus · 04.09.2012, 15:26

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

aypstyle · 07.09.2012, 14:49

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 07.09.2012 15:38:47 - Run 2
OTL by OldTimer - Version 3.2.61.1     Folder = F:\Downloadz\Antivirushilfe
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,61% Memory free
4,00 Gb Paging File | 3,25 Gb Available in Paging File | 81,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,12 Gb Total Space | 46,08 Gb Free Space | 58,99% Space Free | Partition Type: NTFS
Drive D: | 128,38 Gb Total Space | 121,14 Gb Free Space | 94,36% Space Free | Partition Type: NTFS
Drive E: | 21,40 Gb Total Space | 21,14 Gb Free Space | 98,83% Space Free | Partition Type: NTFS
Drive F: | 70,92 Gb Total Space | 22,57 Gb Free Space | 31,82% Space Free | Partition Type: NTFS
 
Computer Name: AYPSTYLE-PC | User Name: aYpStyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.07 15:36:59 | 000,599,552 | ---- | M] (OldTimer Tools) -- F:\Downloadz\Antivirushilfe\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-214749253-1445433981-3836103608-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-214749253-1445433981-3836103608-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-214749253-1445433981-3836103608-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.22
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.22 15:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\components [2012.08.22 11:21:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\plugins [2012.08.21 14:16:02 | 000,000,000 | ---D | M]
 
[2012.04.12 13:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\Extensions
[2012.08.06 13:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\Firefox\Profiles\2jmqqn5z.default\extensions
[2012.07.08 14:45:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\Firefox\Profiles\2jmqqn5z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.08.06 13:16:23 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\Firefox\Profiles\2jmqqn5z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.06.09 11:28:15 | 000,255,818 | ---- | M] () (No name found) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\firefox\profiles\2jmqqn5z.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
[2012.07.27 21:22:14 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\aYpStyle\AppData\Roaming\mozilla\firefox\profiles\2jmqqn5z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.22 15:11:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.08.07 09:28:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKU\S-1-5-21-214749253-1445433981-3836103608-1001..\Run: [Spotify] C:\Users\aYpStyle\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-214749253-1445433981-3836103608-1001..\Run: [Spotify Web Helper] C:\Users\aYpStyle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ED2BB03-C7BA-400E-84C0-D0A7CC69E3C5}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: wuauserv -  File not found
NetSvcs: BITS -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\aYpStyle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.22 16:21:11 | 000,000,000 | ---D | C] -- C:\Users\aYpStyle\AppData\Local\DDMSettings
[2012.08.22 15:10:52 | 000,000,000 | ---D | C] -- C:\Users\aYpStyle\AppData\Roaming\DivX
[2012.08.22 15:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.08.22 15:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2012.08.22 15:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.08.22 14:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.08.22 11:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins
[2012.08.22 11:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\defaults
[2012.08.22 11:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\components
[2012.08.22 09:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.08.22 09:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.08.22 09:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.08.22 08:40:20 | 000,000,000 | ---D | C] -- C:\Users\aYpStyle\AppData\Roaming\Malwarebytes
[2012.08.22 08:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.22 08:40:11 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.17 10:08:36 | 000,770,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr100.dll
[2012.06.17 10:08:36 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp100.dll
[2012.06.17 10:08:36 | 000,157,608 | ---- | C] (Mozilla Corporation) -- C:\Program Files\maintenanceservice_installer.exe
[2012.06.17 10:08:36 | 000,113,120 | ---- | C] (Mozilla Foundation) -- C:\Program Files\maintenanceservice.exe
[2012.04.12 13:32:38 | 015,757,792 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2012.04.12 13:32:38 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\D3DCompiler_43.dll
[2012.04.12 13:32:38 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_43.dll
[2012.04.12 13:32:38 | 000,913,888 | ---- | C] (Mozilla Corporation) -- C:\Program Files\firefox.exe
[2012.04.12 13:32:38 | 000,829,920 | ---- | C] (sqlite.org) -- C:\Program Files\mozsqlite3.dll
[2012.04.12 13:32:38 | 000,637,920 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nss3.dll
[2012.04.12 13:32:38 | 000,624,608 | ---- | C] (Mozilla Foundation) -- C:\Program Files\gkmedias.dll
[2012.04.12 13:32:38 | 000,418,784 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libGLESv2.dll
[2012.04.12 13:32:38 | 000,358,368 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssckbi.dll
[2012.04.12 13:32:38 | 000,265,184 | ---- | C] (Mozilla Foundation) -- C:\Program Files\updater.exe
[2012.04.12 13:32:38 | 000,258,528 | ---- | C] (Mozilla Foundation) -- C:\Program Files\freebl3.dll
[2012.04.12 13:32:38 | 000,170,464 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nspr4.dll
[2012.04.12 13:32:38 | 000,155,104 | ---- | C] (Mozilla Foundation) -- C:\Program Files\softokn3.dll
[2012.04.12 13:32:38 | 000,145,376 | ---- | C] (Mozilla Foundation) -- C:\Program Files\ssl3.dll
[2012.04.12 13:32:38 | 000,117,728 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2012.04.12 13:32:38 | 000,095,712 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssdbm3.dll
[2012.04.12 13:32:38 | 000,092,640 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssutil3.dll
[2012.04.12 13:32:38 | 000,091,104 | ---- | C] (Mozilla Foundation) -- C:\Program Files\smime3.dll
[2012.04.12 13:32:38 | 000,079,840 | ---- | C] (Mozilla Foundation) -- C:\Program Files\libEGL.dll
[2012.04.12 13:32:38 | 000,043,488 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozglue.dll
[2012.04.12 13:32:38 | 000,021,472 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plc4.dll
[2012.04.12 13:32:38 | 000,020,960 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plds4.dll
[2012.04.12 13:32:38 | 000,019,424 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xpcom.dll
[2012.04.12 13:32:38 | 000,018,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\AccessibleMarshal.dll
[2012.04.12 13:32:38 | 000,016,864 | ---- | C] (Mozilla Corporation) -- C:\Program Files\plugin-container.exe
[2012.04.12 13:32:38 | 000,016,352 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozalloc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.07 15:39:13 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 15:39:13 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 15:36:22 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.07 15:36:22 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.07 15:36:22 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.07 15:36:22 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.07 15:32:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.07 15:32:03 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 09:40:41 | 000,026,747 | ---- | M] () -- C:\Users\aYpStyle\Desktop\wire.jpg
[2012.08.26 10:19:42 | 000,071,393 | ---- | M] () -- C:\Users\aYpStyle\Desktop\5166623_460s.jpg
 
========== Files Created - No Company Name ==========
 
[2012.08.31 09:26:45 | 000,026,747 | ---- | C] () -- C:\Users\aYpStyle\Desktop\wire.jpg
[2012.08.26 10:18:36 | 000,071,393 | ---- | C] () -- C:\Users\aYpStyle\Desktop\5166623_460s.jpg
[2012.08.22 11:21:10 | 002,042,848 | ---- | C] () -- C:\Program Files\mozjs.dll
[2012.08.22 11:15:48 | 000,020,480 | ---- | C] () -- C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\800000cb.@
[2012.08.07 00:15:44 | 000,000,000 | ---- | C] () -- C:\Users\aYpStyle\defogger_reenable
[2012.07.08 12:31:47 | 000,013,312 | ---- | C] () -- C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\80000000.@
[2012.07.08 12:31:43 | 000,001,792 | ---- | C] () -- C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U\00000001.@
[2012.06.17 10:08:36 | 000,000,132 | ---- | C] () -- C:\Program Files\update-settings.ini
[2012.04.15 19:42:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.04.14 15:45:19 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\@
[2012.04.14 15:45:19 | 000,002,048 | -HS- | C] () -- C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\@
[2012.04.12 13:32:38 | 007,704,173 | ---- | C] () -- C:\Program Files\omni.ja
[2012.04.12 13:32:38 | 000,035,524 | ---- | C] () -- C:\Program Files\removed-files
[2012.04.12 13:32:38 | 000,010,326 | ---- | C] () -- C:\Program Files\blocklist.xml
[2012.04.12 13:32:38 | 000,004,284 | ---- | C] () -- C:\Program Files\crashreporter.ini
[2012.04.12 13:32:38 | 000,001,530 | ---- | C] () -- C:\Program Files\precomplete
[2012.04.12 13:32:38 | 000,001,041 | ---- | C] () -- C:\Program Files\updater.ini
[2012.04.12 13:32:38 | 000,000,706 | ---- | C] () -- C:\Program Files\crashreporter-override.ini
[2012.04.12 13:32:38 | 000,000,478 | ---- | C] () -- C:\Program Files\softokn3.chk
[2012.04.12 13:32:38 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk
[2012.04.12 13:32:38 | 000,000,478 | ---- | C] () -- C:\Program Files\freebl3.chk
[2012.04.12 13:32:38 | 000,000,463 | ---- | C] () -- C:\Program Files\application.ini
[2012.04.12 13:32:38 | 000,000,142 | ---- | C] () -- C:\Program Files\platform.ini
[2012.04.12 13:32:38 | 000,000,130 | ---- | C] () -- C:\Program Files\dependentlibs.list
[2012.04.12 12:47:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
 
========== LOP Check ==========
 
[2012.09.07 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Spotify
[2012.08.30 21:34:19 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.16 16:49:10 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Adobe
[2012.08.22 15:10:52 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\DivX
[2012.04.12 12:53:05 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Identities
[2012.04.12 13:54:21 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Macromedia
[2012.08.22 08:40:20 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Media Center Programs
[2012.04.16 16:49:10 | 000,000,000 | --SD | M] -- C:\Users\aYpStyle\AppData\Roaming\Microsoft
[2012.04.12 13:32:48 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Mozilla
[2012.09.07 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Spotify
[2012.04.12 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\vlc
[2012.08.06 22:13:30 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\Winamp
[2012.04.16 16:42:36 | 000,000,000 | ---D | M] -- C:\Users\aYpStyle\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012.08.21 20:54:02 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\aYpStyle\AppData\Roaming\Spotify\spotify.exe
[2012.08.21 20:54:02 | 000,114,904 | ---- | M] () -- C:\Users\aYpStyle\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012.08.21 20:54:02 | 001,193,176 | ---- | M] () -- C:\Users\aYpStyle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.04.14 16:06:38 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012.04.14 16:06:38 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll

< End of report >

--- --- ---

cosinus · 10.09.2012, 13:32

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - user.js - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}
C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

aypstyle · 10.09.2012, 20:22

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U folder moved successfully.
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\L folder moved successfully.
Folder move failed. C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96} scheduled to be moved on reboot.
C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U folder moved successfully.
C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\L folder moved successfully.
C:\Users\aYpStyle\AppData\Local\{42a985b7-1f79-df30-1dda-9864dc9c0a96} folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\aYpStyle\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
F:\Downloadz\Antivirushilfe\cmd.bat deleted successfully.
F:\Downloadz\Antivirushilfe\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: aYpStyle
->Temp folder emptied: 5579545457 bytes
->Temporary Internet Files folder emptied: 107035216 bytes
->FireFox cache emptied: 71695104 bytes
->Flash cache emptied: 33976 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 93299927 bytes
RecycleBin emptied: 1973299951 bytes
 
Total Files Cleaned = 7.462,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.1 log created on 09102012_211836

Files\Folders moved on Reboot...
C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96}\U folder moved successfully.
Folder move failed. C:\Windows\Installer\{42a985b7-1f79-df30-1dda-9864dc9c0a96} scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus · 10.09.2012, 21:36

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

aypstyle · 10.09.2012, 21:58

Code:

ATTFilter

22:54:04.0364 3176  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:54:04.0952 3176  ============================================================
22:54:04.0952 3176  Current date / time: 2012/09/10 22:54:04.0952
22:54:04.0952 3176  SystemInfo:
22:54:04.0952 3176  
22:54:04.0952 3176  OS Version: 6.1.7601 ServicePack: 1.0
22:54:04.0952 3176  Product type: Workstation
22:54:04.0952 3176  ComputerName: AYPSTYLE-PC
22:54:04.0952 3176  UserName: aYpStyle
22:54:04.0953 3176  Windows directory: C:\Windows
22:54:04.0953 3176  System windows directory: C:\Windows
22:54:04.0953 3176  Processor architecture: Intel x86
22:54:04.0953 3176  Number of processors: 2
22:54:04.0953 3176  Page size: 0x1000
22:54:04.0953 3176  Boot type: Normal boot
22:54:04.0953 3176  ============================================================
22:54:07.0643 3176  Drive \Device\Harddisk1\DR1 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:54:07.0650 3176  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:54:07.0712 3176  ============================================================
22:54:07.0712 3176  \Device\Harddisk1\DR1:
22:54:07.0712 3176  MBR partitions:
22:54:07.0712 3176  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:54:07.0712 3176  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2ACA800
22:54:07.0724 3176  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xD0FDA48, BlocksNum 0x100C2C78
22:54:07.0724 3176  \Device\Harddisk0\DR0:
22:54:07.0727 3176  MBR partitions:
22:54:07.0727 3176  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
22:54:07.0727 3176  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x8DD8800
22:54:07.0727 3176  ============================================================
22:54:07.0790 3176  C: <-> \Device\Harddisk0\DR0\Partition1
22:54:07.0791 3176  D: <-> \Device\Harddisk1\DR1\Partition3
22:54:07.0823 3176  E: <-> \Device\Harddisk1\DR1\Partition2
22:54:07.0857 3176  F: <-> \Device\Harddisk0\DR0\Partition2
22:54:07.0881 3176  ============================================================
22:54:07.0881 3176  Initialize success
22:54:07.0881 3176  ============================================================
22:55:53.0502 3792  ============================================================
22:55:53.0502 3792  Scan started
22:55:53.0502 3792  Mode: Manual; SigCheck; TDLFS; 
22:55:53.0502 3792  ============================================================
22:55:54.0893 3792  ================ Scan system memory ========================
22:55:54.0893 3792  System memory - ok
22:55:54.0894 3792  ================ Scan services =============================
22:55:55.0060 3792  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:55:55.0295 3792  1394ohci - ok
22:55:55.0337 3792  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:55:55.0354 3792  ACPI - ok
22:55:55.0374 3792  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:55:55.0435 3792  AcpiPmi - ok
22:55:55.0545 3792  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:55:55.0556 3792  AdobeARMservice - ok
22:55:55.0597 3792  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:55:55.0622 3792  adp94xx - ok
22:55:55.0642 3792  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:55:55.0661 3792  adpahci - ok
22:55:55.0677 3792  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:55:55.0691 3792  adpu320 - ok
22:55:55.0723 3792  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:55:55.0852 3792  AeLookupSvc - ok
22:55:55.0900 3792  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
22:55:55.0957 3792  AFD - ok
22:55:55.0986 3792  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:55:55.0998 3792  agp440 - ok
22:55:56.0035 3792  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:55:56.0048 3792  aic78xx - ok
22:55:56.0058 3792  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
22:55:56.0091 3792  ALG - ok
22:55:56.0111 3792  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:55:56.0121 3792  aliide - ok
22:55:56.0169 3792  [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:55:56.0213 3792  AMD External Events Utility - ok
22:55:56.0229 3792  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:55:56.0241 3792  amdagp - ok
22:55:56.0261 3792  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:55:56.0271 3792  amdide - ok
22:55:56.0306 3792  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:55:56.0356 3792  AmdK8 - ok
22:55:56.0373 3792  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:55:56.0403 3792  AmdPPM - ok
22:55:56.0432 3792  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:55:56.0445 3792  amdsata - ok
22:55:56.0462 3792  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:55:56.0476 3792  amdsbs - ok
22:55:56.0491 3792  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:55:56.0502 3792  amdxata - ok
22:55:56.0544 3792  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
22:55:56.0653 3792  AppID - ok
22:55:56.0693 3792  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:55:56.0740 3792  AppIDSvc - ok
22:55:56.0782 3792  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
22:55:56.0839 3792  Appinfo - ok
22:55:56.0877 3792  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:55:56.0951 3792  AppMgmt - ok
22:55:56.0985 3792  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:55:56.0997 3792  arc - ok
22:55:57.0014 3792  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:55:57.0027 3792  arcsas - ok
22:55:57.0045 3792  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:55:57.0146 3792  AsyncMac - ok
22:55:57.0169 3792  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
22:55:57.0179 3792  atapi - ok
22:55:57.0344 3792  [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:55:57.0475 3792  atikmdag - ok
22:55:57.0528 3792  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:55:57.0573 3792  AudioEndpointBuilder - ok
22:55:57.0583 3792  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:55:57.0613 3792  Audiosrv - ok
22:55:57.0651 3792  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:55:57.0729 3792  AxInstSV - ok
22:55:57.0807 3792  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:55:57.0857 3792  b06bdrv - ok
22:55:57.0902 3792  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:55:57.0920 3792  b57nd60x - ok
22:55:57.0953 3792  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:55:58.0037 3792  BDESVC - ok
22:55:58.0062 3792  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:55:58.0104 3792  Beep - ok
22:55:58.0120 3792  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:55:58.0154 3792  blbdrive - ok
22:55:58.0193 3792  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:55:58.0231 3792  bowser - ok
22:55:58.0246 3792  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:55:58.0305 3792  BrFiltLo - ok
22:55:58.0321 3792  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:55:58.0359 3792  BrFiltUp - ok
22:55:58.0387 3792  [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser         C:\Windows\System32\browser.dll
22:55:58.0444 3792  Browser - ok
22:55:58.0477 3792  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:55:58.0546 3792  Brserid - ok
22:55:58.0563 3792  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:55:58.0597 3792  BrSerWdm - ok
22:55:58.0616 3792  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:55:58.0635 3792  BrUsbMdm - ok
22:55:58.0649 3792  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:55:58.0690 3792  BrUsbSer - ok
22:55:58.0709 3792  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:55:58.0739 3792  BTHMODEM - ok
22:55:58.0778 3792  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
22:55:58.0805 3792  bthserv - ok
22:55:58.0823 3792  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:55:58.0861 3792  cdfs - ok
22:55:58.0905 3792  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:55:58.0930 3792  cdrom - ok
22:55:58.0966 3792  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:55:59.0004 3792  CertPropSvc - ok
22:55:59.0018 3792  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:55:59.0032 3792  circlass - ok
22:55:59.0063 3792  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
22:55:59.0080 3792  CLFS - ok
22:55:59.0146 3792  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:55:59.0159 3792  clr_optimization_v2.0.50727_32 - ok
22:55:59.0215 3792  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:55:59.0257 3792  clr_optimization_v4.0.30319_32 - ok
22:55:59.0270 3792  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:55:59.0289 3792  CmBatt - ok
22:55:59.0316 3792  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:55:59.0328 3792  cmdide - ok
22:55:59.0363 3792  [ 6427525D76F61D0C519B008D3680E8E7 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:55:59.0394 3792  CNG - ok
22:55:59.0422 3792  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:55:59.0436 3792  Compbatt - ok
22:55:59.0456 3792  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:55:59.0484 3792  CompositeBus - ok
22:55:59.0501 3792  COMSysApp - ok
22:55:59.0520 3792  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:55:59.0532 3792  crcdisk - ok
22:55:59.0574 3792  [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:55:59.0630 3792  CryptSvc - ok
22:55:59.0666 3792  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
22:55:59.0732 3792  CSC - ok
22:55:59.0760 3792  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
22:55:59.0783 3792  CscService - ok
22:55:59.0809 3792  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:55:59.0851 3792  DcomLaunch - ok
22:55:59.0887 3792  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:55:59.0929 3792  defragsvc - ok
22:55:59.0956 3792  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:55:59.0989 3792  DfsC - ok
22:56:00.0013 3792  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:56:00.0060 3792  Dhcp - ok
22:56:00.0094 3792  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
22:56:00.0131 3792  discache - ok
22:56:00.0167 3792  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:56:00.0179 3792  Disk - ok
22:56:00.0209 3792  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:56:00.0254 3792  Dnscache - ok
22:56:00.0282 3792  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:56:00.0325 3792  dot3svc - ok
22:56:00.0358 3792  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
22:56:00.0398 3792  DPS - ok
22:56:00.0440 3792  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:56:00.0460 3792  drmkaud - ok
22:56:00.0500 3792  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:56:00.0540 3792  DXGKrnl - ok
22:56:00.0569 3792  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
22:56:00.0610 3792  EapHost - ok
22:56:00.0723 3792  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:56:00.0803 3792  ebdrv - ok
22:56:00.0832 3792  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
22:56:00.0872 3792  EFS - ok
22:56:00.0925 3792  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:56:00.0996 3792  ehRecvr - ok
22:56:01.0031 3792  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
22:56:01.0074 3792  ehSched - ok
22:56:01.0126 3792  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:56:01.0148 3792  elxstor - ok
22:56:01.0171 3792  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:56:01.0194 3792  ErrDev - ok
22:56:01.0237 3792  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
22:56:01.0281 3792  EventSystem - ok
22:56:01.0308 3792  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
22:56:01.0345 3792  exfat - ok
22:56:01.0354 3792  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:56:01.0387 3792  fastfat - ok
22:56:01.0434 3792  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
22:56:01.0498 3792  Fax - ok
22:56:01.0515 3792  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:56:01.0533 3792  fdc - ok
22:56:01.0554 3792  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
22:56:01.0593 3792  fdPHost - ok
22:56:01.0611 3792  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
22:56:01.0653 3792  FDResPub - ok
22:56:01.0674 3792  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:56:01.0686 3792  FileInfo - ok
22:56:01.0700 3792  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:56:01.0743 3792  Filetrace - ok
22:56:01.0759 3792  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:56:01.0775 3792  flpydisk - ok
22:56:01.0797 3792  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:56:01.0812 3792  FltMgr - ok
22:56:01.0858 3792  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
22:56:01.0923 3792  FontCache - ok
22:56:01.0979 3792  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:56:01.0989 3792  FontCache3.0.0.0 - ok
22:56:01.0995 3792  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:56:02.0008 3792  FsDepends - ok
22:56:02.0037 3792  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:56:02.0049 3792  Fs_Rec - ok
22:56:02.0087 3792  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:56:02.0105 3792  fvevol - ok
22:56:02.0141 3792  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:56:02.0153 3792  gagp30kx - ok
22:56:02.0195 3792  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:56:02.0245 3792  gpsvc - ok
22:56:02.0263 3792  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:56:02.0322 3792  hcw85cir - ok
22:56:02.0372 3792  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:56:02.0401 3792  HdAudAddService - ok
22:56:02.0424 3792  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:56:02.0453 3792  HDAudBus - ok
22:56:02.0470 3792  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:56:02.0486 3792  HidBatt - ok
22:56:02.0501 3792  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:56:02.0524 3792  HidBth - ok
22:56:02.0547 3792  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:56:02.0571 3792  HidIr - ok
22:56:02.0595 3792  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
22:56:02.0632 3792  hidserv - ok
22:56:02.0652 3792  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:56:02.0665 3792  HidUsb - ok
22:56:02.0693 3792  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:56:02.0732 3792  hkmsvc - ok
22:56:02.0763 3792  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:56:02.0808 3792  HomeGroupListener - ok
22:56:02.0840 3792  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:56:02.0862 3792  HomeGroupProvider - ok
22:56:02.0884 3792  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:56:02.0896 3792  HpSAMD - ok
22:56:02.0949 3792  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:56:02.0984 3792  HTTP - ok
22:56:03.0007 3792  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:56:03.0018 3792  hwpolicy - ok
22:56:03.0042 3792  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:56:03.0056 3792  i8042prt - ok
22:56:03.0080 3792  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:56:03.0099 3792  iaStorV - ok
22:56:03.0153 3792  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:56:03.0183 3792  idsvc - ok
22:56:03.0220 3792  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:56:03.0231 3792  iirsp - ok
22:56:03.0274 3792  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:56:03.0322 3792  IKEEXT - ok
22:56:03.0344 3792  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:56:03.0354 3792  intelide - ok
22:56:03.0376 3792  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:56:03.0398 3792  intelppm - ok
22:56:03.0430 3792  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:56:03.0474 3792  IPBusEnum - ok
22:56:03.0491 3792  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:56:03.0533 3792  IpFilterDriver - ok
22:56:03.0556 3792  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:56:03.0583 3792  IPMIDRV - ok
22:56:03.0602 3792  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:56:03.0637 3792  IPNAT - ok
22:56:03.0661 3792  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:56:03.0706 3792  IRENUM - ok
22:56:03.0738 3792  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:56:03.0750 3792  isapnp - ok
22:56:03.0790 3792  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:56:03.0819 3792  iScsiPrt - ok
22:56:03.0841 3792  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
22:56:03.0852 3792  kbdclass - ok
22:56:03.0866 3792  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:56:03.0887 3792  kbdhid - ok
22:56:03.0905 3792  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
22:56:03.0916 3792  KeyIso - ok
22:56:03.0947 3792  [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:56:03.0960 3792  KSecDD - ok
22:56:03.0978 3792  [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:56:03.0991 3792  KSecPkg - ok
22:56:04.0022 3792  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:56:04.0054 3792  KtmRm - ok
22:56:04.0077 3792  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:56:04.0105 3792  LanmanServer - ok
22:56:04.0133 3792  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:56:04.0171 3792  LanmanWorkstation - ok
22:56:04.0224 3792  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:56:04.0265 3792  lltdio - ok
22:56:04.0313 3792  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:56:04.0344 3792  lltdsvc - ok
22:56:04.0360 3792  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:56:04.0411 3792  lmhosts - ok
22:56:04.0435 3792  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:56:04.0448 3792  LSI_FC - ok
22:56:04.0466 3792  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:56:04.0479 3792  LSI_SAS - ok
22:56:04.0490 3792  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:56:04.0501 3792  LSI_SAS2 - ok
22:56:04.0509 3792  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:56:04.0523 3792  LSI_SCSI - ok
22:56:04.0532 3792  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
22:56:04.0562 3792  luafv - ok
22:56:04.0584 3792  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:56:04.0598 3792  Mcx2Svc - ok
22:56:04.0628 3792  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:56:04.0639 3792  megasas - ok
22:56:04.0658 3792  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:56:04.0675 3792  MegaSR - ok
22:56:04.0688 3792  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
22:56:04.0729 3792  MMCSS - ok
22:56:04.0746 3792  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
22:56:04.0788 3792  Modem - ok
22:56:04.0815 3792  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:56:04.0849 3792  monitor - ok
22:56:04.0884 3792  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:56:04.0897 3792  mouclass - ok
22:56:04.0926 3792  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:56:04.0948 3792  mouhid - ok
22:56:04.0976 3792  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:56:04.0988 3792  mountmgr - ok
22:56:05.0049 3792  [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:56:05.0072 3792  MozillaMaintenance - ok
22:56:05.0091 3792  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:56:05.0104 3792  mpio - ok
22:56:05.0117 3792  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:56:05.0160 3792  mpsdrv - ok
22:56:05.0196 3792  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:56:05.0226 3792  MRxDAV - ok
22:56:05.0262 3792  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:56:05.0294 3792  mrxsmb - ok
22:56:05.0313 3792  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:56:05.0344 3792  mrxsmb10 - ok
22:56:05.0365 3792  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:56:05.0392 3792  mrxsmb20 - ok
22:56:05.0411 3792  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
22:56:05.0423 3792  msahci - ok
22:56:05.0439 3792  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:56:05.0452 3792  msdsm - ok
22:56:05.0475 3792  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
22:56:05.0502 3792  MSDTC - ok
22:56:05.0532 3792  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:56:05.0559 3792  Msfs - ok
22:56:05.0572 3792  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:56:05.0609 3792  mshidkmdf - ok
22:56:05.0641 3792  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:56:05.0652 3792  msisadrv - ok
22:56:05.0686 3792  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:56:05.0727 3792  MSiSCSI - ok
22:56:05.0736 3792  msiserver - ok
22:56:05.0762 3792  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:56:05.0798 3792  MSKSSRV - ok
22:56:05.0809 3792  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:56:05.0843 3792  MSPCLOCK - ok
22:56:05.0860 3792  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:56:05.0901 3792  MSPQM - ok
22:56:05.0930 3792  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:56:05.0945 3792  MsRPC - ok
22:56:05.0967 3792  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:56:05.0980 3792  mssmbios - ok
22:56:05.0995 3792  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:56:06.0022 3792  MSTEE - ok
22:56:06.0031 3792  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:56:06.0051 3792  MTConfig - ok
22:56:06.0064 3792  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:56:06.0076 3792  Mup - ok
22:56:06.0108 3792  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
22:56:06.0157 3792  napagent - ok
22:56:06.0206 3792  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:56:06.0236 3792  NativeWifiP - ok
22:56:06.0283 3792  [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:56:06.0310 3792  NDIS - ok
22:56:06.0330 3792  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:56:06.0356 3792  NdisCap - ok
22:56:06.0375 3792  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:56:06.0413 3792  NdisTapi - ok
22:56:06.0438 3792  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:56:06.0462 3792  Ndisuio - ok
22:56:06.0502 3792  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:56:06.0542 3792  NdisWan - ok
22:56:06.0565 3792  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:56:06.0597 3792  NDProxy - ok
22:56:06.0621 3792  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:56:06.0670 3792  NetBIOS - ok
22:56:06.0696 3792  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:56:06.0744 3792  NetBT - ok
22:56:06.0761 3792  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
22:56:06.0785 3792  Netlogon - ok
22:56:06.0835 3792  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
22:56:06.0879 3792  Netman - ok
22:56:06.0893 3792  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
22:56:06.0928 3792  netprofm - ok
22:56:06.0946 3792  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:56:06.0962 3792  NetTcpPortSharing - ok
22:56:07.0001 3792  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:56:07.0013 3792  nfrd960 - ok
22:56:07.0042 3792  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:56:07.0084 3792  NlaSvc - ok
22:56:07.0103 3792  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:56:07.0142 3792  Npfs - ok
22:56:07.0162 3792  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
22:56:07.0190 3792  nsi - ok
22:56:07.0206 3792  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:56:07.0242 3792  nsiproxy - ok
22:56:07.0299 3792  [ 81189C3D7763838E55C397759D49007A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:56:07.0338 3792  Ntfs - ok
22:56:07.0353 3792  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
22:56:07.0390 3792  Null - ok
22:56:07.0413 3792  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:56:07.0426 3792  nvraid - ok
22:56:07.0460 3792  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:56:07.0474 3792  nvstor - ok
22:56:07.0502 3792  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:56:07.0516 3792  nv_agp - ok
22:56:07.0534 3792  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:56:07.0562 3792  ohci1394 - ok
22:56:07.0605 3792  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:56:07.0672 3792  p2pimsvc - ok
22:56:07.0705 3792  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:56:07.0737 3792  p2psvc - ok
22:56:07.0757 3792  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:56:07.0780 3792  Parport - ok
22:56:07.0808 3792  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:56:07.0820 3792  partmgr - ok
22:56:07.0834 3792  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:56:07.0862 3792  Parvdm - ok
22:56:07.0883 3792  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:56:07.0901 3792  PcaSvc - ok
22:56:07.0931 3792  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
22:56:07.0946 3792  pci - ok
22:56:07.0963 3792  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
22:56:07.0975 3792  pciide - ok
22:56:07.0994 3792  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:56:08.0009 3792  pcmcia - ok
22:56:08.0025 3792  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
22:56:08.0036 3792  pcw - ok
22:56:08.0065 3792  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:56:08.0127 3792  PEAUTH - ok
22:56:08.0194 3792  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:56:08.0264 3792  PeerDistSvc - ok
22:56:08.0342 3792  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
22:56:08.0411 3792  pla - ok
22:56:08.0456 3792  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:56:08.0502 3792  PlugPlay - ok
22:56:08.0533 3792  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:56:08.0559 3792  PNRPAutoReg - ok
22:56:08.0581 3792  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:56:08.0597 3792  PNRPsvc - ok
22:56:08.0640 3792  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:56:08.0686 3792  PolicyAgent - ok
22:56:08.0710 3792  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
22:56:08.0738 3792  Power - ok
22:56:08.0766 3792  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:56:08.0806 3792  PptpMiniport - ok
22:56:08.0821 3792  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:56:08.0834 3792  Processor - ok
22:56:08.0870 3792  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
22:56:08.0923 3792  ProfSvc - ok
22:56:08.0941 3792  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:56:08.0952 3792  ProtectedStorage - ok
22:56:08.0992 3792  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:56:09.0032 3792  Psched - ok
22:56:09.0091 3792  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:56:09.0132 3792  ql2300 - ok
22:56:09.0146 3792  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:56:09.0159 3792  ql40xx - ok
22:56:09.0191 3792  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
22:56:09.0223 3792  QWAVE - ok
22:56:09.0242 3792  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:56:09.0256 3792  QWAVEdrv - ok
22:56:09.0281 3792  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:56:09.0317 3792  RasAcd - ok
22:56:09.0349 3792  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:56:09.0399 3792  RasAgileVpn - ok
22:56:09.0423 3792  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
22:56:09.0452 3792  RasAuto - ok
22:56:09.0464 3792  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:56:09.0505 3792  Rasl2tp - ok
22:56:09.0543 3792  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
22:56:09.0592 3792  RasMan - ok
22:56:09.0608 3792  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:56:09.0637 3792  RasPppoe - ok
22:56:09.0644 3792  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:56:09.0697 3792  RasSstp - ok
22:56:09.0728 3792  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:56:09.0772 3792  rdbss - ok
22:56:09.0785 3792  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:56:09.0799 3792  rdpbus - ok
22:56:09.0828 3792  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:56:09.0873 3792  RDPCDD - ok
22:56:09.0892 3792  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:56:09.0936 3792  RDPDR - ok
22:56:09.0958 3792  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:56:09.0983 3792  RDPENCDD - ok
22:56:09.0999 3792  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:56:10.0035 3792  RDPREFMP - ok
22:56:10.0077 3792  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:56:10.0113 3792  RDPWD - ok
22:56:10.0148 3792  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:56:10.0174 3792  rdyboost - ok
22:56:10.0200 3792  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:56:10.0243 3792  RemoteAccess - ok
22:56:10.0273 3792  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:56:10.0316 3792  RemoteRegistry - ok
22:56:10.0330 3792  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:56:10.0375 3792  RpcEptMapper - ok
22:56:10.0407 3792  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
22:56:10.0435 3792  RpcLocator - ok
22:56:10.0456 3792  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
22:56:10.0485 3792  RpcSs - ok
22:56:10.0522 3792  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:56:10.0549 3792  rspndr - ok
22:56:10.0583 3792  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
22:56:10.0618 3792  RTL8167 - ok
22:56:10.0648 3792  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:56:10.0717 3792  s3cap - ok
22:56:10.0736 3792  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
22:56:10.0747 3792  SamSs - ok
22:56:10.0768 3792  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:56:10.0782 3792  sbp2port - ok
22:56:10.0820 3792  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:56:10.0849 3792  SCardSvr - ok
22:56:10.0862 3792  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:56:10.0887 3792  scfilter - ok
22:56:10.0934 3792  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
22:56:10.0985 3792  Schedule - ok
22:56:11.0000 3792  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:56:11.0026 3792  SCPolicySvc - ok
22:56:11.0056 3792  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:56:11.0086 3792  SDRSVC - ok
22:56:11.0116 3792  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:56:11.0143 3792  secdrv - ok
22:56:11.0160 3792  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
22:56:11.0204 3792  seclogon - ok
22:56:11.0211 3792  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
22:56:11.0255 3792  SENS - ok
22:56:11.0302 3792  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:56:11.0358 3792  SensrSvc - ok
22:56:11.0374 3792  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:56:11.0387 3792  Serenum - ok
22:56:11.0403 3792  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:56:11.0416 3792  Serial - ok
22:56:11.0428 3792  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:56:11.0440 3792  sermouse - ok
22:56:11.0480 3792  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:56:11.0514 3792  SessionEnv - ok
22:56:11.0549 3792  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:56:11.0583 3792  sffdisk - ok
22:56:11.0590 3792  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:56:11.0620 3792  sffp_mmc - ok
22:56:11.0641 3792  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:56:11.0654 3792  sffp_sd - ok
22:56:11.0667 3792  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:56:11.0689 3792  sfloppy - ok
22:56:11.0715 3792  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:56:11.0766 3792  ShellHWDetection - ok
22:56:11.0784 3792  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:56:11.0796 3792  sisagp - ok
22:56:11.0820 3792  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:56:11.0831 3792  SiSRaid2 - ok
22:56:11.0845 3792  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:56:11.0857 3792  SiSRaid4 - ok
22:56:11.0883 3792  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:56:11.0911 3792  Smb - ok
22:56:11.0957 3792  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:56:11.0970 3792  SNMPTRAP - ok
22:56:11.0985 3792  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:56:11.0996 3792  spldr - ok
22:56:12.0030 3792  [ 866A43013535DC8587C258E43579C764 ] Spooler         C:\Windows\System32\spoolsv.exe
22:56:12.0062 3792  Spooler - ok
22:56:12.0167 3792  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
22:56:12.0249 3792  sppsvc - ok
22:56:12.0269 3792  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:56:12.0318 3792  sppuinotify - ok
22:56:12.0349 3792  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:56:12.0441 3792  srv - ok
22:56:12.0462 3792  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:56:12.0490 3792  srv2 - ok
22:56:12.0506 3792  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:56:12.0519 3792  srvnet - ok
22:56:12.0548 3792  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:56:12.0578 3792  SSDPSRV - ok
22:56:12.0585 3792  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:56:12.0626 3792  SstpSvc - ok
22:56:12.0652 3792  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:56:12.0663 3792  stexstor - ok
22:56:12.0702 3792  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:56:12.0734 3792  StiSvc - ok
22:56:12.0759 3792  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:56:12.0771 3792  storflt - ok
22:56:12.0804 3792  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
22:56:12.0847 3792  StorSvc - ok
22:56:12.0874 3792  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:56:12.0886 3792  storvsc - ok
22:56:12.0908 3792  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:56:12.0919 3792  swenum - ok
22:56:12.0949 3792  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
22:56:12.0983 3792  swprv - ok
22:56:13.0029 3792  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
22:56:13.0067 3792  SysMain - ok
22:56:13.0098 3792  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:56:13.0115 3792  TabletInputService - ok
22:56:13.0152 3792  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:56:13.0181 3792  TapiSrv - ok
22:56:13.0188 3792  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
22:56:13.0230 3792  TBS - ok
22:56:13.0283 3792  [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:56:13.0322 3792  Tcpip - ok
22:56:13.0347 3792  [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:56:13.0379 3792  TCPIP6 - ok
22:56:13.0399 3792  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:56:13.0432 3792  tcpipreg - ok
22:56:13.0462 3792  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:56:13.0512 3792  TDPIPE - ok
22:56:13.0528 3792  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:56:13.0551 3792  TDTCP - ok
22:56:13.0578 3792  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:56:13.0620 3792  tdx - ok
22:56:13.0640 3792  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:56:13.0652 3792  TermDD - ok
22:56:13.0692 3792  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
22:56:13.0727 3792  TermService - ok
22:56:13.0746 3792  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
22:56:13.0773 3792  Themes - ok
22:56:13.0790 3792  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:56:13.0817 3792  THREADORDER - ok
22:56:13.0824 3792  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
22:56:13.0863 3792  TrkWks - ok
22:56:13.0910 3792  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:56:13.0938 3792  TrustedInstaller - ok
22:56:13.0970 3792  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:56:14.0012 3792  tssecsrv - ok
22:56:14.0063 3792  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:56:14.0104 3792  TsUsbFlt - ok
22:56:14.0149 3792  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:56:14.0184 3792  tunnel - ok
22:56:14.0223 3792  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:56:14.0235 3792  uagp35 - ok
22:56:14.0260 3792  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:56:14.0298 3792  udfs - ok
22:56:14.0332 3792  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:56:14.0357 3792  UI0Detect - ok
22:56:14.0386 3792  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:56:14.0397 3792  uliagpkx - ok
22:56:14.0423 3792  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:56:14.0449 3792  umbus - ok
22:56:14.0474 3792  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:56:14.0497 3792  UmPass - ok
22:56:14.0523 3792  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:56:14.0538 3792  UmRdpService - ok
22:56:14.0571 3792  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
22:56:14.0615 3792  upnphost - ok
22:56:14.0633 3792  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:56:14.0673 3792  usbccgp - ok
22:56:14.0691 3792  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:56:14.0714 3792  usbcir - ok
22:56:14.0731 3792  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:56:14.0743 3792  usbehci - ok
22:56:14.0774 3792  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:56:14.0805 3792  usbhub - ok
22:56:14.0820 3792  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:56:14.0843 3792  usbohci - ok
22:56:14.0871 3792  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:56:14.0884 3792  usbprint - ok
22:56:14.0902 3792  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:56:14.0966 3792  USBSTOR - ok
22:56:14.0981 3792  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:56:14.0996 3792  usbuhci - ok
22:56:15.0025 3792  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
22:56:15.0052 3792  UxSms - ok
22:56:15.0062 3792  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
22:56:15.0086 3792  VaultSvc - ok
22:56:15.0113 3792  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:56:15.0125 3792  vdrvroot - ok
22:56:15.0157 3792  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
22:56:15.0207 3792  vds - ok
22:56:15.0246 3792  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:56:15.0271 3792  vga - ok
22:56:15.0290 3792  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:56:15.0316 3792  VgaSave - ok
22:56:15.0341 3792  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:56:15.0356 3792  vhdmp - ok
22:56:15.0385 3792  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:56:15.0397 3792  viaagp - ok
22:56:15.0418 3792  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:56:15.0442 3792  ViaC7 - ok
22:56:15.0455 3792  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
22:56:15.0466 3792  viaide - ok
22:56:15.0491 3792  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:56:15.0506 3792  vmbus - ok
22:56:15.0521 3792  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:56:15.0532 3792  VMBusHID - ok
22:56:15.0550 3792  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:56:15.0562 3792  volmgr - ok
22:56:15.0586 3792  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:56:15.0605 3792  volmgrx - ok
22:56:15.0628 3792  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:56:15.0645 3792  volsnap - ok
22:56:15.0668 3792  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:56:15.0682 3792  vsmraid - ok
22:56:15.0731 3792  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
22:56:15.0775 3792  VSS - ok
22:56:15.0792 3792  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:56:15.0820 3792  vwifibus - ok
22:56:15.0858 3792  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
22:56:15.0903 3792  W32Time - ok
22:56:15.0923 3792  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:56:15.0946 3792  WacomPen - ok
22:56:15.0991 3792  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:56:16.0031 3792  WANARP - ok
22:56:16.0036 3792  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:56:16.0060 3792  Wanarpv6 - ok
22:56:16.0115 3792  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
22:56:16.0203 3792  wbengine - ok
22:56:16.0231 3792  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:56:16.0264 3792  WbioSrvc - ok
22:56:16.0298 3792  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:56:16.0328 3792  wcncsvc - ok
22:56:16.0342 3792  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:56:16.0403 3792  WcsPlugInService - ok
22:56:16.0428 3792  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:56:16.0440 3792  Wd - ok
22:56:16.0465 3792  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:56:16.0486 3792  Wdf01000 - ok
22:56:16.0493 3792  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:56:16.0557 3792  WdiServiceHost - ok
22:56:16.0561 3792  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:56:16.0577 3792  WdiSystemHost - ok
22:56:16.0601 3792  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
22:56:16.0632 3792  WebClient - ok
22:56:16.0652 3792  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:56:16.0682 3792  Wecsvc - ok
22:56:16.0689 3792  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:56:16.0725 3792  wercplsupport - ok
22:56:16.0748 3792  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:56:16.0778 3792  WerSvc - ok
22:56:16.0801 3792  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:56:16.0827 3792  WfpLwf - ok
22:56:16.0843 3792  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:56:16.0855 3792  WIMMount - ok
22:56:16.0865 3792  WinHttpAutoProxySvc - ok
22:56:16.0914 3792  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:56:16.0940 3792  Winmgmt - ok
22:56:16.0993 3792  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
22:56:17.0053 3792  WinRM - ok
22:56:17.0101 3792  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:56:17.0121 3792  WinUsb - ok
22:56:17.0167 3792  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:56:17.0210 3792  Wlansvc - ok
22:56:17.0238 3792  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:56:17.0250 3792  WmiAcpi - ok
22:56:17.0286 3792  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:56:17.0314 3792  wmiApSrv - ok
22:56:17.0387 3792  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:56:17.0461 3792  WMPNetworkSvc - ok
22:56:17.0490 3792  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:56:17.0525 3792  WPCSvc - ok
22:56:17.0557 3792  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:56:17.0597 3792  WPDBusEnum - ok
22:56:17.0627 3792  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:56:17.0666 3792  ws2ifsl - ok
22:56:17.0672 3792  WSearch - ok
22:56:17.0709 3792  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:56:17.0736 3792  WudfPf - ok
22:56:17.0784 3792  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:56:17.0810 3792  WUDFRd - ok
22:56:17.0837 3792  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:56:17.0865 3792  wudfsvc - ok
22:56:17.0893 3792  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:56:17.0925 3792  WwanSvc - ok
22:56:17.0931 3792  ================ Scan global ===============================
22:56:17.0954 3792  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:56:17.0984 3792  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
22:56:17.0994 3792  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
22:56:18.0025 3792  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:56:18.0063 3792  [ A302BBFF2A7278C0E239EE5D471D86A9 ] C:\Windows\system32\services.exe
22:56:18.0070 3792  C:\Windows\system32\services.exe ( Virus.Win32.ZAccess.m ) - infected
22:56:18.0070 3792  C:\Windows\system32\services.exe - detected Virus.Win32.ZAccess.m (0)
22:56:18.0070 3792  ================ Scan MBR ==================================
22:56:18.0074 3792  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:56:18.0336 3792  \Device\Harddisk1\DR1 - ok
22:56:18.0348 3792  [ 587F1BF40479D66675A13B610E5E7F9E ] \Device\Harddisk0\DR0
22:56:18.0421 3792  \Device\Harddisk0\DR0 - ok
22:56:18.0421 3792  ================ Scan VBR ==================================
22:56:18.0451 3792  [ 4AA658609B119298D51249CA1C33007B ] \Device\Harddisk1\DR1\Partition1
22:56:18.0452 3792  \Device\Harddisk1\DR1\Partition1 - ok
22:56:18.0460 3792  [ 6AD97C3B7A8E62ED6D7D49DEDD175B2A ] \Device\Harddisk1\DR1\Partition2
22:56:18.0461 3792  \Device\Harddisk1\DR1\Partition2 - ok
22:56:18.0466 3792  [ 4209871E1686E761918260ED20859A67 ] \Device\Harddisk1\DR1\Partition3
22:56:18.0468 3792  \Device\Harddisk1\DR1\Partition3 - ok
22:56:18.0496 3792  [ E6ECB38C29FC9CEB1A2747D2F33B31EA ] \Device\Harddisk0\DR0\Partition1
22:56:18.0499 3792  \Device\Harddisk0\DR0\Partition1 - ok
22:56:18.0525 3792  [ 45A1797E620C57261C3B89C1B96A4416 ] \Device\Harddisk0\DR0\Partition2
22:56:18.0527 3792  \Device\Harddisk0\DR0\Partition2 - ok
22:56:18.0527 3792  ============================================================
22:56:18.0527 3792  Scan finished
22:56:18.0527 3792  ============================================================
22:56:18.0546 2532  Detected object count: 1
22:56:18.0546 2532  Actual detected object count: 1
22:56:44.0234 2532  C:\Windows\system32\services.exe ( Virus.Win32.ZAccess.m ) - skipped by user
22:56:44.0234 2532  C:\Windows\system32\services.exe ( Virus.Win32.ZAccess.m ) - User select action: Skip

03.09.2012, 21:03	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Musik kommt automatisch unter "Name nicht Verfügbar" im Audiomixer (Windows 7) Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

Musik kommt automatisch unter "Name nicht Verfügbar" im Audiomixer (Windows 7)

Log-Analyse und Auswertung: Musik kommt automatisch unter "Name nicht Verfügbar" im Audiomixer (Windows 7)