| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: VISTA,weißer Bildschirm, kein abgesicherter Modus :-(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.01.2013, 20:49
| #1 |
| |  VISTA,weißer Bildschirm, kein abgesicherter Modus :-( Hallo, meinen Sohn hat es nun auch erwischt, habe mich ein bischen eingelesen und poste mal meine logfiles. ich hoffe es kann mir jemand helfen OTL.txt Code:
ATTFilter OTL logfile created on: 1/21/2013 8:26:12 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.90 Gb Total Space | 170.70 Gb Free Space | 59.29% Space Free | Partition Type: NTFS
Drive D: | 1.89 Gb Total Space | 1.88 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell)
SRV - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (VBFilt) -- File not found
DRV - (VBEngNT) -- File not found
DRV - (SandBox) -- File not found
DRV - (NwlnkFwd) -- File not found
DRV - (NwlnkFlt) -- File not found
DRV - (MpKsla0a94a57) -- File not found
DRV - (IpInIp) -- File not found
DRV - (IntcHdmiAddService) Intel(R) -- File not found
DRV - (igfx) -- File not found
DRV - (ASWFilt) -- File not found
DRV - (ApfiltrService) -- File not found
DRV - (afwcore) -- File not found
DRV - (afw) -- File not found
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpKsl92e8952c) -- C:\Windows\System32\MpEngineStore\MpKsl92e8952c.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (PVUSB) -- C:\Windows\System32\drivers\CESG502.sys (Hitachi Semiconductor and Devices Sales Co.,Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Ma77i_ON_C\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\Ma77i_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2012/12/25 08:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/11 10:59:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/21 14:48:57 | 000,000,000 | ---D | M]
[2012/12/06 13:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/06 13:43:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/11 10:59:42 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/10/24 17:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/05/02 10:31:57 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/10/24 17:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 17:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/01/05 08:42:47 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/10/24 17:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/16 03:16:29 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/24 17:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/24 17:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\Ma77i\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Ma77i_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Ma77i_ON_C..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [Clownfish] C:\Program Files\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\Ma77i_ON_C..\Run: [Facebook Update] C:\Users\Ma77i\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [Media Finder] File not found
O4 - HKU\Ma77i_ON_C..\Run: [MobileDocuments] File not found
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Ma77i_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Ma77i_ON_C Winlogon: Shell - (C:\Users\Ma77i\AppData\Roaming\skype.dat) - C:\Users\Ma77i\AppData\Roaming\skype.dat ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/21 20:24:02 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2013/01/21 20:06:40 | 000,000,000 | -HSD | C] -- C:\Users\All Users
[2013/01/21 20:03:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/21 13:42:09 | 000,000,000 | ---D | C] -- C:\Users
[2013/01/10 13:05:04 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/10 13:04:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/03 09:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
[2012/12/29 19:00:41 | 000,000,000 | ---D | C] -- C:\Users\Ma77i\AppData\Roaming\gtk-2.0
[2012/12/25 08:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012/12/25 08:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012/12/25 07:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/01/21 19:29:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/01/21 19:29:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/01/21 13:51:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/21 13:51:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/21 13:48:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 13:48:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 13:47:36 | 3186,651,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/21 13:41:27 | 313,125,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/21 10:30:19 | 000,000,004 | ---- | M] () -- C:\Users\Ma77i\AppData\Roaming\skype.ini
[2013/01/21 10:27:53 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/21 10:27:17 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 10:03:42 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/01/21 10:03:42 | 000,600,690 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/21 10:03:42 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/01/21 10:03:42 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/21 09:27:34 | 000,259,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/11 10:27:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/11 09:27:14 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/11 09:27:14 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/11 09:11:30 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2013/01/09 08:54:08 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000UA.job
[2013/01/09 08:54:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000Core.job
[2013/01/05 07:09:16 | 000,059,023 | ---- | M] () -- C:\Users\Ma77i\Desktop\27991_106086939564715_27429362_n[1].jpg
[2013/01/04 18:21:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/01/04 18:19:50 | 000,001,960 | ---- | M] () -- C:\Users\Ma77i\Desktop\iCloud.lnk
[2013/01/04 12:29:20 | 000,014,817 | ---- | M] () -- C:\Users\Ma77i\Documents\fv4005_stage2 (1).jpg
[2013/01/04 12:03:08 | 000,083,312 | ---- | M] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_2_280.jpg
[2013/01/04 12:03:05 | 000,072,291 | ---- | M] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_3_280.jpg
[2013/01/03 09:16:03 | 000,001,686 | ---- | M] () -- C:\Users\Ma77i\Desktop\Clownfish.lnk
[2013/01/03 09:16:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
[2012/12/30 07:13:54 | 000,075,899 | ---- | M] () -- C:\Users\Ma77i\Desktop\DIE RÜHLE.odt
[2012/12/28 16:00:13 | 000,001,191 | ---- | M] () -- C:\Users\Ma77i\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube to MP3 Converter.lnk
[2012/12/28 13:29:14 | 000,029,184 | ---- | M] () -- C:\Users\Ma77i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/25 08:57:53 | 000,001,191 | ---- | M] () -- C:\Users\Ma77i\Desktop\Free YouTube to MP3 Converter.lnk
[2012/12/25 08:57:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/12/25 07:39:25 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/25 07:39:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/21 19:29:12 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/01/21 19:29:12 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/01/21 09:45:00 | 3186,651,136 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/11 11:01:47 | 000,000,004 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\skype.ini
[2013/01/05 07:09:38 | 000,059,023 | ---- | C] () -- C:\Users\Ma77i\Desktop\27991_106086939564715_27429362_n[1].jpg
[2013/01/04 18:19:50 | 000,001,960 | ---- | C] () -- C:\Users\Ma77i\Desktop\iCloud.lnk
[2013/01/04 12:29:10 | 000,014,817 | ---- | C] () -- C:\Users\Ma77i\Documents\fv4005_stage2 (1).jpg
[2013/01/04 12:03:08 | 000,083,312 | ---- | C] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_2_280.jpg
[2013/01/04 12:03:05 | 000,072,291 | ---- | C] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_3_280.jpg
[2012/12/29 19:22:41 | 000,075,899 | ---- | C] () -- C:\Users\Ma77i\Desktop\DIE RÜHLE.odt
[2012/12/28 16:00:13 | 000,001,191 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube to MP3 Converter.lnk
[2012/12/25 08:57:53 | 000,001,191 | ---- | C] () -- C:\Users\Ma77i\Desktop\Free YouTube to MP3 Converter.lnk
[2012/11/22 16:03:20 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/11/18 12:31:22 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012/02/10 09:41:01 | 000,056,320 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\skype.dat
[2012/02/01 06:09:31 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2012/01/05 08:40:45 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012/01/03 08:47:33 | 000,001,356 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\d3d9caps.dat
[2011/12/26 04:30:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/26 04:30:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/19 11:20:05 | 000,029,184 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/18 11:45:51 | 000,017,408 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\WebpageIcons.db
[2010/06/08 08:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010/06/08 08:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2009/05/15 12:22:04 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009/05/15 12:21:55 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/05/15 12:21:55 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/05/15 12:21:55 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/05/15 12:21:55 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009/05/15 12:21:55 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2009/05/15 04:05:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/15 03:57:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/05/15 03:04:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 02:15:58 | 000,644,136 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,131,388 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/12/01 04:36:02 | 000,011,264 | ---- | C] () -- C:\Windows\System32\sssegfilter.dll
[2006/12/01 04:36:00 | 000,217,088 | ---- | C] () -- C:\Windows\System32\ssminidriver.dll
[2006/12/01 04:35:58 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2006/12/01 04:35:54 | 000,010,752 | ---- | C] () -- C:\Windows\System32\sserrhandler.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,259,728 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,600,690 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,108,572 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2012/05/02 10:31:49 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Babylon
[2012/11/07 08:22:33 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\CASIO
[2012/12/25 08:57:53 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\DVDVideoSoft
[2012/12/25 08:57:55 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/12/29 19:02:44 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\gtk-2.0
[2011/12/25 06:11:14 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Leadertech
[2012/03/22 10:06:29 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Media Finder
[2011/12/21 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\OpenOffice.org
[2012/11/24 05:09:03 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\TS3Client
[2012/11/23 11:34:21 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\ts3overlay
[2012/11/16 12:46:28 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\TuneUp Software
[2012/11/22 11:21:08 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\wargaming.net
[2012/12/25 07:39:24 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/11/01 04:30:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Age of Empires 3
[2012/11/16 13:37:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Agnitum
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/05/02 10:31:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/06/17 04:20:16 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2012/11/07 08:21:40 | 000,000,000 | ---D | M] -- C:\ProgramData\CASIO
[2012/11/16 12:45:37 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012/01/06 14:34:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/03/22 09:54:30 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2012/10/30 12:29:16 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2012/03/22 09:54:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Premium
[2012/01/01 12:39:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012/02/05 13:45:28 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/11/16 12:46:29 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/03/06 09:57:47 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2012/03/22 10:03:19 | 000,000,000 | ---D | M] -- C:\ProgramData\wxDfast
[2012/11/16 12:57:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\{3192C226-BD81-479F-822D-6CF72EE1AB45}
[2012/02/01 06:17:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/03/24 04:04:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/11/16 12:45:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/01/09 08:54:01 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000Core.job
[2013/01/09 08:54:08 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000UA.job
[2013/01/21 13:51:30 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\unleashed.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\unknown.identity.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\Ohne Limit.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\Leg dich nicht mit Zohan an.avi:TOC.WMV
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 1/21/2013 8:26:12 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.90 Gb Total Space | 170.70 Gb Free Space | 59.29% Space Free | Partition Type: NTFS
Drive D: | 1.89 Gb Total Space | 1.88 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Users\Ma77i\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Users\Ma77i\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT1}_is1" = World of Tanks - Common Test
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A049681D-5E6C-4F9B-9860-4289E7AEB426}" = fx-9860GII Manager PLUS (90 Day Trial)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EAC2DDAB-5035-44EE-AA13-65D40CF46FF1}" = Kabel Deutschland Installations-Software
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB47E710-6249-4EFA-BE36-E922B0612AF4}" = CASIO FA-124
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Clownfish" = Clownfish for Skype
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" =
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"IpodConverter_is1" = IpodConverter 1.1
"Kabel Deutschland Installations-Software" = Kabel Deutschland Installations-Software
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VAIO Help and Support" =
"VLC media player" = VLC media player 2.0.0
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\Ma77i_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FLV Player" = FLV Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
< End of report >
|
|
21.01.2013, 22:13
| #2 |
| /// Malware-holic   | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( hi
__________________auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL
O20 - HKU\Ma77i_ON_C Winlogon: Shell - (C:\Users\Ma77i\AppData\Roaming\skype.dat) - C:\Users\Ma77i\AppData\Roaming\skype.dat ()
[2013/01/21 10:30:19 | 000,000,004 | ---- | M] () -- C:\Users\Ma77i\AppData\Roaming\skype.ini
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
22.01.2013, 13:33
| #3 |
| /// Malware-holic | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( hi
__________________weiter hiermit bitte: download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________ |
|
22.01.2013, 13:41
| #4 |
| | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( danke schon mal. hier der log Code:
ATTFilter 13:38:07.0596 3248 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:38:09.0598 3248 ============================================================
13:38:09.0598 3248 Current date / time: 2013/01/22 13:38:09.0598
13:38:09.0598 3248 SystemInfo:
13:38:09.0598 3248
13:38:09.0598 3248 OS Version: 6.0.6002 ServicePack: 2.0
13:38:09.0598 3248 Product type: Workstation
13:38:09.0598 3248 ComputerName: MA77I-PC
13:38:09.0598 3248 UserName: Ma77i
13:38:09.0598 3248 Windows directory: C:\Windows
13:38:09.0598 3248 System windows directory: C:\Windows
13:38:09.0598 3248 Processor architecture: Intel x86
13:38:09.0598 3248 Number of processors: 2
13:38:09.0598 3248 Page size: 0x1000
13:38:09.0598 3248 Boot type: Normal boot
13:38:09.0598 3248 ============================================================
13:38:10.0459 3248 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:38:10.0467 3248 Drive \Device\Harddisk3\DR4 - Size: 0x78F80000 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:38:10.0468 3248 ============================================================
13:38:10.0468 3248 \Device\Harddisk0\DR0:
13:38:10.0515 3248 MBR partitions:
13:38:10.0515 3248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1462800, BlocksNum 0x23FCB800
13:38:10.0515 3248 \Device\Harddisk3\DR4:
13:38:10.0516 3248 MBR partitions:
13:38:10.0516 3248 \Device\Harddisk3\DR4\Partition1: MBR, Type 0xB, StartLBA 0x58, BlocksNum 0x3C7BA8
13:38:10.0516 3248 ============================================================
13:38:10.0591 3248 C: <-> \Device\Harddisk0\DR0\Partition1
13:38:10.0591 3248 ============================================================
13:38:10.0591 3248 Initialize success
13:38:10.0591 3248 ============================================================
13:38:47.0554 3820 ============================================================
13:38:47.0554 3820 Scan started
13:38:47.0554 3820 Mode: Manual; SigCheck; TDLFS;
13:38:47.0554 3820 ============================================================
13:38:47.0765 3820 ================ Scan system memory ========================
13:38:47.0765 3820 System memory - ok
13:38:47.0766 3820 ================ Scan services =============================
13:38:47.0922 3820 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:38:48.0041 3820 ACPI - ok
13:38:48.0092 3820 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:38:48.0107 3820 AdobeFlashPlayerUpdateSvc - ok
13:38:48.0166 3820 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:38:48.0208 3820 adp94xx - ok
13:38:48.0233 3820 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:38:48.0251 3820 adpahci - ok
13:38:48.0305 3820 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:38:48.0320 3820 adpu160m - ok
13:38:48.0361 3820 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:38:48.0376 3820 adpu320 - ok
13:38:48.0425 3820 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:38:48.0458 3820 AeLookupSvc - ok
13:38:48.0528 3820 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
13:38:48.0556 3820 AFD - ok
13:38:48.0574 3820 afw - ok
13:38:48.0595 3820 afwcore - ok
13:38:48.0628 3820 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:38:48.0640 3820 agp440 - ok
13:38:48.0693 3820 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:38:48.0707 3820 aic78xx - ok
13:38:48.0736 3820 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
13:38:48.0775 3820 ALG - ok
13:38:48.0809 3820 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
13:38:48.0821 3820 aliide - ok
13:38:48.0857 3820 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:38:48.0870 3820 amdagp - ok
13:38:48.0902 3820 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
13:38:48.0914 3820 amdide - ok
13:38:48.0935 3820 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:38:48.0970 3820 AmdK7 - ok
13:38:48.0988 3820 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:38:49.0024 3820 AmdK8 - ok
13:38:49.0049 3820 ApfiltrService - ok
13:38:49.0080 3820 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
13:38:49.0109 3820 Appinfo - ok
13:38:49.0227 3820 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:38:49.0238 3820 Apple Mobile Device - ok
13:38:49.0262 3820 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
13:38:49.0276 3820 arc - ok
13:38:49.0304 3820 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:38:49.0319 3820 arcsas - ok
13:38:49.0324 3820 ASWFilt - ok
13:38:49.0354 3820 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:38:49.0397 3820 AsyncMac - ok
13:38:49.0418 3820 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
13:38:49.0430 3820 atapi - ok
13:38:49.0490 3820 [ 1EA05449220E3D755477CE517A83846B ] athr C:\Windows\system32\DRIVERS\athr.sys
13:38:49.0564 3820 athr - ok
13:38:49.0627 3820 [ 4CFBFEC540F136CF952E8B6FDB80E52E ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:38:49.0695 3820 Ati External Event Utility - ok
13:38:49.0812 3820 [ 6F2CC6403012375385D556BF39382B74 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:38:50.0023 3820 atikmdag - ok
13:38:50.0064 3820 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:38:50.0099 3820 AudioEndpointBuilder - ok
13:38:50.0119 3820 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:38:50.0141 3820 Audiosrv - ok
13:38:50.0175 3820 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
13:38:50.0212 3820 Beep - ok
13:38:50.0262 3820 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
13:38:50.0303 3820 BFE - ok
13:38:50.0375 3820 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
13:38:50.0425 3820 BITS - ok
13:38:50.0449 3820 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:38:50.0475 3820 blbdrive - ok
13:38:50.0531 3820 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:38:50.0551 3820 Bonjour Service - ok
13:38:50.0590 3820 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:38:50.0603 3820 bowser - ok
13:38:50.0637 3820 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:38:50.0668 3820 BrFiltLo - ok
13:38:50.0681 3820 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:38:50.0700 3820 BrFiltUp - ok
13:38:50.0720 3820 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
13:38:50.0759 3820 Browser - ok
13:38:50.0776 3820 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:38:50.0834 3820 Brserid - ok
13:38:50.0855 3820 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:38:50.0914 3820 BrSerWdm - ok
13:38:50.0935 3820 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:38:50.0984 3820 BrUsbMdm - ok
13:38:51.0006 3820 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:38:51.0060 3820 BrUsbSer - ok
13:38:51.0100 3820 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
13:38:51.0112 3820 BthEnum - ok
13:38:51.0131 3820 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:38:51.0184 3820 BTHMODEM - ok
13:38:51.0203 3820 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:38:51.0236 3820 BthPan - ok
13:38:51.0295 3820 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
13:38:51.0344 3820 BTHPORT - ok
13:38:51.0371 3820 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
13:38:51.0399 3820 BthServ - ok
13:38:51.0421 3820 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
13:38:51.0434 3820 BTHUSB - ok
13:38:51.0469 3820 [ CD956DD816D9959748EB787A5121D1E4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
13:38:51.0490 3820 btwaudio - ok
13:38:51.0496 3820 [ 4CA1CC3D13466A3E2E9E9119D00AEC78 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
13:38:51.0508 3820 btwavdt - ok
13:38:51.0565 3820 [ FE7FCACE3678200AE202EB29C9B6A8E8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:38:51.0604 3820 btwdins - ok
13:38:51.0624 3820 [ 54C2EE0A3CEC586629035D771AACAE67 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
13:38:51.0635 3820 btwl2cap - ok
13:38:51.0664 3820 [ F857EF2D941530772AE828ECD6D71B22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
13:38:51.0673 3820 btwrchid - ok
13:38:51.0725 3820 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:38:51.0763 3820 cdfs - ok
13:38:51.0802 3820 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:38:51.0840 3820 cdrom - ok
13:38:51.0885 3820 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
13:38:51.0914 3820 CertPropSvc - ok
13:38:51.0939 3820 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
13:38:51.0963 3820 circlass - ok
13:38:52.0018 3820 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
13:38:52.0041 3820 CLFS - ok
13:38:52.0096 3820 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:38:52.0108 3820 clr_optimization_v2.0.50727_32 - ok
13:38:52.0198 3820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:38:52.0211 3820 clr_optimization_v4.0.30319_32 - ok
13:38:52.0253 3820 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:38:52.0290 3820 CmBatt - ok
13:38:52.0306 3820 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:38:52.0319 3820 cmdide - ok
13:38:52.0331 3820 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:38:52.0343 3820 Compbatt - ok
13:38:52.0349 3820 COMSysApp - ok
13:38:52.0355 3820 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:38:52.0368 3820 crcdisk - ok
13:38:52.0387 3820 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:38:52.0429 3820 Crusoe - ok
13:38:52.0462 3820 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:38:52.0496 3820 CryptSvc - ok
13:38:52.0536 3820 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:38:52.0617 3820 DcomLaunch - ok
13:38:52.0654 3820 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:38:52.0683 3820 DfsC - ok
13:38:52.0792 3820 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
13:38:52.0982 3820 DFSR - ok
13:38:53.0036 3820 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:38:53.0077 3820 Dhcp - ok
13:38:53.0099 3820 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
13:38:53.0112 3820 disk - ok
13:38:53.0127 3820 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
13:38:53.0136 3820 DMICall - ok
13:38:53.0166 3820 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:38:53.0192 3820 Dnscache - ok
13:38:53.0220 3820 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:38:53.0243 3820 dot3svc - ok
13:38:53.0294 3820 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
13:38:53.0321 3820 DPS - ok
13:38:53.0360 3820 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:38:53.0379 3820 drmkaud - ok
13:38:53.0443 3820 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:38:53.0488 3820 DXGKrnl - ok
13:38:53.0515 3820 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:38:53.0542 3820 E1G60 - ok
13:38:53.0576 3820 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
13:38:53.0605 3820 EapHost - ok
13:38:53.0662 3820 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:38:53.0678 3820 Ecache - ok
13:38:53.0738 3820 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:38:53.0755 3820 ehRecvr - ok
13:38:53.0768 3820 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:38:53.0797 3820 ehSched - ok
13:38:53.0812 3820 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:38:53.0835 3820 ehstart - ok
13:38:53.0884 3820 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:38:53.0906 3820 elxstor - ok
13:38:53.0947 3820 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:38:54.0019 3820 EMDMgmt - ok
13:38:54.0044 3820 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:38:54.0087 3820 ErrDev - ok
13:38:54.0123 3820 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
13:38:54.0164 3820 EventSystem - ok
13:38:54.0233 3820 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:38:54.0293 3820 EvtEng ( UnsignedFile.Multi.Generic ) - warning
13:38:54.0293 3820 EvtEng - detected UnsignedFile.Multi.Generic (1)
13:38:54.0340 3820 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
13:38:54.0366 3820 exfat - ok
13:38:54.0382 3820 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:38:54.0417 3820 fastfat - ok
13:38:54.0473 3820 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:38:54.0511 3820 fdc - ok
13:38:54.0531 3820 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
13:38:54.0555 3820 fdPHost - ok
13:38:54.0573 3820 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:38:54.0623 3820 FDResPub - ok
13:38:54.0719 3820 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:38:54.0732 3820 FileInfo - ok
13:38:54.0788 3820 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:38:54.0829 3820 Filetrace - ok
13:38:54.0853 3820 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:38:54.0891 3820 flpydisk - ok
13:38:54.0913 3820 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:38:54.0930 3820 FltMgr - ok
13:38:55.0014 3820 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
13:38:55.0058 3820 FontCache - ok
13:38:55.0114 3820 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:38:55.0125 3820 FontCache3.0.0.0 - ok
13:38:55.0184 3820 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:38:55.0197 3820 Fs_Rec - ok
13:38:55.0234 3820 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:38:55.0247 3820 gagp30kx - ok
13:38:55.0279 3820 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:38:55.0288 3820 GEARAspiWDM - ok
13:38:55.0333 3820 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
13:38:55.0403 3820 gpsvc - ok
13:38:55.0470 3820 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:38:55.0482 3820 gupdate - ok
13:38:55.0487 3820 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:38:55.0497 3820 gupdatem - ok
13:38:55.0530 3820 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:38:55.0594 3820 HdAudAddService - ok
13:38:55.0738 3820 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:38:55.0809 3820 HDAudBus - ok
13:38:55.0830 3820 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:38:55.0889 3820 HidBth - ok
13:38:55.0907 3820 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:38:55.0958 3820 HidIr - ok
13:38:55.0983 3820 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
13:38:55.0997 3820 hidserv - ok
13:38:56.0032 3820 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:38:56.0050 3820 HidUsb - ok
13:38:56.0074 3820 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:38:56.0116 3820 hkmsvc - ok
13:38:56.0139 3820 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:38:56.0151 3820 HpCISSs - ok
13:38:56.0186 3820 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:38:56.0228 3820 HSFHWAZL - ok
13:38:56.0303 3820 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:38:56.0386 3820 HSF_DPV - ok
13:38:56.0408 3820 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
13:38:56.0432 3820 HSXHWAZL - ok
13:38:56.0462 3820 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:38:56.0514 3820 HTTP - ok
13:38:56.0539 3820 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:38:56.0551 3820 i2omp - ok
13:38:56.0597 3820 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:38:56.0628 3820 i8042prt - ok
13:38:56.0667 3820 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:38:56.0681 3820 iaStor - ok
13:38:56.0722 3820 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:38:56.0742 3820 iaStorV - ok
13:38:56.0809 3820 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:38:56.0876 3820 idsvc - ok
13:38:56.0881 3820 igfx - ok
13:38:56.0910 3820 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:38:56.0924 3820 iirsp - ok
13:38:56.0964 3820 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
13:38:57.0022 3820 IKEEXT - ok
13:38:57.0097 3820 [ 3AA1F82EFA2B0454AF163124C9920D16 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:38:57.0230 3820 IntcAzAudAddService - ok
13:38:57.0235 3820 IntcHdmiAddService - ok
13:38:57.0250 3820 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
13:38:57.0262 3820 intelide - ok
13:38:57.0286 3820 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:38:57.0324 3820 intelppm - ok
13:38:57.0352 3820 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:38:57.0378 3820 IPBusEnum - ok
13:38:57.0400 3820 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:38:57.0441 3820 IpFilterDriver - ok
13:38:57.0474 3820 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:38:57.0507 3820 iphlpsvc - ok
13:38:57.0512 3820 IpInIp - ok
13:38:57.0533 3820 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:38:57.0558 3820 IPMIDRV - ok
13:38:57.0584 3820 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:38:57.0628 3820 IPNAT - ok
13:38:57.0675 3820 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:38:57.0711 3820 iPod Service - ok
13:38:57.0739 3820 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:38:57.0763 3820 IRENUM - ok
13:38:57.0779 3820 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:38:57.0791 3820 isapnp - ok
13:38:57.0830 3820 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:38:57.0847 3820 iScsiPrt - ok
13:38:57.0853 3820 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:38:57.0864 3820 iteatapi - ok
13:38:57.0881 3820 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:38:57.0893 3820 iteraid - ok
13:38:57.0906 3820 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:38:57.0918 3820 kbdclass - ok
13:38:57.0935 3820 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:38:57.0968 3820 kbdhid - ok
13:38:57.0980 3820 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
13:38:58.0004 3820 KeyIso - ok
13:38:58.0047 3820 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:38:58.0073 3820 KSecDD - ok
13:38:58.0121 3820 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:38:58.0155 3820 KtmRm - ok
13:38:58.0182 3820 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
13:38:58.0207 3820 LanmanServer - ok
13:38:58.0226 3820 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:38:58.0256 3820 LanmanWorkstation - ok
13:38:58.0285 3820 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:38:58.0318 3820 lltdio - ok
13:38:58.0350 3820 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:38:58.0393 3820 lltdsvc - ok
13:38:58.0416 3820 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:38:58.0458 3820 lmhosts - ok
13:38:58.0480 3820 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:38:58.0493 3820 LSI_FC - ok
13:38:58.0514 3820 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:38:58.0528 3820 LSI_SAS - ok
13:38:58.0541 3820 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:38:58.0555 3820 LSI_SCSI - ok
13:38:58.0567 3820 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
13:38:58.0604 3820 luafv - ok
13:38:58.0644 3820 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:38:58.0665 3820 Mcx2Svc - ok
13:38:58.0714 3820 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:38:58.0724 3820 mdmxsdk - ok
13:38:58.0746 3820 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
13:38:58.0758 3820 megasas - ok
13:38:58.0782 3820 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:38:58.0806 3820 MegaSR - ok
13:38:58.0833 3820 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
13:38:58.0878 3820 MMCSS - ok
13:38:58.0896 3820 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
13:38:58.0932 3820 Modem - ok
13:38:58.0946 3820 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:38:58.0971 3820 monitor - ok
13:38:58.0979 3820 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:38:59.0005 3820 mouclass - ok
13:38:59.0033 3820 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:38:59.0069 3820 mouhid - ok
13:38:59.0091 3820 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:38:59.0104 3820 MountMgr - ok
13:38:59.0167 3820 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:38:59.0181 3820 MozillaMaintenance - ok
13:38:59.0234 3820 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:38:59.0254 3820 MpFilter - ok
13:38:59.0276 3820 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
13:38:59.0290 3820 mpio - ok
13:38:59.0332 3820 [ A69630D039C38018689190234F866D77 ] MpKsl92e8952c C:\Windows\system32\MpEngineStore\MpKsl92e8952c.sys
13:38:59.0343 3820 MpKsl92e8952c - ok
13:38:59.0444 3820 [ A69630D039C38018689190234F866D77 ] MpKsl97fd4adb c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD0C547D-F0A4-498E-A2C5-43CC00860788}\MpKsl97fd4adb.sys
13:38:59.0454 3820 MpKsl97fd4adb - ok
13:38:59.0483 3820 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:38:59.0502 3820 mpsdrv - ok
13:38:59.0532 3820 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:38:59.0596 3820 MpsSvc - ok
13:38:59.0626 3820 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:38:59.0637 3820 Mraid35x - ok
13:38:59.0671 3820 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:38:59.0698 3820 MRxDAV - ok
13:38:59.0741 3820 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:38:59.0755 3820 mrxsmb - ok
13:38:59.0777 3820 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:38:59.0810 3820 mrxsmb10 - ok
13:38:59.0816 3820 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:38:59.0830 3820 mrxsmb20 - ok
13:38:59.0868 3820 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
13:38:59.0880 3820 msahci - ok
13:38:59.0896 3820 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:38:59.0910 3820 msdsm - ok
13:38:59.0937 3820 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
13:38:59.0971 3820 MSDTC - ok
13:38:59.0994 3820 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:39:00.0030 3820 Msfs - ok
13:39:00.0048 3820 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:39:00.0060 3820 msisadrv - ok
13:39:00.0085 3820 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:39:00.0124 3820 MSiSCSI - ok
13:39:00.0129 3820 msiserver - ok
13:39:00.0151 3820 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:39:00.0175 3820 MSKSSRV - ok
13:39:00.0231 3820 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:39:00.0245 3820 MsMpSvc - ok
13:39:00.0255 3820 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:39:00.0278 3820 MSPCLOCK - ok
13:39:00.0293 3820 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:39:00.0325 3820 MSPQM - ok
13:39:00.0357 3820 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:39:00.0373 3820 MsRPC - ok
13:39:00.0390 3820 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:39:00.0402 3820 mssmbios - ok
13:39:00.0420 3820 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:39:00.0451 3820 MSTEE - ok
13:39:00.0480 3820 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
13:39:00.0493 3820 Mup - ok
13:39:00.0524 3820 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
13:39:00.0562 3820 napagent - ok
13:39:00.0605 3820 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:39:00.0621 3820 NativeWifiP - ok
13:39:00.0675 3820 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:39:00.0703 3820 NDIS - ok
13:39:00.0709 3820 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:39:00.0753 3820 NdisTapi - ok
13:39:00.0764 3820 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:39:00.0789 3820 Ndisuio - ok
13:39:00.0834 3820 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:39:00.0855 3820 NdisWan - ok
13:39:00.0875 3820 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:39:00.0894 3820 NDProxy - ok
13:39:00.0910 3820 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:39:00.0951 3820 NetBIOS - ok
13:39:00.0986 3820 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:39:01.0022 3820 netbt - ok
13:39:01.0036 3820 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
13:39:01.0049 3820 Netlogon - ok
13:39:01.0076 3820 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
13:39:01.0119 3820 Netman - ok
13:39:01.0135 3820 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
13:39:01.0165 3820 netprofm - ok
13:39:01.0185 3820 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:39:01.0198 3820 NetTcpPortSharing - ok
13:39:01.0327 3820 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
13:39:01.0491 3820 NETw5v32 - ok
13:39:01.0521 3820 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:39:01.0533 3820 nfrd960 - ok
13:39:01.0557 3820 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:39:01.0573 3820 NisDrv - ok
13:39:01.0609 3820 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:39:01.0631 3820 NisSrv - ok
13:39:01.0658 3820 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:39:01.0686 3820 NlaSvc - ok
13:39:01.0729 3820 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:39:01.0764 3820 Npfs - ok
13:39:01.0808 3820 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
13:39:01.0852 3820 nsi - ok
13:39:01.0882 3820 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:39:01.0912 3820 nsiproxy - ok
13:39:01.0979 3820 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:39:02.0065 3820 Ntfs - ok
13:39:02.0105 3820 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:39:02.0148 3820 ntrigdigi - ok
13:39:02.0166 3820 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
13:39:02.0204 3820 Null - ok
13:39:02.0225 3820 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:39:02.0240 3820 nvraid - ok
13:39:02.0255 3820 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:39:02.0267 3820 nvstor - ok
13:39:02.0286 3820 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:39:02.0300 3820 nv_agp - ok
13:39:02.0307 3820 NwlnkFlt - ok
13:39:02.0312 3820 NwlnkFwd - ok
13:39:02.0343 3820 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:39:02.0374 3820 ohci1394 - ok
13:39:02.0451 3820 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:39:02.0529 3820 p2pimsvc - ok
13:39:02.0543 3820 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
13:39:02.0567 3820 p2psvc - ok
13:39:02.0603 3820 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:39:02.0646 3820 Parport - ok
13:39:02.0677 3820 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:39:02.0690 3820 partmgr - ok
13:39:02.0704 3820 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:39:02.0758 3820 Parvdm - ok
13:39:02.0822 3820 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
13:39:02.0851 3820 PcaSvc - ok
13:39:02.0894 3820 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
13:39:02.0909 3820 pci - ok
13:39:02.0952 3820 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
13:39:02.0964 3820 pciide - ok
13:39:02.0986 3820 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:39:03.0001 3820 pcmcia - ok
13:39:03.0071 3820 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:39:03.0186 3820 PEAUTH - ok
13:39:03.0416 3820 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
13:39:03.0528 3820 pla - ok
13:39:03.0587 3820 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:39:03.0627 3820 PlugPlay - ok
13:39:03.0663 3820 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:39:03.0687 3820 PNRPAutoReg - ok
13:39:03.0750 3820 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:39:03.0775 3820 PNRPsvc - ok
13:39:03.0830 3820 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:39:03.0893 3820 PolicyAgent - ok
13:39:03.0953 3820 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:39:03.0977 3820 PptpMiniport - ok
13:39:04.0002 3820 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
13:39:04.0026 3820 Processor - ok
13:39:04.0054 3820 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
13:39:04.0088 3820 ProfSvc - ok
13:39:04.0104 3820 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:39:04.0117 3820 ProtectedStorage - ok
13:39:04.0353 3820 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:39:04.0386 3820 PSched - ok
13:39:04.0442 3820 [ 72289D214B581981A860B0F9FB61E9C8 ] PVUSB C:\Windows\system32\DRIVERS\CESG502.sys
13:39:04.0480 3820 PVUSB - ok
13:39:04.0551 3820 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:39:04.0640 3820 ql2300 - ok
13:39:04.0665 3820 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:39:04.0678 3820 ql40xx - ok
13:39:04.0719 3820 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
13:39:04.0767 3820 QWAVE - ok
13:39:04.0834 3820 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:39:04.0847 3820 QWAVEdrv - ok
13:39:04.0857 3820 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:39:04.0893 3820 RasAcd - ok
13:39:04.0912 3820 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
13:39:04.0939 3820 RasAuto - ok
13:39:04.0962 3820 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:39:05.0000 3820 Rasl2tp - ok
13:39:05.0118 3820 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
13:39:05.0168 3820 RasMan - ok
13:39:05.0192 3820 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:39:05.0212 3820 RasPppoe - ok
13:39:05.0244 3820 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:39:05.0257 3820 RasSstp - ok
13:39:05.0286 3820 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:39:05.0323 3820 rdbss - ok
13:39:05.0342 3820 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:39:05.0382 3820 RDPCDD - ok
13:39:05.0405 3820 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:39:05.0433 3820 rdpdr - ok
13:39:05.0438 3820 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:39:05.0463 3820 RDPENCDD - ok
13:39:05.0662 3820 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:39:05.0725 3820 RDPWD - ok
13:39:05.0786 3820 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:39:05.0919 3820 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
13:39:05.0920 3820 RegSrvc - detected UnsignedFile.Multi.Generic (1)
13:39:05.0963 3820 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:39:05.0989 3820 RemoteAccess - ok
13:39:06.0018 3820 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:39:06.0040 3820 RemoteRegistry - ok
13:39:06.0060 3820 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:39:06.0082 3820 RFCOMM - ok
13:39:06.0113 3820 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
13:39:06.0126 3820 rimsptsk - ok
13:39:06.0158 3820 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
13:39:06.0169 3820 risdptsk - ok
13:39:06.0195 3820 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:39:06.0207 3820 RpcLocator - ok
13:39:06.0233 3820 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
13:39:06.0261 3820 RpcSs - ok
13:39:06.0291 3820 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:39:06.0324 3820 rspndr - ok
13:39:06.0372 3820 [ A95B16FF762FF217847B97E6F05778EE ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
13:39:06.0384 3820 RTHDMIAzAudService - ok
13:39:06.0433 3820 [ 4B3795EBECAE570DEF38BA7924C2A3DC ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
13:39:06.0444 3820 RtkAudioService - ok
13:39:06.0461 3820 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:39:06.0474 3820 SamSs - ok
13:39:06.0478 3820 SandBox - ok
13:39:06.0601 3820 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:39:06.0614 3820 sbp2port - ok
13:39:06.0649 3820 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:39:06.0671 3820 SCardSvr - ok
13:39:06.0727 3820 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:39:06.0791 3820 Schedule - ok
13:39:06.0828 3820 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:39:06.0846 3820 SCPolicySvc - ok
13:39:06.0935 3820 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
13:39:06.0961 3820 sdbus - ok
13:39:06.0991 3820 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:39:07.0024 3820 SDRSVC - ok
13:39:07.0041 3820 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:39:07.0098 3820 secdrv - ok
13:39:07.0177 3820 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:39:07.0203 3820 seclogon - ok
13:39:07.0218 3820 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
13:39:07.0243 3820 SENS - ok
13:39:07.0271 3820 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:39:07.0313 3820 Serenum - ok
13:39:07.0327 3820 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:39:07.0371 3820 Serial - ok
13:39:07.0397 3820 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:39:07.0421 3820 sermouse - ok
13:39:07.0443 3820 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:39:07.0470 3820 SessionEnv - ok
13:39:07.0502 3820 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
13:39:07.0512 3820 SFEP - ok
13:39:07.0532 3820 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:39:07.0550 3820 sffdisk - ok
13:39:07.0563 3820 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:39:07.0604 3820 sffp_mmc - ok
13:39:07.0623 3820 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:39:07.0647 3820 sffp_sd - ok
13:39:07.0664 3820 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:39:07.0722 3820 sfloppy - ok
13:39:07.0754 3820 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:39:07.0792 3820 SharedAccess - ok
13:39:07.0817 3820 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:39:07.0842 3820 ShellHWDetection - ok
13:39:07.0856 3820 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:39:07.0870 3820 sisagp - ok
13:39:07.0887 3820 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:39:07.0900 3820 SiSRaid2 - ok
13:39:07.0919 3820 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:39:07.0933 3820 SiSRaid4 - ok
13:39:07.0975 3820 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:39:07.0987 3820 SkypeUpdate - ok
13:39:08.0101 3820 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:39:08.0292 3820 slsvc - ok
13:39:08.0331 3820 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:39:08.0367 3820 SLUINotify - ok
13:39:08.0396 3820 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:39:08.0433 3820 Smb - ok
13:39:08.0462 3820 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:39:08.0475 3820 SNMPTRAP - ok
13:39:08.0522 3820 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:39:08.0534 3820 spldr - ok
13:39:08.0561 3820 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:39:08.0577 3820 Spooler - ok
13:39:08.0609 3820 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:39:08.0640 3820 srv - ok
13:39:08.0685 3820 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:39:08.0731 3820 srv2 - ok
13:39:08.0759 3820 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:39:08.0800 3820 srvnet - ok
13:39:08.0830 3820 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:39:08.0858 3820 SSDPSRV - ok
13:39:08.0881 3820 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:39:08.0897 3820 SstpSvc - ok
13:39:08.0940 3820 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:39:09.0002 3820 stisvc - ok
13:39:09.0021 3820 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:39:09.0033 3820 swenum - ok
13:39:09.0068 3820 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:39:09.0094 3820 swprv - ok
13:39:09.0112 3820 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:39:09.0124 3820 Symc8xx - ok
13:39:09.0144 3820 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:39:09.0155 3820 Sym_hi - ok
13:39:09.0169 3820 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:39:09.0180 3820 Sym_u3 - ok
13:39:09.0218 3820 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:39:09.0263 3820 SysMain - ok
13:39:09.0284 3820 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:39:09.0309 3820 TabletInputService - ok
13:39:09.0338 3820 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:39:09.0371 3820 TapiSrv - ok
13:39:09.0388 3820 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:39:09.0426 3820 TBS - ok
13:39:09.0494 3820 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:39:09.0590 3820 Tcpip - ok
13:39:09.0608 3820 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:39:09.0663 3820 Tcpip6 - ok
13:39:09.0687 3820 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:39:09.0700 3820 tcpipreg - ok
13:39:09.0730 3820 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:39:09.0754 3820 TDPIPE - ok
13:39:09.0796 3820 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:39:09.0835 3820 TDTCP - ok
13:39:09.0872 3820 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:39:09.0919 3820 tdx - ok
13:39:09.0942 3820 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:39:09.0956 3820 TermDD - ok
13:39:09.0994 3820 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:39:10.0033 3820 TermService - ok
13:39:10.0062 3820 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:39:10.0078 3820 Themes - ok
13:39:10.0117 3820 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:39:10.0142 3820 THREADORDER - ok
13:39:10.0182 3820 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:39:10.0209 3820 TrkWks - ok
13:39:10.0251 3820 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:39:10.0269 3820 TrustedInstaller - ok
13:39:10.0304 3820 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:39:10.0335 3820 tssecsrv - ok
13:39:10.0438 3820 [ 7D133CB3A08BDFAE656A6580D4A6ED14 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
13:39:10.0543 3820 TuneUp.UtilitiesSvc - ok
13:39:10.0588 3820 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
13:39:10.0596 3820 TuneUpUtilitiesDrv - ok
13:39:10.0618 3820 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:39:10.0630 3820 tunmp - ok
13:39:10.0654 3820 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:39:10.0667 3820 tunnel - ok
13:39:10.0686 3820 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:39:10.0699 3820 uagp35 - ok
13:39:10.0763 3820 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:39:10.0787 3820 udfs - ok
13:39:10.0846 3820 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:39:10.0886 3820 UI0Detect - ok
13:39:10.0890 3820 UIUSys - ok
13:39:10.0913 3820 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:39:10.0925 3820 uliagpkx - ok
13:39:10.0941 3820 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:39:10.0959 3820 uliahci - ok
13:39:10.0981 3820 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:39:10.0994 3820 UlSata - ok
13:39:11.0012 3820 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:39:11.0026 3820 ulsata2 - ok
13:39:11.0044 3820 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:39:11.0068 3820 umbus - ok
13:39:11.0107 3820 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:39:11.0149 3820 upnphost - ok
13:39:11.0190 3820 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:39:11.0240 3820 USBAAPL - ok
13:39:11.0270 3820 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:39:11.0290 3820 usbaudio - ok
13:39:11.0321 3820 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:39:11.0348 3820 usbccgp - ok
13:39:11.0376 3820 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:39:11.0420 3820 usbcir - ok
13:39:11.0441 3820 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:39:11.0477 3820 usbehci - ok
13:39:11.0500 3820 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:39:11.0522 3820 usbhub - ok
13:39:11.0537 3820 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:39:11.0578 3820 usbohci - ok
13:39:11.0634 3820 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:39:11.0694 3820 usbprint - ok
13:39:11.0739 3820 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:39:11.0758 3820 usbscan - ok
13:39:11.0793 3820 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
13:39:11.0812 3820 usbser - ok
13:39:11.0850 3820 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:39:11.0869 3820 USBSTOR - ok
13:39:11.0894 3820 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:39:11.0949 3820 usbuhci - ok
13:39:11.0981 3820 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:39:12.0028 3820 usbvideo - ok
13:39:12.0057 3820 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:39:12.0089 3820 UxSms - ok
13:39:12.0176 3820 [ 45A9AE4768840830D0239B52DFDC806A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:39:12.0196 3820 VAIO Power Management - ok
13:39:12.0201 3820 VBEngNT - ok
13:39:12.0207 3820 VBFilt - ok
13:39:12.0252 3820 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:39:12.0314 3820 vds - ok
13:39:12.0365 3820 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:39:12.0407 3820 vga - ok
13:39:12.0426 3820 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:39:12.0482 3820 VgaSave - ok
13:39:12.0497 3820 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:39:12.0510 3820 viaagp - ok
13:39:12.0522 3820 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:39:12.0546 3820 ViaC7 - ok
13:39:12.0564 3820 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
13:39:12.0577 3820 viaide - ok
13:39:12.0596 3820 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:39:12.0609 3820 volmgr - ok
13:39:12.0636 3820 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:39:12.0656 3820 volmgrx - ok
13:39:12.0692 3820 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:39:12.0706 3820 volsnap - ok
13:39:12.0733 3820 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:39:12.0747 3820 vsmraid - ok
13:39:12.0781 3820 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:39:12.0867 3820 VSS - ok
13:39:12.0894 3820 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:39:12.0920 3820 W32Time - ok
13:39:12.0948 3820 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:39:13.0012 3820 WacomPen - ok
13:39:13.0058 3820 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:39:13.0099 3820 Wanarp - ok
13:39:13.0103 3820 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:39:13.0122 3820 Wanarpv6 - ok
13:39:13.0148 3820 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:39:13.0174 3820 wcncsvc - ok
13:39:13.0198 3820 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:39:13.0220 3820 WcsPlugInService - ok
13:39:13.0235 3820 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
13:39:13.0255 3820 Wd - ok
13:39:13.0297 3820 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:39:13.0337 3820 Wdf01000 - ok
13:39:13.0369 3820 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:39:13.0430 3820 WdiServiceHost - ok
13:39:13.0435 3820 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:39:13.0461 3820 WdiSystemHost - ok
13:39:13.0496 3820 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:39:13.0528 3820 WebClient - ok
13:39:13.0560 3820 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:39:13.0577 3820 Wecsvc - ok
13:39:13.0619 3820 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:39:13.0656 3820 wercplsupport - ok
13:39:13.0740 3820 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:39:13.0763 3820 WerSvc - ok
13:39:13.0798 3820 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:39:13.0813 3820 WimFltr - ok
13:39:13.0855 3820 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:39:13.0895 3820 winachsf - ok
13:39:13.0956 3820 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:39:13.0974 3820 WinDefend - ok
13:39:13.0980 3820 WinHttpAutoProxySvc - ok
13:39:14.0045 3820 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:39:14.0067 3820 Winmgmt - ok
13:39:14.0122 3820 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:39:14.0202 3820 WinRM - ok
13:39:14.0250 3820 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:39:14.0288 3820 Wlansvc - ok
13:39:14.0328 3820 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:39:14.0386 3820 WmiAcpi - ok
13:39:14.0411 3820 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:39:14.0446 3820 wmiApSrv - ok
13:39:14.0490 3820 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:39:14.0569 3820 WMPNetworkSvc - ok
13:39:14.0582 3820 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:39:14.0615 3820 WPCSvc - ok
13:39:14.0656 3820 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:39:14.0684 3820 WPDBusEnum - ok
13:39:14.0802 3820 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:39:14.0837 3820 WpdUsb - ok
13:39:14.0965 3820 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:39:15.0030 3820 WPFFontCache_v0400 - ok
13:39:15.0079 3820 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:39:15.0157 3820 ws2ifsl - ok
13:39:15.0192 3820 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
13:39:15.0235 3820 wscsvc - ok
13:39:15.0241 3820 WSearch - ok
13:39:15.0314 3820 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:39:15.0455 3820 wuauserv - ok
13:39:15.0559 3820 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:39:15.0572 3820 WudfPf - ok
13:39:15.0584 3820 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:39:15.0611 3820 WUDFRd - ok
13:39:15.0646 3820 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:39:15.0662 3820 wudfsvc - ok
13:39:15.0694 3820 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
13:39:15.0704 3820 XAudio - ok
13:39:15.0733 3820 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
13:39:15.0784 3820 XAudioService - ok
13:39:15.0831 3820 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:39:15.0842 3820 xusb21 - ok
13:39:15.0864 3820 [ 3541E083BE976294DA5E644DB122A9A7 ] yksvc C:\Windows\System32\ykx32mpcoinst.dll
13:39:15.0917 3820 yksvc - ok
13:39:15.0938 3820 [ 780E78694485D405413AE67FADE0BC3F ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
13:39:15.0999 3820 yukonwlh - ok
13:39:16.0008 3820 ================ Scan global ===============================
13:39:16.0074 3820 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:39:16.0100 3820 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:39:16.0134 3820 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:39:16.0169 3820 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:39:16.0176 3820 [Global] - ok
13:39:16.0177 3820 ================ Scan MBR ==================================
13:39:16.0244 3820 [ 04D4350AE5FB6FC2AD3E7C26B1323C68 ] \Device\Harddisk0\DR0
13:39:16.0245 3820 Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:39:16.0278 3820 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
13:39:16.0278 3820 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
13:39:16.0283 3820 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:39:16.0283 3820 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:39:16.0289 3820 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR4
13:39:19.0031 3820 \Device\Harddisk3\DR4 - ok
13:39:19.0031 3820 ================ Scan VBR ==================================
13:39:19.0268 3820 [ 1B2502C54A06BCF0F8FCD0233161BA5C ] \Device\Harddisk0\DR0\Partition1
13:39:19.0270 3820 \Device\Harddisk0\DR0\Partition1 - ok
13:39:19.0274 3820 [ DEE5D45CEFA0DB99123C478B3345C3CE ] \Device\Harddisk3\DR4\Partition1
13:39:19.0276 3820 \Device\Harddisk3\DR4\Partition1 - ok
13:39:19.0276 3820 ============================================================
13:39:19.0276 3820 Scan finished
13:39:19.0276 3820 ============================================================
13:39:19.0286 4724 Detected object count: 4
13:39:19.0286 4724 Actual detected object count: 4
13:39:37.0650 4724 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:37.0651 4724 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:37.0655 4724 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:37.0655 4724 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:39:37.0655 4724 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user
13:39:37.0655 4724 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip
13:39:37.0657 4724 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:39:37.0657 4724 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:39:45.0687 3992 Deinitialize success
|
|
22.01.2013, 13:53
| #5 |
| /// Malware-holic | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( Hi starte den TDSS killer wie eben: scanne, für folgene 2 Funde wähle delete: Rootkit.Win32.TDSS TDSS File System starte neu, scanne, wie oben beschrieben, poste das neue Log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.01.2013, 14:10
| #6 |
| | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( hi, problem, der Rootkit.Win32.TDSS kann nicht gelöscht werden keine option "Delete" nur "Copy to quarantine" noch ein problem , rechner fährt jetzt garicht mehr hoch nur der blinkende cursor  |
|
22.01.2013, 14:42
| #7 |
| /// Malware-holic | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( hi, hast du ne original vista cd zur hand?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.01.2013, 14:48
| #8 |
| | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( habe nur eine vista_recover_x86 version habe gerade gesehen da ist noch eine 10GB große "Recovery" Partition auf dem rechner ist die zu etwas zu gebrauchen OK keine PN mehr, dachte so bekommst du das schneller....sorry hab mir jetzt eine vista version auf den Stick gemacht...wie weiter? |
|
22.01.2013, 17:26
| #9 |
| /// Malware-holic | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( führe mal folgenes aus: Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de. über den Vista stick, und zwar in Reihenfolge: fixmbr und fixboot jeweils mit j oder y bestätigen. dann neustarten und schaun ob das System läuft wenn ja, tdss killer wie oben, log posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.01.2013, 19:43
| #10 |
| | VISTA,weißer Bildschirm, kein abgesicherter Modus :-( so, fix hat funktioniert nur leider bekomme ich beim booten nach dem windows icon einen bluescreen im abgesicherten modus fährt er hoch und dort habe ich den scan gemacht Code:
ATTFilter 19:35:17.0545 0228 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:35:17.0560 0228 ============================================================
19:35:17.0560 0228 Current date / time: 2013/01/22 19:35:17.0560
19:35:17.0560 0228 SystemInfo:
19:35:17.0560 0228
19:35:17.0560 0228 OS Version: 6.0.6002 ServicePack: 2.0
19:35:17.0560 0228 Product type: Workstation
19:35:17.0560 0228 ComputerName: MA77I-PC
19:35:17.0560 0228 UserName: Ma77i
19:35:17.0560 0228 Windows directory: C:\Windows
19:35:17.0560 0228 System windows directory: C:\Windows
19:35:17.0560 0228 Processor architecture: Intel x86
19:35:17.0560 0228 Number of processors: 2
19:35:17.0560 0228 Page size: 0x1000
19:35:17.0560 0228 Boot type: Safe boot
19:35:17.0560 0228 ============================================================
19:35:17.0903 0228 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:35:17.0903 0228 Drive \Device\Harddisk3\DR3 - Size: 0x78F80000 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:35:17.0903 0228 ============================================================
19:35:17.0903 0228 \Device\Harddisk0\DR0:
19:35:17.0903 0228 MBR partitions:
19:35:17.0903 0228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1462800, BlocksNum 0x23FCB800
19:35:17.0903 0228 \Device\Harddisk3\DR3:
19:35:17.0903 0228 MBR partitions:
19:35:17.0903 0228 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x58, BlocksNum 0x3C7BA8
19:35:17.0903 0228 ============================================================
19:35:17.0935 0228 C: <-> \Device\Harddisk0\DR0\Partition1
19:35:17.0935 0228 ============================================================
19:35:17.0935 0228 Initialize success
19:35:17.0935 0228 ============================================================
19:35:27.0731 0320 ============================================================
19:35:27.0731 0320 Scan started
19:35:27.0731 0320 Mode: Manual; SigCheck; TDLFS;
19:35:27.0731 0320 ============================================================
19:35:27.0763 0320 ================ Scan system memory ========================
19:35:27.0763 0320 System memory - ok
19:35:27.0763 0320 ================ Scan services =============================
19:35:27.0965 0320 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:35:28.0043 0320 ACPI - ok
19:35:28.0090 0320 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:28.0121 0320 AdobeFlashPlayerUpdateSvc - ok
19:35:28.0199 0320 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:35:28.0215 0320 adp94xx - ok
19:35:28.0246 0320 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:35:28.0262 0320 adpahci - ok
19:35:28.0309 0320 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:35:28.0324 0320 adpu160m - ok
19:35:28.0355 0320 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:35:28.0371 0320 adpu320 - ok
19:35:28.0418 0320 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:35:28.0465 0320 AeLookupSvc - ok
19:35:28.0543 0320 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:35:28.0605 0320 AFD - ok
19:35:28.0605 0320 afw - ok
19:35:28.0636 0320 afwcore - ok
19:35:28.0667 0320 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:35:28.0683 0320 agp440 - ok
19:35:28.0745 0320 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:35:28.0761 0320 aic78xx - ok
19:35:28.0792 0320 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:35:28.0901 0320 ALG - ok
19:35:28.0917 0320 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:35:28.0933 0320 aliide - ok
19:35:28.0979 0320 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:35:28.0995 0320 amdagp - ok
19:35:29.0042 0320 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:35:29.0057 0320 amdide - ok
19:35:29.0089 0320 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:35:29.0135 0320 AmdK7 - ok
19:35:29.0151 0320 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:35:29.0182 0320 AmdK8 - ok
19:35:29.0213 0320 ApfiltrService - ok
19:35:29.0245 0320 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:35:29.0276 0320 Appinfo - ok
19:35:29.0416 0320 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:29.0416 0320 Apple Mobile Device - ok
19:35:29.0447 0320 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:35:29.0463 0320 arc - ok
19:35:29.0479 0320 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:35:29.0494 0320 arcsas - ok
19:35:29.0510 0320 ASWFilt - ok
19:35:29.0541 0320 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:35:29.0588 0320 AsyncMac - ok
19:35:29.0603 0320 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:35:29.0603 0320 atapi - ok
19:35:29.0666 0320 [ 1EA05449220E3D755477CE517A83846B ] athr C:\Windows\system32\DRIVERS\athr.sys
19:35:29.0744 0320 athr - ok
19:35:29.0791 0320 [ 4CFBFEC540F136CF952E8B6FDB80E52E ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:35:29.0884 0320 Ati External Event Utility - ok
19:35:29.0993 0320 [ 6F2CC6403012375385D556BF39382B74 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:35:30.0196 0320 atikmdag - ok
19:35:30.0227 0320 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:35:30.0274 0320 AudioEndpointBuilder - ok
19:35:30.0290 0320 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:35:30.0305 0320 Audiosrv - ok
19:35:30.0337 0320 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:35:30.0383 0320 Beep - ok
19:35:30.0415 0320 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:35:30.0461 0320 BFE - ok
19:35:30.0524 0320 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:35:30.0695 0320 BITS - ok
19:35:30.0727 0320 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:35:30.0758 0320 blbdrive - ok
19:35:30.0820 0320 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:35:30.0836 0320 Bonjour Service - ok
19:35:30.0867 0320 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:35:30.0898 0320 bowser - ok
19:35:30.0929 0320 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:35:30.0961 0320 BrFiltLo - ok
19:35:30.0976 0320 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:35:31.0007 0320 BrFiltUp - ok
19:35:31.0039 0320 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:35:31.0070 0320 Browser - ok
19:35:31.0085 0320 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:35:31.0241 0320 Brserid - ok
19:35:31.0257 0320 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:35:31.0319 0320 BrSerWdm - ok
19:35:31.0335 0320 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:35:31.0382 0320 BrUsbMdm - ok
19:35:31.0413 0320 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:35:31.0460 0320 BrUsbSer - ok
19:35:31.0507 0320 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:35:31.0538 0320 BthEnum - ok
19:35:31.0585 0320 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:35:31.0631 0320 BTHMODEM - ok
19:35:31.0647 0320 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:35:31.0678 0320 BthPan - ok
19:35:31.0741 0320 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:35:31.0787 0320 BTHPORT - ok
19:35:31.0819 0320 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:35:31.0850 0320 BthServ - ok
19:35:31.0881 0320 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:35:31.0897 0320 BTHUSB - ok
19:35:31.0928 0320 [ CD956DD816D9959748EB787A5121D1E4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:35:31.0943 0320 btwaudio - ok
19:35:31.0943 0320 [ 4CA1CC3D13466A3E2E9E9119D00AEC78 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:35:31.0959 0320 btwavdt - ok
19:35:32.0021 0320 [ FE7FCACE3678200AE202EB29C9B6A8E8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:35:32.0053 0320 btwdins - ok
19:35:32.0084 0320 [ 54C2EE0A3CEC586629035D771AACAE67 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:35:32.0084 0320 btwl2cap - ok
19:35:32.0115 0320 [ F857EF2D941530772AE828ECD6D71B22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:35:32.0115 0320 btwrchid - ok
19:35:32.0162 0320 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:35:32.0193 0320 cdfs - ok
19:35:32.0240 0320 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:35:32.0271 0320 cdrom - ok
19:35:32.0318 0320 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:35:32.0333 0320 CertPropSvc - ok
19:35:32.0349 0320 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:35:32.0380 0320 circlass - ok
19:35:32.0411 0320 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:35:32.0427 0320 CLFS - ok
19:35:32.0474 0320 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:32.0489 0320 clr_optimization_v2.0.50727_32 - ok
19:35:32.0552 0320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:32.0614 0320 clr_optimization_v4.0.30319_32 - ok
19:35:32.0661 0320 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:35:32.0708 0320 CmBatt - ok
19:35:32.0739 0320 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:35:32.0739 0320 cmdide - ok
19:35:32.0755 0320 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:35:32.0770 0320 Compbatt - ok
19:35:32.0770 0320 COMSysApp - ok
19:35:32.0786 0320 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:35:32.0786 0320 crcdisk - ok
19:35:32.0817 0320 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:35:32.0848 0320 Crusoe - ok
19:35:32.0895 0320 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:35:32.0926 0320 CryptSvc - ok
19:35:32.0973 0320 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:35:33.0035 0320 DcomLaunch - ok
19:35:33.0082 0320 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:35:33.0129 0320 DfsC - ok
19:35:33.0223 0320 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:35:33.0347 0320 DFSR - ok
19:35:33.0410 0320 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:35:33.0441 0320 Dhcp - ok
19:35:33.0472 0320 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:35:33.0488 0320 disk - ok
19:35:33.0503 0320 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
19:35:33.0519 0320 DMICall - ok
19:35:33.0550 0320 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:35:33.0581 0320 Dnscache - ok
19:35:33.0613 0320 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:35:33.0628 0320 dot3svc - ok
19:35:33.0659 0320 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:35:33.0691 0320 DPS - ok
19:35:33.0737 0320 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:35:33.0769 0320 drmkaud - ok
19:35:33.0815 0320 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:35:33.0862 0320 DXGKrnl - ok
19:35:33.0893 0320 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:35:33.0909 0320 E1G60 - ok
19:35:33.0940 0320 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:35:33.0971 0320 EapHost - ok
19:35:34.0018 0320 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:35:34.0034 0320 Ecache - ok
19:35:34.0081 0320 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:35:34.0112 0320 ehRecvr - ok
19:35:34.0127 0320 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:35:34.0174 0320 ehSched - ok
19:35:34.0190 0320 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:35:34.0221 0320 ehstart - ok
19:35:34.0283 0320 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:35:34.0299 0320 elxstor - ok
19:35:34.0346 0320 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:35:34.0439 0320 EMDMgmt - ok
19:35:34.0455 0320 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:35:34.0486 0320 ErrDev - ok
19:35:34.0533 0320 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:35:34.0549 0320 EventSystem - ok
19:35:34.0627 0320 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:35:34.0689 0320 EvtEng ( UnsignedFile.Multi.Generic ) - warning
19:35:34.0689 0320 EvtEng - detected UnsignedFile.Multi.Generic (1)
19:35:34.0751 0320 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:35:34.0783 0320 exfat - ok
19:35:34.0798 0320 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:35:34.0829 0320 fastfat - ok
19:35:34.0876 0320 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:35:34.0907 0320 fdc - ok
19:35:34.0954 0320 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:35:34.0970 0320 fdPHost - ok
19:35:34.0970 0320 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:35:35.0032 0320 FDResPub - ok
19:35:35.0063 0320 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:35:35.0063 0320 FileInfo - ok
19:35:35.0079 0320 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:35:35.0126 0320 Filetrace - ok
19:35:35.0141 0320 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:35:35.0173 0320 flpydisk - ok
19:35:35.0188 0320 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:35:35.0204 0320 FltMgr - ok
19:35:35.0297 0320 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:35:35.0375 0320 FontCache - ok
19:35:35.0422 0320 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:35.0438 0320 FontCache3.0.0.0 - ok
19:35:35.0469 0320 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:35:35.0500 0320 Fs_Rec - ok
19:35:35.0531 0320 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:35:35.0531 0320 gagp30kx - ok
19:35:35.0578 0320 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:35:35.0578 0320 GEARAspiWDM - ok
19:35:35.0609 0320 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:35:35.0672 0320 gpsvc - ok
19:35:35.0781 0320 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:35.0781 0320 gupdate - ok
19:35:35.0797 0320 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:35.0797 0320 gupdatem - ok
19:35:35.0843 0320 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:35:35.0906 0320 HdAudAddService - ok
19:35:35.0937 0320 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:35:36.0015 0320 HDAudBus - ok
19:35:36.0031 0320 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:35:36.0077 0320 HidBth - ok
19:35:36.0093 0320 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:35:36.0155 0320 HidIr - ok
19:35:36.0171 0320 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:35:36.0202 0320 hidserv - ok
19:35:36.0218 0320 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:35:36.0249 0320 HidUsb - ok
19:35:36.0265 0320 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:35:36.0311 0320 hkmsvc - ok
19:35:36.0327 0320 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:35:36.0327 0320 HpCISSs - ok
19:35:36.0374 0320 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:35:36.0405 0320 HSFHWAZL - ok
19:35:36.0483 0320 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:35:36.0592 0320 HSF_DPV - ok
19:35:36.0608 0320 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:35:36.0639 0320 HSXHWAZL - ok
19:35:36.0670 0320 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:35:36.0717 0320 HTTP - ok
19:35:36.0748 0320 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:35:36.0748 0320 i2omp - ok
19:35:36.0795 0320 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:35:36.0826 0320 i8042prt - ok
19:35:36.0857 0320 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:35:36.0857 0320 iaStor - ok
19:35:36.0889 0320 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:35:36.0904 0320 iaStorV - ok
19:35:36.0998 0320 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:37.0045 0320 idsvc - ok
19:35:37.0060 0320 igfx - ok
19:35:37.0076 0320 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:35:37.0076 0320 iirsp - ok
19:35:37.0107 0320 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:35:37.0169 0320 IKEEXT - ok
19:35:37.0232 0320 [ 3AA1F82EFA2B0454AF163124C9920D16 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:35:37.0357 0320 IntcAzAudAddService - ok
19:35:37.0357 0320 IntcHdmiAddService - ok
19:35:37.0372 0320 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:35:37.0388 0320 intelide - ok
19:35:37.0419 0320 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:35:37.0466 0320 intelppm - ok
19:35:37.0497 0320 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:35:37.0528 0320 IPBusEnum - ok
19:35:37.0575 0320 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:37.0606 0320 IpFilterDriver - ok
19:35:37.0637 0320 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:35:37.0684 0320 iphlpsvc - ok
19:35:37.0700 0320 IpInIp - ok
19:35:37.0731 0320 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:35:37.0747 0320 IPMIDRV - ok
19:35:37.0762 0320 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:35:37.0809 0320 IPNAT - ok
19:35:37.0871 0320 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:35:37.0918 0320 iPod Service - ok
19:35:37.0949 0320 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:35:37.0965 0320 IRENUM - ok
19:35:37.0981 0320 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:35:37.0996 0320 isapnp - ok
19:35:38.0027 0320 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:35:38.0043 0320 iScsiPrt - ok
19:35:38.0059 0320 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:35:38.0059 0320 iteatapi - ok
19:35:38.0090 0320 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:35:38.0090 0320 iteraid - ok
19:35:38.0121 0320 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:35:38.0137 0320 kbdclass - ok
19:35:38.0152 0320 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:35:38.0183 0320 kbdhid - ok
19:35:38.0199 0320 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:35:38.0230 0320 KeyIso - ok
19:35:38.0277 0320 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:35:38.0293 0320 KSecDD - ok
19:35:38.0355 0320 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:35:38.0402 0320 KtmRm - ok
19:35:38.0433 0320 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:35:38.0480 0320 LanmanServer - ok
19:35:38.0495 0320 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:35:38.0527 0320 LanmanWorkstation - ok
19:35:38.0573 0320 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:35:38.0605 0320 lltdio - ok
19:35:38.0636 0320 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:35:38.0683 0320 lltdsvc - ok
19:35:38.0698 0320 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:35:38.0745 0320 lmhosts - ok
19:35:38.0761 0320 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:35:38.0776 0320 LSI_FC - ok
19:35:38.0792 0320 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:35:38.0792 0320 LSI_SAS - ok
19:35:38.0807 0320 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:35:38.0823 0320 LSI_SCSI - ok
19:35:38.0839 0320 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:35:38.0870 0320 luafv - ok
19:35:38.0901 0320 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:35:38.0917 0320 Mcx2Svc - ok
19:35:38.0948 0320 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:35:38.0963 0320 mdmxsdk - ok
19:35:38.0979 0320 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:35:38.0995 0320 megasas - ok
19:35:39.0026 0320 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:35:39.0041 0320 MegaSR - ok
19:35:39.0073 0320 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:35:39.0104 0320 MMCSS - ok
19:35:39.0119 0320 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:35:39.0151 0320 Modem - ok
19:35:39.0182 0320 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:35:39.0213 0320 monitor - ok
19:35:39.0213 0320 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:35:39.0229 0320 mouclass - ok
19:35:39.0244 0320 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:35:39.0291 0320 mouhid - ok
19:35:39.0322 0320 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:35:39.0322 0320 MountMgr - ok
19:35:39.0385 0320 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:35:39.0400 0320 MozillaMaintenance - ok
19:35:39.0447 0320 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:35:39.0463 0320 MpFilter - ok
19:35:39.0509 0320 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:35:39.0509 0320 mpio - ok
19:35:39.0556 0320 [ A69630D039C38018689190234F866D77 ] MpKsl92e8952c C:\Windows\system32\MpEngineStore\MpKsl92e8952c.sys
19:35:39.0572 0320 MpKsl92e8952c - ok
19:35:39.0572 0320 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:35:39.0587 0320 mpsdrv - ok
19:35:39.0634 0320 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:35:39.0681 0320 MpsSvc - ok
19:35:39.0712 0320 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:35:39.0712 0320 Mraid35x - ok
19:35:39.0759 0320 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:35:39.0790 0320 MRxDAV - ok
19:35:39.0821 0320 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:39.0853 0320 mrxsmb - ok
19:35:39.0884 0320 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:35:39.0915 0320 mrxsmb10 - ok
19:35:39.0931 0320 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:39.0946 0320 mrxsmb20 - ok
19:35:39.0977 0320 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:35:39.0977 0320 msahci - ok
19:35:40.0009 0320 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:35:40.0009 0320 msdsm - ok
19:35:40.0040 0320 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:35:40.0071 0320 MSDTC - ok
19:35:40.0087 0320 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:35:40.0118 0320 Msfs - ok
19:35:40.0149 0320 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:35:40.0165 0320 msisadrv - ok
19:35:40.0196 0320 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:35:40.0243 0320 MSiSCSI - ok
19:35:40.0243 0320 msiserver - ok
19:35:40.0274 0320 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:35:40.0289 0320 MSKSSRV - ok
19:35:40.0352 0320 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:35:40.0367 0320 MsMpSvc - ok
19:35:40.0367 0320 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:40.0399 0320 MSPCLOCK - ok
19:35:40.0414 0320 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:35:40.0445 0320 MSPQM - ok
19:35:40.0461 0320 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:35:40.0477 0320 MsRPC - ok
19:35:40.0492 0320 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:35:40.0508 0320 mssmbios - ok
19:35:40.0523 0320 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:35:40.0555 0320 MSTEE - ok
19:35:40.0570 0320 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:35:40.0586 0320 Mup - ok
19:35:40.0617 0320 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:35:40.0648 0320 napagent - ok
19:35:40.0695 0320 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:35:40.0711 0320 NativeWifiP - ok
19:35:40.0773 0320 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:35:40.0789 0320 NDIS - ok
19:35:40.0804 0320 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:40.0835 0320 NdisTapi - ok
19:35:40.0851 0320 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:40.0867 0320 Ndisuio - ok
19:35:40.0898 0320 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:40.0929 0320 NdisWan - ok
19:35:40.0929 0320 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:35:40.0960 0320 NDProxy - ok
19:35:40.0976 0320 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:35:41.0007 0320 NetBIOS - ok
19:35:41.0054 0320 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:35:41.0085 0320 netbt - ok
19:35:41.0101 0320 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:35:41.0101 0320 Netlogon - ok
19:35:41.0132 0320 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:35:41.0179 0320 Netman - ok
19:35:41.0194 0320 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:35:41.0225 0320 netprofm - ok
19:35:41.0257 0320 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:41.0272 0320 NetTcpPortSharing - ok
19:35:41.0381 0320 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
19:35:41.0553 0320 NETw5v32 - ok
19:35:41.0600 0320 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:35:41.0600 0320 nfrd960 - ok
19:35:41.0631 0320 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:35:41.0647 0320 NisDrv - ok
19:35:41.0678 0320 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:35:41.0693 0320 NisSrv - ok
19:35:41.0725 0320 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:35:41.0756 0320 NlaSvc - ok
19:35:41.0771 0320 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:35:41.0818 0320 Npfs - ok
19:35:41.0834 0320 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:35:41.0881 0320 nsi - ok
19:35:41.0896 0320 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:35:41.0927 0320 nsiproxy - ok
19:35:41.0974 0320 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:35:42.0037 0320 Ntfs - ok
19:35:42.0068 0320 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:35:42.0099 0320 ntrigdigi - ok
19:35:42.0130 0320 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:35:42.0161 0320 Null - ok
19:35:42.0193 0320 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:35:42.0193 0320 nvraid - ok
19:35:42.0208 0320 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:35:42.0224 0320 nvstor - ok
19:35:42.0239 0320 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:35:42.0255 0320 nv_agp - ok
19:35:42.0271 0320 NwlnkFlt - ok
19:35:42.0271 0320 NwlnkFwd - ok
19:35:42.0317 0320 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:35:42.0349 0320 ohci1394 - ok
19:35:42.0395 0320 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:35:42.0473 0320 p2pimsvc - ok
19:35:42.0489 0320 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:35:42.0505 0320 p2psvc - ok
19:35:42.0536 0320 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:35:42.0567 0320 Parport - ok
19:35:42.0598 0320 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:35:42.0598 0320 partmgr - ok
19:35:42.0614 0320 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:35:42.0676 0320 Parvdm - ok
19:35:42.0707 0320 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:35:42.0754 0320 PcaSvc - ok
19:35:42.0770 0320 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:35:42.0785 0320 pci - ok
19:35:42.0817 0320 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:35:42.0817 0320 pciide - ok
19:35:42.0848 0320 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:35:42.0863 0320 pcmcia - ok
19:35:42.0910 0320 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:35:42.0988 0320 PEAUTH - ok
19:35:43.0082 0320 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:35:43.0175 0320 pla - ok
19:35:43.0207 0320 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:35:43.0253 0320 PlugPlay - ok
19:35:43.0285 0320 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:35:43.0300 0320 PNRPAutoReg - ok
19:35:43.0331 0320 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:35:43.0363 0320 PNRPsvc - ok
19:35:43.0394 0320 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:35:43.0441 0320 PolicyAgent - ok
19:35:43.0472 0320 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:35:43.0519 0320 PptpMiniport - ok
19:35:43.0534 0320 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:35:43.0550 0320 Processor - ok
19:35:43.0581 0320 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:35:43.0612 0320 ProfSvc - ok
19:35:43.0628 0320 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:35:43.0643 0320 ProtectedStorage - ok
19:35:43.0675 0320 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:35:43.0706 0320 PSched - ok
19:35:43.0737 0320 [ 72289D214B581981A860B0F9FB61E9C8 ] PVUSB C:\Windows\system32\DRIVERS\CESG502.sys
19:35:43.0737 0320 PVUSB - ok
19:35:43.0784 0320 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:35:43.0877 0320 ql2300 - ok
19:35:43.0909 0320 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:35:43.0924 0320 ql40xx - ok
19:35:43.0955 0320 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:35:43.0987 0320 QWAVE - ok
19:35:43.0987 0320 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:35:44.0002 0320 QWAVEdrv - ok
19:35:44.0018 0320 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:35:44.0049 0320 RasAcd - ok
19:35:44.0065 0320 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:35:44.0111 0320 RasAuto - ok
19:35:44.0127 0320 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:35:44.0158 0320 Rasl2tp - ok
19:35:44.0205 0320 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:35:44.0236 0320 RasMan - ok
19:35:44.0267 0320 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:35:44.0299 0320 RasPppoe - ok
19:35:44.0314 0320 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:35:44.0330 0320 RasSstp - ok
19:35:44.0361 0320 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:35:44.0392 0320 rdbss - ok
19:35:44.0408 0320 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:35:44.0455 0320 RDPCDD - ok
19:35:44.0470 0320 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:35:44.0501 0320 rdpdr - ok
19:35:44.0501 0320 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:35:44.0533 0320 RDPENCDD - ok
19:35:44.0564 0320 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:35:44.0595 0320 RDPWD - ok
19:35:44.0673 0320 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:35:44.0720 0320 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
19:35:44.0720 0320 RegSrvc - detected UnsignedFile.Multi.Generic (1)
19:35:44.0767 0320 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:35:44.0798 0320 RemoteAccess - ok
19:35:44.0829 0320 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:35:44.0845 0320 RemoteRegistry - ok
19:35:44.0876 0320 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:35:44.0907 0320 RFCOMM - ok
19:35:44.0938 0320 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
19:35:44.0954 0320 rimsptsk - ok
19:35:45.0001 0320 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
19:35:45.0016 0320 risdptsk - ok
19:35:45.0063 0320 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:35:45.0079 0320 RpcLocator - ok
19:35:45.0110 0320 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:35:45.0141 0320 RpcSs - ok
19:35:45.0172 0320 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:35:45.0203 0320 rspndr - ok
19:35:45.0250 0320 [ A95B16FF762FF217847B97E6F05778EE ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:35:45.0250 0320 RTHDMIAzAudService - ok
19:35:45.0297 0320 [ 4B3795EBECAE570DEF38BA7924C2A3DC ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
19:35:45.0313 0320 RtkAudioService - ok
19:35:45.0328 0320 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:35:45.0344 0320 SamSs - ok
19:35:45.0359 0320 SandBox - ok
19:35:45.0375 0320 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:35:45.0375 0320 sbp2port - ok
19:35:45.0422 0320 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:35:45.0437 0320 SCardSvr - ok
19:35:45.0469 0320 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:35:45.0547 0320 Schedule - ok
19:35:45.0562 0320 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:35:45.0578 0320 SCPolicySvc - ok
19:35:45.0609 0320 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:35:45.0640 0320 sdbus - ok
19:35:45.0687 0320 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:35:45.0718 0320 SDRSVC - ok
19:35:45.0734 0320 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:35:45.0796 0320 secdrv - ok
19:35:45.0796 0320 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:35:45.0827 0320 seclogon - ok
19:35:45.0843 0320 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:35:45.0874 0320 SENS - ok
19:35:45.0905 0320 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:35:45.0937 0320 Serenum - ok
19:35:45.0952 0320 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:35:45.0999 0320 Serial - ok
19:35:46.0015 0320 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:35:46.0030 0320 sermouse - ok
19:35:46.0061 0320 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:35:46.0077 0320 SessionEnv - ok
19:35:46.0124 0320 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
19:35:46.0139 0320 SFEP - ok
19:35:46.0139 0320 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:35:46.0171 0320 sffdisk - ok
19:35:46.0171 0320 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:35:46.0217 0320 sffp_mmc - ok
19:35:46.0233 0320 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:35:46.0264 0320 sffp_sd - ok
19:35:46.0280 0320 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:35:46.0342 0320 sfloppy - ok
19:35:46.0373 0320 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:35:46.0405 0320 SharedAccess - ok
19:35:46.0436 0320 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:35:46.0483 0320 ShellHWDetection - ok
19:35:46.0498 0320 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:35:46.0514 0320 sisagp - ok
19:35:46.0529 0320 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:35:46.0545 0320 SiSRaid2 - ok
19:35:46.0561 0320 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:35:46.0576 0320 SiSRaid4 - ok
19:35:46.0639 0320 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:35:46.0654 0320 SkypeUpdate - ok
19:35:46.0748 0320 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:35:46.0919 0320 slsvc - ok
19:35:46.0951 0320 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:35:46.0982 0320 SLUINotify - ok
19:35:46.0997 0320 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:35:47.0029 0320 Smb - ok
19:35:47.0060 0320 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:35:47.0075 0320 SNMPTRAP - ok
19:35:47.0107 0320 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:35:47.0122 0320 spldr - ok
19:35:47.0138 0320 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:35:47.0169 0320 Spooler - ok
19:35:47.0200 0320 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:35:47.0247 0320 srv - ok
19:35:47.0294 0320 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:35:47.0341 0320 srv2 - ok
19:35:47.0372 0320 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:35:47.0403 0320 srvnet - ok
19:35:47.0434 0320 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:35:47.0465 0320 SSDPSRV - ok
19:35:47.0512 0320 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:35:47.0528 0320 SstpSvc - ok
19:35:47.0575 0320 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:35:47.0621 0320 stisvc - ok
19:35:47.0637 0320 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:35:47.0653 0320 swenum - ok
19:35:47.0699 0320 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:35:47.0715 0320 swprv - ok
19:35:47.0746 0320 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:35:47.0746 0320 Symc8xx - ok
19:35:47.0777 0320 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:35:47.0777 0320 Sym_hi - ok
19:35:47.0793 0320 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:35:47.0809 0320 Sym_u3 - ok
19:35:47.0840 0320 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:35:47.0887 0320 SysMain - ok
19:35:47.0918 0320 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:35:47.0949 0320 TabletInputService - ok
19:35:47.0980 0320 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:35:48.0011 0320 TapiSrv - ok
19:35:48.0043 0320 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:35:48.0074 0320 TBS - ok
19:35:48.0121 0320 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:35:48.0183 0320 Tcpip - ok
19:35:48.0199 0320 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:35:48.0230 0320 Tcpip6 - ok
19:35:48.0245 0320 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:35:48.0261 0320 tcpipreg - ok
19:35:48.0308 0320 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:35:48.0339 0320 TDPIPE - ok
19:35:48.0355 0320 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:35:48.0386 0320 TDTCP - ok
19:35:48.0417 0320 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:35:48.0448 0320 tdx - ok
19:35:48.0495 0320 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:35:48.0495 0320 TermDD - ok
19:35:48.0542 0320 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:35:48.0604 0320 TermService - ok
19:35:48.0620 0320 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:35:48.0635 0320 Themes - ok
19:35:48.0651 0320 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:35:48.0667 0320 THREADORDER - ok
19:35:48.0698 0320 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:35:48.0729 0320 TrkWks - ok
19:35:48.0760 0320 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:35:48.0791 0320 TrustedInstaller - ok
19:35:48.0807 0320 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:35:48.0838 0320 tssecsrv - ok
19:35:48.0932 0320 [ 7D133CB3A08BDFAE656A6580D4A6ED14 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
19:35:49.0041 0320 TuneUp.UtilitiesSvc - ok
19:35:49.0072 0320 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
19:35:49.0072 0320 TuneUpUtilitiesDrv - ok
19:35:49.0103 0320 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:35:49.0135 0320 tunmp - ok
19:35:49.0166 0320 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:35:49.0166 0320 tunnel - ok
19:35:49.0197 0320 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:35:49.0197 0320 uagp35 - ok
19:35:49.0228 0320 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:35:49.0259 0320 udfs - ok
19:35:49.0291 0320 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:35:49.0322 0320 UI0Detect - ok
19:35:49.0322 0320 UIUSys - ok
19:35:49.0353 0320 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:35:49.0369 0320 uliagpkx - ok
19:35:49.0384 0320 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:35:49.0400 0320 uliahci - ok
19:35:49.0415 0320 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:35:49.0431 0320 UlSata - ok
19:35:49.0447 0320 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:35:49.0462 0320 ulsata2 - ok
19:35:49.0478 0320 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:35:49.0509 0320 umbus - ok
19:35:49.0525 0320 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:35:49.0556 0320 upnphost - ok
19:35:49.0603 0320 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:35:49.0634 0320 USBAAPL - ok
19:35:49.0649 0320 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:35:49.0665 0320 usbaudio - ok
19:35:49.0696 0320 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:35:49.0727 0320 usbccgp - ok
19:35:49.0743 0320 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:35:49.0790 0320 usbcir - ok
19:35:49.0805 0320 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:35:49.0852 0320 usbehci - ok
19:35:49.0868 0320 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:35:49.0883 0320 usbhub - ok
19:35:49.0915 0320 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:35:49.0961 0320 usbohci - ok
19:35:49.0993 0320 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:35:50.0024 0320 usbprint - ok
19:35:50.0071 0320 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:35:50.0086 0320 usbscan - ok
19:35:50.0133 0320 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
19:35:50.0149 0320 usbser - ok
19:35:50.0180 0320 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:35:50.0211 0320 USBSTOR - ok
19:35:50.0242 0320 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:35:50.0258 0320 usbuhci - ok
19:35:50.0289 0320 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:35:50.0336 0320 usbvideo - ok
19:35:50.0367 0320 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:35:50.0398 0320 UxSms - ok
19:35:50.0476 0320 [ 45A9AE4768840830D0239B52DFDC806A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:35:50.0492 0320 VAIO Power Management - ok
19:35:50.0492 0320 VBEngNT - ok
19:35:50.0492 0320 VBFilt - ok
19:35:50.0539 0320 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:35:50.0601 0320 vds - ok
19:35:50.0648 0320 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:35:50.0695 0320 vga - ok
19:35:50.0710 0320 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:35:50.0757 0320 VgaSave - ok
19:35:50.0773 0320 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:35:50.0788 0320 viaagp - ok
19:35:50.0804 0320 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:35:50.0819 0320 ViaC7 - ok
19:35:50.0851 0320 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:35:50.0866 0320 viaide - ok
19:35:50.0882 0320 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:35:50.0897 0320 volmgr - ok
19:35:50.0944 0320 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:35:50.0960 0320 volmgrx - ok
19:35:51.0007 0320 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:35:51.0022 0320 volsnap - ok
19:35:51.0053 0320 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:35:51.0069 0320 vsmraid - ok
19:35:51.0100 0320 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:35:51.0209 0320 VSS - ok
19:35:51.0241 0320 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:35:51.0272 0320 W32Time - ok
19:35:51.0303 0320 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:35:51.0365 0320 WacomPen - ok
19:35:51.0381 0320 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:35:51.0412 0320 Wanarp - ok
19:35:51.0412 0320 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:35:51.0428 0320 Wanarpv6 - ok
19:35:51.0459 0320 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:35:51.0475 0320 wcncsvc - ok
19:35:51.0490 0320 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:35:51.0521 0320 WcsPlugInService - ok
19:35:51.0537 0320 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:35:51.0553 0320 Wd - ok
19:35:51.0584 0320 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:35:51.0631 0320 Wdf01000 - ok
19:35:51.0646 0320 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:35:51.0677 0320 WdiServiceHost - ok
19:35:51.0677 0320 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:35:51.0709 0320 WdiSystemHost - ok
19:35:51.0740 0320 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:35:51.0771 0320 WebClient - ok
19:35:51.0802 0320 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:35:51.0833 0320 Wecsvc - ok
19:35:51.0865 0320 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:35:51.0896 0320 wercplsupport - ok
19:35:51.0927 0320 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:35:51.0958 0320 WerSvc - ok
19:35:51.0989 0320 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:35:52.0005 0320 WimFltr - ok
19:35:52.0036 0320 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:35:52.0067 0320 winachsf - ok
19:35:52.0114 0320 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:35:52.0130 0320 WinDefend - ok
19:35:52.0130 0320 WinHttpAutoProxySvc - ok
19:35:52.0208 0320 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:35:52.0239 0320 Winmgmt - ok
19:35:52.0286 0320 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:35:52.0379 0320 WinRM - ok
19:35:52.0411 0320 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:35:52.0457 0320 Wlansvc - ok
19:35:52.0504 0320 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:35:52.0535 0320 WmiAcpi - ok
19:35:52.0567 0320 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:35:52.0598 0320 wmiApSrv - ok
19:35:52.0645 0320 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:35:52.0723 0320 WMPNetworkSvc - ok
19:35:52.0738 0320 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:35:52.0769 0320 WPCSvc - ok
19:35:52.0832 0320 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:35:52.0879 0320 WPDBusEnum - ok
19:35:52.0925 0320 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:35:52.0941 0320 WpdUsb - ok
19:35:53.0019 0320 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:35:53.0066 0320 WPFFontCache_v0400 - ok
19:35:53.0097 0320 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:35:53.0128 0320 ws2ifsl - ok
19:35:53.0175 0320 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:35:53.0206 0320 wscsvc - ok
19:35:53.0206 0320 WSearch - ok
19:35:53.0284 0320 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:35:53.0440 0320 wuauserv - ok
19:35:53.0471 0320 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:35:53.0503 0320 WudfPf - ok
19:35:53.0518 0320 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:35:53.0534 0320 WUDFRd - ok
19:35:53.0565 0320 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:35:53.0581 0320 wudfsvc - ok
19:35:53.0612 0320 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:35:53.0612 0320 XAudio - ok
19:35:53.0643 0320 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:35:53.0659 0320 XAudioService - ok
19:35:53.0705 0320 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:35:53.0721 0320 xusb21 - ok
19:35:53.0752 0320 [ 3541E083BE976294DA5E644DB122A9A7 ] yksvc C:\Windows\System32\ykx32mpcoinst.dll
19:35:53.0846 0320 yksvc - ok
19:35:53.0861 0320 [ 780E78694485D405413AE67FADE0BC3F ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:35:53.0924 0320 yukonwlh - ok
19:35:53.0924 0320 ================ Scan global ===============================
19:35:53.0971 0320 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:35:53.0986 0320 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:35:54.0017 0320 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:35:54.0049 0320 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:35:54.0064 0320 [Global] - ok
19:35:54.0064 0320 ================ Scan MBR ==================================
19:35:54.0064 0320 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:35:54.0407 0320 \Device\Harddisk0\DR0 - ok
19:35:54.0407 0320 [ 252AA02B5400FCB424322BC557C87DC4 ] \Device\Harddisk3\DR3
19:35:54.0969 0320 \Device\Harddisk3\DR3 - ok
19:35:54.0969 0320 ================ Scan VBR ==================================
19:35:54.0969 0320 [ 1A053FB2E5F67957995E40685DC8F673 ] \Device\Harddisk0\DR0\Partition1
19:35:54.0969 0320 \Device\Harddisk0\DR0\Partition1 - ok
19:35:54.0985 0320 [ 3C7D6941A2C55F71D7E3D805C39F1100 ] \Device\Harddisk3\DR3\Partition1
19:35:54.0985 0320 \Device\Harddisk3\DR3\Partition1 - ok
19:35:54.0985 0320 ============================================================
19:35:54.0985 0320 Scan finished
19:35:54.0985 0320 ============================================================
19:35:54.0985 0316 Detected object count: 2
19:35:54.0985 0316 Actual detected object count: 2
19:37:57.0367 0316 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:57.0367 0316 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:57.0367 0316 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:57.0367 0316 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:38:04.0699 0220 Deinitialize success
|
|
| Themen zu VISTA,weißer Bildschirm, kein abgesicherter Modus :-( |
| .dll, adobe flash player, autorun, bho, bildschirm, bonjour, defender, desktop, error, explorer, firefox, flash player, format, helper, home, install.exe, launch, mp3, object, plug-in, realtek, registry, rundll, scan, security, software, teamspeak, vista |
Linear-Darstellung
