Laptop plötzlich extrem langsam und Browser stürzen ab

jayokdaone · 03.03.2013, 22:15

Hallo,

ich habe folgendes Problem. Seit ein paar Tagen wird mein Laptop (Fujitsu-Siemens PA2520 /Windows 7) ca. 5min. nach dem Hochfahren extrem langsam und Opera hängt sich immer auf (Keine Rückmeldung).

Ich dachte zuerst an einen Grafiktreiber-Fehler aber das ist wohl nicht der Fall. Bestimmt habe ich mir was eingefangen.

Könnte mir da jemand helfen und mir sagen wie ich jetzt vorgehen soll? Thanx

cosinus · 04.03.2013, 12:30

Hallo,

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

jayokdaone · 04.03.2013, 16:24

Danke für die Antwort! Hier die benötigten Logs:

<code>OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 04.03.2013 16:06:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JayokDaOne\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 73,64% Memory free
3,75 Gb Paging File | 3,28 Gb Available in Paging File | 87,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,10 Gb Total Space | 23,66 Gb Free Space | 15,97% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 0,65 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Drive E: | 73,07 Gb Total Space | 50,60 Gb Free Space | 69,25% Space Free | Partition Type: NTFS
 
Computer Name: JAYOKDAONE-PC | User Name: JayokDaOne | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\JayokDaOne\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (UDisk Monitor) -- C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (Generalusbserialser20675) -- C:\Windows\SysNative\drivers\CT_U_USBSER.sys (Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (smserial) -- C:\Windows\SysNative\drivers\SmSerl64.sys (Motorola Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c167991
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c167991
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD 90 B1 C2 0B 2A CC 01  [binary data]
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://search.b1.org/?bsrc=4hfxr&chid=c167991"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\JayokDaOne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\JayokDaOne\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.08 02:43:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.23 23:56:19 | 000,000,000 | ---D | M]
 
[2012.05.30 20:27:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JayokDaOne\AppData\Roaming\mozilla\Extensions
[2012.09.01 20:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JayokDaOne\AppData\Roaming\mozilla\Firefox\Profiles\cyqlsute.default\extensions
[2012.09.01 20:17:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\JayokDaOne\AppData\Roaming\mozilla\Firefox\Profiles\cyqlsute.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.28 21:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.28 21:48:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.08 02:43:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012.06.20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.04.08 02:43:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.08 02:43:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.08 02:43:39 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.08 02:43:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.08 02:43:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.08 02:43:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.b1.org/?bsrc=4hcxr&chid=c167991
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.b1.org/?bsrc=4hcxr&chid=c167991
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000..\Run: [Ekadkiyxb] C:\Users\JayokDaOne\AppData\Roaming\Pefy\tean.exe File not found
O4 - HKU\S-1-5-21-2711640679-1226958958-2877314694-1000..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\JayokDaOne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\JayokDaOne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\JayokDaOne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25947614-607E-4BFC-AA9F-2166123D1B4C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A567E8F-668A-4ED1-BC09-369868F3DA9F}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{405430d8-5aaa-11e1-aff3-00030d76538d}\Shell - "" = AutoRun
O33 - MountPoints2\{405430d8-5aaa-11e1-aff3-00030d76538d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Setup.exe
O33 - MountPoints2\{405430e3-5aaa-11e1-aff3-00030d76538d}\Shell - "" = AutoRun
O33 - MountPoints2\{405430e3-5aaa-11e1-aff3-00030d76538d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.03 21:28:42 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{EDCCF692-7C45-4564-B437-0E1410075D87}
[2013.03.03 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{8A131FF6-86CE-4F96-979C-F8B6F85071F4}
[2013.03.02 14:35:59 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{3B9D28B4-E6E9-4E1D-8784-2AB5E766B521}
[2013.03.01 16:44:07 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{3990FB05-4B77-43C8-B95A-9BA4AB332D01}
[2013.03.01 16:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.28 22:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.02.28 21:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
[2013.02.28 21:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverTuner
[2013.02.28 20:52:04 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\ElevatedDiagnostics
[2013.02.28 14:04:40 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{93130993-8093-4C37-AE59-E6DC7B5478B3}
[2013.02.27 17:49:29 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{415C5E95-56B5-4903-92B6-60DF212F0585}
[2013.02.27 17:41:05 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{1A7DC5E0-8DFF-4831-8DCF-3604CE7735A1}
[2013.02.26 21:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.02.26 20:06:09 | 000,000,000 | ---D | C] -- C:\AMD
[2013.02.26 19:38:39 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{2F43C570-B55C-4188-95D0-0E5805FA8461}
[2013.02.26 19:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.02.25 18:22:30 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{24B8672D-AA41-4611-A70A-B87B4DAE74AE}
[2013.02.17 17:25:16 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\B1E
[2013.02.17 17:25:13 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Roaming\B1Toolbar
[2013.02.14 16:01:40 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{8E27CBE9-B498-49EE-916C-54A0EFE08E24}
[2013.02.14 14:35:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 14:35:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 14:35:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 14:35:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 14:35:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 14:35:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 14:35:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 14:35:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 14:35:02 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 14:35:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 14:35:01 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 14:35:01 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 14:34:57 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 14:34:57 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 14:34:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 22:11:20 | 005,500,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 22:11:18 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 22:11:17 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 22:10:48 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.02.13 22:10:48 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.02.13 22:10:47 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.02.13 22:10:47 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.02.13 22:10:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 22:10:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.02.13 22:10:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.02.13 22:10:45 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.02.13 22:10:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 22:10:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.02.13 22:10:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 22:10:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 22:10:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 22:10:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.02.13 22:10:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.02.13 22:10:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.02.13 22:10:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.02.13 22:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.02.13 22:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.02.13 22:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.02.13 22:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.02.13 22:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.02.13 22:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.02.13 22:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.02.13 22:10:42 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.02.13 22:10:42 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.02.13 22:10:42 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.02.13 22:10:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.02.13 22:10:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.02.13 22:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.02.13 22:10:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 22:10:27 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 19:58:11 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{B4B24932-3F3D-428C-BD4E-4A4A4A3E6B76}
[2013.02.04 01:43:32 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2013.02.04 00:08:39 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{4AB736D7-998D-4E3E-B735-3F1F3AD0C996}
[2013.02.02 17:26:13 | 000,000,000 | ---D | C] -- C:\Users\JayokDaOne\AppData\Local\{F6152F05-E0C9-4A8A-A5F0-29A78B1451DA}
[2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\JayokDaOne\AppData\Local\CDRip.dll
[2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\JayokDaOne\AppData\Local\No23 Recorder.exe
[2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\JayokDaOne\AppData\Local\basscd.dll
[2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\JayokDaOne\AppData\Local\bass.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.04 15:59:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.04 15:59:50 | 1508,462,592 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.03 21:54:04 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 21:54:04 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 17:46:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.20 21:59:12 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.20 21:59:12 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.20 21:59:12 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.20 21:59:12 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.20 21:59:12 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.19 20:25:56 | 000,014,336 | -H-- | M] () -- C:\Users\JayokDaOne\Desktop\photothumb.db
[2013.02.14 15:57:09 | 000,294,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.11 21:26:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.11 21:26:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.05 10:05:38 | 000,015,759 | ---- | M] () -- C:\Users\JayokDaOne\Desktop\Opferbrief.odt
[2013.02.04 01:43:32 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2013.02.04 01:41:35 | 000,001,148 | ---- | M] () -- C:\Users\JayokDaOne\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.02.04 01:41:11 | 000,001,156 | ---- | M] () -- C:\Users\JayokDaOne\Desktop\FL Studio 10.lnk
 
========== Files Created - No Company Name ==========
 
[2013.02.18 22:36:43 | 000,819,231 | ---- | C] () -- C:\Users\JayokDaOne\Desktop\ViolinRoll.mp3
[2013.02.06 02:41:52 | 003,738,644 | ---- | C] () -- C:\Users\JayokDaOne\Desktop\Haunted 3.mp3
[2013.02.05 10:04:06 | 000,015,759 | ---- | C] () -- C:\Users\JayokDaOne\Desktop\Opferbrief.odt
[2013.02.04 01:41:35 | 000,001,148 | ---- | C] () -- C:\Users\JayokDaOne\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.02.04 01:41:11 | 000,001,156 | ---- | C] () -- C:\Users\JayokDaOne\Desktop\FL Studio 10.lnk
[2013.01.23 16:22:43 | 095,023,320 | ---- | C] () -- C:\ProgramData\RWvESYd.pad
[2012.10.11 19:36:54 | 000,076,360 | ---- | C] () -- C:\ProgramData\bsucopojfhiozqr
[2012.09.09 19:16:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\1FMFw1.dat
[2012.09.09 19:15:57 | 000,000,001 | ---- | C] () -- C:\ProgramData\2ka1Puoy.exe_.b
[2012.09.09 19:15:57 | 000,000,001 | ---- | C] () -- C:\ProgramData\2ka1Puoy.exe.b
[2011.11.04 15:02:15 | 000,000,008 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Roaming\iujng0jn1vxc2o7c.dat
[2011.06.20 00:47:28 | 000,005,632 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.16 20:28:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.13 22:40:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\lame_enc.dll
[2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\vorbisenc.dll
[2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\vorbisfile.dll
[2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\vorbis.dll
[2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\ogg.dll
[2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\JayokDaOne\AppData\Local\no23xwrapper.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

--- --- ---
</code>

<code>OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 04.03.2013 16:06:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JayokDaOne\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 73,64% Memory free
3,75 Gb Paging File | 3,28 Gb Available in Paging File | 87,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,10 Gb Total Space | 23,66 Gb Free Space | 15,97% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 0,65 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Drive E: | 73,07 Gb Total Space | 50,60 Gb Free Space | 69,25% Space Free | Partition Type: NTFS
 
Computer Name: JAYOKDAONE-PC | User Name: JayokDaOne | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006DF0A7-C514-42E7-8047-F6BA6EF384F2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{16236D26-B2C6-4A29-8705-97BDBCCB5510}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2A3A579F-CCFF-41CA-93F3-EC1192EC30EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{316C9FCB-0B91-4833-9E5A-A0CEF0200B87}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{35371D98-67FB-4EA4-89A7-1449C7E3188F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3B34C999-0E66-451B-8C37-FAD6ED52D736}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4FCA13D5-066C-49F6-8835-099AF08D2A10}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5CAF0483-4601-4AA5-9861-72E48F296A2A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{610A8512-2C90-414C-A97F-F7B58496B664}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6C5D8AE0-D0BF-4FCF-AF6F-E78CD2B458EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{75D7F372-04BE-42FA-A677-AD20EC3D510A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7D4C5590-9B09-406F-9A26-D898A8D44419}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{828CEF22-CF7F-4411-B7E8-842805986F29}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{8CA81AE0-0AAE-4184-8C0D-90A54263511C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{921478CA-E388-475D-B709-163B65EE701B}" = rport=138 | protocol=17 | dir=out | app=system | 
"{923CFAA0-0A05-44FC-AAA9-2684E8DBB7CF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{A5213604-C062-42A0-8EFD-51114E8C397C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A9F5CDD7-AB9C-4EFA-A42B-10C7F62BE152}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{ADABDBB8-1C27-4F57-BD3E-93E990588F51}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B07C2438-8AC4-4F9E-BDD1-06F61D1CC13D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C3C30F65-6B2F-45E3-B4AE-78A44923CFE2}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CAEF68D7-565F-471C-BD0B-19D31A510EFB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F04FF8E0-821E-494A-AD03-E6332C9295D4}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0909C6D9-28EA-4BF7-9BCE-3C7D377BD939}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{0D9765FF-BD77-42BC-9503-103530CE03B2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{13B3B330-C813-47A2-8DE4-EEC76B8D1676}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{25BF8E5B-B096-4583-8D62-68A8D664EE34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{30184910-58B2-489F-88EC-1CA9A2F89D5E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3E22800E-BB1B-4620-AFFD-E649A74A7532}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{44BF3F04-20E9-4BAE-8697-7E599AFA67C9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{5C8C26BB-2705-415D-BB58-D8A8DBB0B831}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{624A0D24-B7C7-4EBB-AD7F-8364EA0FAEF9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{66B3776D-A4BC-4BBA-AF51-F6E20A82F3B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6F5063F9-F669-4F40-A4C9-0368261B12CD}" = protocol=6 | dir=out | app=system | 
"{807DA641-C174-451E-AB92-183CEB934F4A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{86432D7E-B156-4E82-B751-2E419A8730BD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{999CEDF5-02CC-4392-9FAB-B78DE33C6A57}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9C8BE7D6-B196-4EAF-9F01-F1F8BA2ABB0A}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{9E566D3F-A38D-42DF-B373-89D7EBFE0FF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AD9E9281-9AB3-4A35-8230-B8CC588EA29A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AEC84A99-9816-4CCD-BBAE-7587FE5088D5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{B085E655-536E-4A3D-AC23-61B160DB0971}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{B2A4A9A0-5CDA-4165-AE9F-12051F916A8B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B61CF2B3-25E2-494B-BC43-388E494FAF4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B75A77AC-F4BD-49EE-8519-47D0390D140C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CA711544-896A-4D6B-BEAE-CF738FF55827}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CCCA1A03-8979-4EBC-A148-8A42396B7423}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DBC87C2F-9DBA-43F0-819C-7C8B04EEC3E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DF849C9D-5361-4398-9B96-38C159D5BB9C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{E102F982-2A12-45E5-BBD0-3936DE639C9C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{E68DA0A6-3EF2-4701-AC7B-EE32BC1EF0FF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{F29709CD-8673-4B04-A169-D6B4C42E94E8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{51BDDA14-29F2-4F7B-A987-F3145C54D4E4}C:\users\jayokdaone\appdata\roaming\pefy\tean.exe" = protocol=6 | dir=in | app=c:\users\jayokdaone\appdata\roaming\pefy\tean.exe | 
"TCP Query User{DECD251D-6FA4-40FA-85C8-2CA85D9732CC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{4C106EC2-2599-4EDC-A108-7521461E05A7}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{AE357F1A-300C-42FE-B9D8-BAA70F43DB4E}C:\users\jayokdaone\appdata\roaming\pefy\tean.exe" = protocol=17 | dir=in | app=c:\users\jayokdaone\appdata\roaming\pefy\tean.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{88EB92AB-ABD3-E13C-3AEE-B7518354B55A}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5A509B4-D9B1-4FD9-B3EF-EDB216AA8651}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Android USB Driver_is1" = Android USB Driver
"Any Video Converter_is1" = Any Video Converter 3.2.2
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Collab" = Collab
"FL Studio 10" = FL Studio 10
"FL Studio 8" = FL Studio 8
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.29.825
"IL Download Manager" = IL Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"OpenAL" = OpenAL
"Opera 12.14.1738" = Opera 12.14
"PhotoScape" = PhotoScape
"PoiZone" = PoiZone
"PokerStars" = PokerStars
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2711640679-1226958958-2877314694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.5.3.0
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23.01.2013 19:09:01 | Computer Name = JayokDaOne-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: winamp.exe, Version: 5.6.3.3234, 
Zeitstempel: 0x4fe1f6d1  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
 Zeitstempel: 0x4dace5b9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00056b1d  ID des fehlerhaften
 Prozesses: 0x720  Startzeit der fehlerhaften Anwendung: 0x01cdf9bde1f0a42b  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Winamp\winamp.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
 df08c9ac-65b1-11e2-9ead-00030d76538d
 
Error - 25.01.2013 12:01:14 | Computer Name = JayokDaOne-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe, Version:
 13.0.2020.4, Zeitstempel: 0x50598fce  Name des fehlerhaften Moduls: ole32.dll, Version:
 6.1.7600.16624, Zeitstempel: 0x4c297c56  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002f36a
ID
 des fehlerhaften Prozesses: 0x37cc  Startzeit der fehlerhaften Anwendung: 0x01cdfb1520bf0c19
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpSystemStatusCheck.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: 7141dd92-6708-11e2-9ead-00030d76538d
 
Error - 14.02.2013 10:51:45 | Computer Name = JayokDaOne-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 23.02.2013 10:54:37 | Computer Name = JayokDaOne-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 26.02.2013 15:17:50 | Computer Name = JayokDaOne-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 28.02.2013 16:18:11 | Computer Name = JayokDaOne-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 28.02.2013 16:19:38 | Computer Name = JayokDaOne-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 28.02.2013 16:51:48 | Computer Name = JayokDaOne-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 28.02.2013 21:13:42 | Computer Name = JayokDaOne-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
 auf!  Fehlercode: 0x35
 
Error - 01.03.2013 11:41:06 | Computer Name = JayokDaOne-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
 auf!  Fehlercode: 0x35
 
[ System Events ]
Error - 24.05.2012 10:22:33 | Computer Name = JayokDaOne-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
 
Error - 26.05.2012 13:04:56 | Computer Name = JayokDaOne-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 07.06.2012 17:29:03 | Computer Name = JayokDaOne-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{8A567E8F-668A-4ED1-BC09-369868F3DA9F} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 11.06.2012 14:17:18 | Computer Name = JayokDaOne-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{8A567E8F-668A-4ED1-BC09-369868F3DA9F} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 11.06.2012 19:07:54 | Computer Name = JayokDaOne-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{8A567E8F-668A-4ED1-BC09-369868F3DA9F} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 13.06.2012 09:50:12 | Computer Name = JayokDaOne-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 15.06.2012 07:27:11 | Computer Name = JayokDaOne-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman erreicht.
 
Error - 16.06.2012 17:09:45 | Computer Name = JayokDaOne-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 17.06.2012 12:50:29 | Computer Name = JayokDaOne-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman erreicht.
 
Error - 19.06.2012 06:05:51 | Computer Name = JayokDaOne-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Wlansvc erreicht.
 
 
< End of report >

--- --- ---
</code>

cosinus · 04.03.2013, 17:10

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

jayokdaone · 04.03.2013, 18:16

Nein. MB und AntiVir scans haben nichts gefunden...

cosinus · 04.03.2013, 19:25

Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

jayokdaone · 04.03.2013, 20:02

Also: Gmer scan wurde erfolgreich durchgeführt ohne abzustürzen, hat mir aber irgendwie keine Log-File ausgespuckt.

Das MB Tool hat gescant und nichts für einen clean up gefunden. Her der MB Log

<code>Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.02.15.09

Windows 7 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
JayokDaOne :: JAYOKDAONE-PC [administrator]

04.03.2013 19:57:28
mbar-log-2013-03-04 (19-57-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29201
Time elapsed: 16 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
</code>

cosinus · 04.03.2013, 20:11

Die CODE-Tags bitte richtig setzen!

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

jayokdaone · 04.03.2013, 20:40

Also tdsskiller hat keine log ausgespuckt. Aswmbr hat das hier ausgespuckt:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-04 20:18:17
-----------------------------
20:18:17.370 OS Version: Windows x64 6.1.7600
20:18:17.370 Number of processors: 2 586 0x6801
20:18:17.370 ComputerName: JAYOKDAONE-PC UserName: JayokDaOne
20:18:18.759 Initialize success
20:25:20.303 AVAST engine defs: 13030400
20:33:05.418 The log file has been saved successfully to "C:\Users\JayokDaOne\Desktop\aswMBR.txt"

cosinus · 04.03.2013, 21:09

Zitat:

Also tdsskiller hat keine log ausgespuckt.

Dann hast du es falsch gemacht, einfach mal die Anleitungen richtig umsetzen.
Und das Log von aswMBR ist nichtmal die Hälfte...unvollständig!

jayokdaone · 04.03.2013, 21:40

Ja stimmt, sorry. Jetzt ist das hier das einzige was mir der tdsskiller gegeben hat:

upload photos

Und während dem aswmbr scan ist der laptop einfach zwischendurch ausgegenagen. 2mal probiert.

Hi, stimmt, sry...jetzt ist das einzige was mir von tdsskiller gezeigt wurde das hier:

Während dem aswMBR scan ist der Laptop einfach mittendrin ausgegangen....

sry..ausversehen 2 mal gepostet...

cosinus · 05.03.2013, 10:32

Zitat:

Und während dem aswmbr scan ist der laptop einfach zwischendurch ausgegenagen. 2mal probiert.

Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Zitat:

Ja stimmt, sorry. Jetzt ist das hier das einzige was mir der tdsskiller gegeben hat:

Was bitte gibt es an der Anleitung denn nicht zu verstehen, wie wärs mal mit vollständigem Lesen?!

Schau mal was da steht, nämlich nichts mit Screenshots

Zitat:

TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

jayokdaone · 05.03.2013, 17:24

So..hab jetzt hoffentlich alles richtig befolgt.

TDSSKILLER:

Code:

ATTFilter

17:05:41.0337 0992  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:05:41.0821 0992  ============================================================
17:05:41.0821 0992  Current date / time: 2013/03/05 17:05:41.0821
17:05:41.0821 0992  SystemInfo:
17:05:41.0821 0992  
17:05:41.0821 0992  OS Version: 6.1.7600 ServicePack: 0.0
17:05:41.0821 0992  Product type: Workstation
17:05:41.0821 0992  ComputerName: JAYOKDAONE-PC
17:05:41.0821 0992  UserName: JayokDaOne
17:05:41.0821 0992  Windows directory: C:\Windows
17:05:41.0821 0992  System windows directory: C:\Windows
17:05:41.0821 0992  Running under WOW64
17:05:41.0821 0992  Processor architecture: Intel x64
17:05:41.0821 0992  Number of processors: 2
17:05:41.0821 0992  Page size: 0x1000
17:05:41.0821 0992  Boot type: Safe boot with network
17:05:41.0821 0992  ============================================================
17:05:43.0365 0992  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:05:43.0365 0992  ============================================================
17:05:43.0365 0992  \Device\Harddisk0\DR0:
17:05:43.0365 0992  MBR partitions:
17:05:43.0365 0992  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1770000
17:05:43.0365 0992  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x12831000
17:05:43.0365 0992  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13FA1800, BlocksNum 0x9223800
17:05:43.0365 0992  ============================================================
17:05:43.0397 0992  C: <-> \Device\Harddisk0\DR0\Partition2
17:05:43.0428 0992  D: <-> \Device\Harddisk0\DR0\Partition1
17:05:43.0506 0992  E: <-> \Device\Harddisk0\DR0\Partition3
17:05:43.0506 0992  ============================================================
17:05:43.0506 0992  Initialize success
17:05:43.0506 0992  ============================================================
17:05:51.0244 2004  ============================================================
17:05:51.0244 2004  Scan started
17:05:51.0244 2004  Mode: Manual; SigCheck; TDLFS; 
17:05:51.0244 2004  ============================================================
17:05:52.0663 2004  ================ Scan system memory ========================
17:05:52.0663 2004  System memory - ok
17:05:52.0663 2004  ================ Scan services =============================
17:05:52.0866 2004  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:05:53.0287 2004  1394ohci - ok
17:05:53.0334 2004  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
17:05:53.0365 2004  ACPI - ok
17:05:53.0412 2004  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
17:05:53.0490 2004  AcpiPmi - ok
17:05:53.0662 2004  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:05:53.0693 2004  AdobeARMservice - ok
17:05:53.0896 2004  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:05:53.0942 2004  AdobeFlashPlayerUpdateSvc - ok
17:05:54.0020 2004  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:05:54.0052 2004  adp94xx - ok
17:05:54.0114 2004  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:05:54.0145 2004  adpahci - ok
17:05:54.0161 2004  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:05:54.0192 2004  adpu320 - ok
17:05:54.0223 2004  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:05:54.0395 2004  AeLookupSvc - ok
17:05:54.0473 2004  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
17:05:54.0551 2004  AFD - ok
17:05:54.0613 2004  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
17:05:54.0629 2004  agp440 - ok
17:05:54.0644 2004  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:05:54.0707 2004  ALG - ok
17:05:54.0754 2004  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
17:05:54.0769 2004  aliide - ok
17:05:54.0785 2004  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
17:05:54.0800 2004  amdide - ok
17:05:54.0847 2004  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:05:54.0894 2004  AmdK8 - ok
17:05:54.0910 2004  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:05:54.0941 2004  AmdPPM - ok
17:05:55.0019 2004  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:05:55.0034 2004  amdsata - ok
17:05:55.0081 2004  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:05:55.0097 2004  amdsbs - ok
17:05:55.0112 2004  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:05:55.0128 2004  amdxata - ok
17:05:55.0284 2004  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:05:55.0315 2004  AntiVirSchedulerService - ok
17:05:55.0346 2004  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:05:55.0362 2004  AntiVirService - ok
17:05:55.0409 2004  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
17:05:55.0502 2004  AppID - ok
17:05:55.0549 2004  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:05:55.0627 2004  AppIDSvc - ok
17:05:55.0643 2004  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
17:05:55.0705 2004  Appinfo - ok
17:05:55.0768 2004  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:05:55.0830 2004  AppMgmt - ok
17:05:55.0877 2004  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:05:55.0908 2004  arc - ok
17:05:55.0924 2004  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:05:55.0955 2004  arcsas - ok
17:05:56.0002 2004  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:05:56.0064 2004  AsyncMac - ok
17:05:56.0080 2004  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
17:05:56.0095 2004  atapi - ok
17:05:56.0204 2004  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:05:56.0298 2004  athr - ok
17:05:56.0376 2004  [ CA4A0176FA380EFD45DE9D0ACB9E1F86 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:05:56.0563 2004  Ati External Event Utility - ok
17:05:56.0766 2004  [ AEAE4ABE6419923C037A0B2A157E1FC6 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:05:56.0984 2004  atikmdag - ok
17:05:57.0062 2004  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:05:57.0156 2004  AudioEndpointBuilder - ok
17:05:57.0187 2004  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:05:57.0234 2004  AudioSrv - ok
17:05:57.0281 2004  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:05:57.0296 2004  avgntflt - ok
17:05:57.0328 2004  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:05:57.0343 2004  avipbb - ok
17:05:57.0374 2004  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:05:57.0390 2004  avkmgr - ok
17:05:57.0437 2004  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:05:57.0499 2004  AxInstSV - ok
17:05:57.0562 2004  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:05:57.0624 2004  b06bdrv - ok
17:05:57.0702 2004  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:05:57.0733 2004  b57nd60a - ok
17:05:57.0796 2004  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:05:57.0842 2004  BDESVC - ok
17:05:57.0874 2004  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:05:57.0936 2004  Beep - ok
17:05:58.0014 2004  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
17:05:58.0108 2004  BFE - ok
17:05:58.0154 2004  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
17:05:58.0435 2004  BITS - ok
17:05:58.0513 2004  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:05:58.0544 2004  blbdrive - ok
17:05:58.0591 2004  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:05:58.0638 2004  bowser - ok
17:05:58.0654 2004  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:05:58.0700 2004  BrFiltLo - ok
17:05:58.0716 2004  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:05:58.0747 2004  BrFiltUp - ok
17:05:58.0810 2004  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
17:05:58.0856 2004  Browser - ok
17:05:58.0888 2004  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:05:58.0934 2004  Brserid - ok
17:05:58.0966 2004  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:05:58.0997 2004  BrSerWdm - ok
17:05:59.0028 2004  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:05:59.0075 2004  BrUsbMdm - ok
17:05:59.0090 2004  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:05:59.0122 2004  BrUsbSer - ok
17:05:59.0137 2004  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:05:59.0168 2004  BTHMODEM - ok
17:05:59.0200 2004  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:05:59.0278 2004  bthserv - ok
17:05:59.0340 2004  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:05:59.0387 2004  cdfs - ok
17:05:59.0449 2004  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:05:59.0480 2004  cdrom - ok
17:05:59.0527 2004  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:05:59.0590 2004  CertPropSvc - ok
17:05:59.0621 2004  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:05:59.0652 2004  circlass - ok
17:05:59.0683 2004  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:05:59.0714 2004  CLFS - ok
17:05:59.0808 2004  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:05:59.0824 2004  clr_optimization_v2.0.50727_32 - ok
17:05:59.0902 2004  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:05:59.0933 2004  clr_optimization_v2.0.50727_64 - ok
17:06:00.0042 2004  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:06:00.0120 2004  clr_optimization_v4.0.30319_32 - ok
17:06:00.0182 2004  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:06:00.0214 2004  clr_optimization_v4.0.30319_64 - ok
17:06:00.0276 2004  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:06:00.0307 2004  CmBatt - ok
17:06:00.0338 2004  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
17:06:00.0354 2004  cmdide - ok
17:06:00.0401 2004  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:06:00.0463 2004  CNG - ok
17:06:00.0526 2004  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:06:00.0541 2004  Compbatt - ok
17:06:00.0588 2004  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:06:00.0619 2004  CompositeBus - ok
17:06:00.0666 2004  COMSysApp - ok
17:06:00.0697 2004  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:06:00.0713 2004  crcdisk - ok
17:06:00.0775 2004  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:06:00.0838 2004  CryptSvc - ok
17:06:00.0900 2004  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
17:06:00.0962 2004  CSC - ok
17:06:01.0009 2004  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
17:06:01.0056 2004  CscService - ok
17:06:01.0103 2004  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:06:01.0181 2004  DcomLaunch - ok
17:06:01.0259 2004  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:06:01.0337 2004  defragsvc - ok
17:06:01.0384 2004  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:06:01.0430 2004  DfsC - ok
17:06:01.0493 2004  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:06:01.0586 2004  Dhcp - ok
17:06:01.0618 2004  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:06:01.0680 2004  discache - ok
17:06:01.0758 2004  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:06:01.0774 2004  Disk - ok
17:06:01.0852 2004  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:06:01.0883 2004  Dnscache - ok
17:06:01.0945 2004  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
17:06:02.0023 2004  dot3svc - ok
17:06:02.0039 2004  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
17:06:02.0101 2004  DPS - ok
17:06:02.0164 2004  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:06:02.0195 2004  drmkaud - ok
17:06:02.0288 2004  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:06:02.0351 2004  DXGKrnl - ok
17:06:02.0382 2004  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:06:02.0444 2004  EapHost - ok
17:06:02.0585 2004  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:06:02.0741 2004  ebdrv - ok
17:06:02.0788 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
17:06:02.0834 2004  EFS - ok
17:06:02.0912 2004  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:06:02.0990 2004  ehRecvr - ok
17:06:03.0037 2004  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:06:03.0084 2004  ehSched - ok
17:06:03.0162 2004  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:06:03.0193 2004  elxstor - ok
17:06:03.0224 2004  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
17:06:03.0256 2004  ErrDev - ok
17:06:03.0349 2004  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:06:03.0412 2004  EventSystem - ok
17:06:03.0443 2004  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:06:03.0505 2004  exfat - ok
17:06:03.0552 2004  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:06:03.0614 2004  fastfat - ok
17:06:03.0692 2004  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
17:06:03.0755 2004  Fax - ok
17:06:03.0770 2004  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:06:03.0786 2004  fdc - ok
17:06:03.0802 2004  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:06:03.0864 2004  fdPHost - ok
17:06:03.0895 2004  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:06:03.0958 2004  FDResPub - ok
17:06:03.0989 2004  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:06:04.0004 2004  FileInfo - ok
17:06:04.0036 2004  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:06:04.0098 2004  Filetrace - ok
17:06:04.0129 2004  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:06:04.0160 2004  flpydisk - ok
17:06:04.0176 2004  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:06:04.0192 2004  FltMgr - ok
17:06:04.0285 2004  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
17:06:04.0363 2004  FontCache - ok
17:06:04.0426 2004  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:06:04.0441 2004  FontCache3.0.0.0 - ok
17:06:04.0472 2004  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:06:04.0488 2004  FsDepends - ok
17:06:04.0535 2004  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
17:06:04.0550 2004  fssfltr - ok
17:06:04.0660 2004  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:06:04.0738 2004  fsssvc - ok
17:06:04.0784 2004  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:06:04.0800 2004  Fs_Rec - ok
17:06:04.0878 2004  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:06:04.0909 2004  fvevol - ok
17:06:04.0956 2004  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:06:04.0972 2004  gagp30kx - ok
17:06:05.0050 2004  [ 22B6BE519C112FD9C6ADA3C96B54EC15 ] Generalusbserialser20675 C:\Windows\system32\DRIVERS\CT_U_USBSER.sys
17:06:05.0081 2004  Generalusbserialser20675 - ok
17:06:05.0128 2004  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
17:06:05.0143 2004  ggflt - ok
17:06:05.0221 2004  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
17:06:05.0237 2004  ggsemc - ok
17:06:05.0284 2004  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
17:06:05.0346 2004  gpsvc - ok
17:06:05.0377 2004  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:06:05.0424 2004  hcw85cir - ok
17:06:05.0486 2004  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:06:05.0518 2004  HdAudAddService - ok
17:06:05.0533 2004  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:06:05.0580 2004  HDAudBus - ok
17:06:05.0596 2004  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:06:05.0627 2004  HidBatt - ok
17:06:05.0658 2004  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:06:05.0689 2004  HidBth - ok
17:06:05.0705 2004  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:06:05.0736 2004  HidIr - ok
17:06:05.0752 2004  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:06:05.0830 2004  hidserv - ok
17:06:05.0892 2004  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:06:05.0908 2004  HidUsb - ok
17:06:05.0954 2004  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:06:06.0017 2004  hkmsvc - ok
17:06:06.0032 2004  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:06:06.0079 2004  HomeGroupListener - ok
17:06:06.0126 2004  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:06:06.0157 2004  HomeGroupProvider - ok
17:06:06.0220 2004  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
17:06:06.0235 2004  HpSAMD - ok
17:06:06.0313 2004  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:06:06.0407 2004  HTTP - ok
17:06:06.0422 2004  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:06:06.0438 2004  hwpolicy - ok
17:06:06.0485 2004  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:06:06.0500 2004  i8042prt - ok
17:06:06.0610 2004  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:06:06.0625 2004  iaStorV - ok
17:06:06.0719 2004  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:06:06.0781 2004  idsvc - ok
17:06:06.0828 2004  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:06:06.0844 2004  iirsp - ok
17:06:06.0906 2004  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
17:06:07.0000 2004  IKEEXT - ok
17:06:07.0046 2004  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
17:06:07.0062 2004  intelide - ok
17:06:07.0093 2004  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:06:07.0124 2004  intelppm - ok
17:06:07.0171 2004  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:06:07.0234 2004  IPBusEnum - ok
17:06:07.0249 2004  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:06:07.0296 2004  IpFilterDriver - ok
17:06:07.0327 2004  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:06:07.0421 2004  iphlpsvc - ok
17:06:07.0436 2004  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:06:07.0468 2004  IPMIDRV - ok
17:06:07.0483 2004  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:06:07.0561 2004  IPNAT - ok
17:06:07.0608 2004  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:06:07.0639 2004  IRENUM - ok
17:06:07.0670 2004  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
17:06:07.0686 2004  isapnp - ok
17:06:07.0717 2004  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:06:07.0748 2004  iScsiPrt - ok
17:06:07.0795 2004  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:06:07.0811 2004  kbdclass - ok
17:06:07.0858 2004  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:06:07.0889 2004  kbdhid - ok
17:06:07.0904 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
17:06:07.0920 2004  KeyIso - ok
17:06:07.0982 2004  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:06:07.0998 2004  KSecDD - ok
17:06:08.0029 2004  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:06:08.0045 2004  KSecPkg - ok
17:06:08.0060 2004  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:06:08.0123 2004  ksthunk - ok
17:06:08.0170 2004  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:06:08.0248 2004  KtmRm - ok
17:06:08.0310 2004  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:06:08.0357 2004  LanmanServer - ok
17:06:08.0419 2004  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:06:08.0497 2004  LanmanWorkstation - ok
17:06:08.0560 2004  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:06:08.0622 2004  lltdio - ok
17:06:08.0669 2004  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:06:08.0731 2004  lltdsvc - ok
17:06:08.0762 2004  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:06:08.0809 2004  lmhosts - ok
17:06:08.0872 2004  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:06:08.0887 2004  LSI_FC - ok
17:06:08.0918 2004  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:06:08.0934 2004  LSI_SAS - ok
17:06:08.0950 2004  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:06:08.0965 2004  LSI_SAS2 - ok
17:06:08.0996 2004  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:06:09.0012 2004  LSI_SCSI - ok
17:06:09.0059 2004  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:06:09.0121 2004  luafv - ok
17:06:09.0199 2004  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:06:09.0199 2004  MBAMProtector - ok
17:06:09.0308 2004  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:06:09.0340 2004  MBAMScheduler - ok
17:06:09.0433 2004  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:06:09.0480 2004  MBAMService - ok
17:06:09.0511 2004  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:06:09.0558 2004  Mcx2Svc - ok
17:06:09.0574 2004  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:06:09.0589 2004  megasas - ok
17:06:09.0620 2004  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:06:09.0652 2004  MegaSR - ok
17:06:09.0714 2004  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:06:09.0776 2004  MMCSS - ok
17:06:09.0792 2004  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:06:09.0870 2004  Modem - ok
17:06:09.0917 2004  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:06:09.0948 2004  monitor - ok
17:06:10.0010 2004  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:06:10.0026 2004  mouclass - ok
17:06:10.0042 2004  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:06:10.0073 2004  mouhid - ok
17:06:10.0104 2004  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:06:10.0120 2004  mountmgr - ok
17:06:10.0135 2004  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
17:06:10.0166 2004  mpio - ok
17:06:10.0198 2004  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:06:10.0244 2004  mpsdrv - ok
17:06:10.0307 2004  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:06:10.0400 2004  MpsSvc - ok
17:06:10.0416 2004  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:06:10.0463 2004  MRxDAV - ok
17:06:10.0510 2004  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:06:10.0541 2004  mrxsmb - ok
17:06:10.0588 2004  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:06:10.0619 2004  mrxsmb10 - ok
17:06:10.0666 2004  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:06:10.0712 2004  mrxsmb20 - ok
17:06:10.0728 2004  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
17:06:10.0744 2004  msahci - ok
17:06:10.0790 2004  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
17:06:10.0806 2004  msdsm - ok
17:06:10.0822 2004  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:06:10.0868 2004  MSDTC - ok
17:06:10.0915 2004  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:06:10.0962 2004  Msfs - ok
17:06:10.0993 2004  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:06:11.0056 2004  mshidkmdf - ok
17:06:11.0087 2004  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
17:06:11.0102 2004  msisadrv - ok
17:06:11.0180 2004  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:06:11.0258 2004  MSiSCSI - ok
17:06:11.0274 2004  msiserver - ok
17:06:11.0321 2004  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:06:11.0383 2004  MSKSSRV - ok
17:06:11.0430 2004  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:06:11.0492 2004  MSPCLOCK - ok
17:06:11.0524 2004  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:06:11.0586 2004  MSPQM - ok
17:06:11.0602 2004  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:06:11.0633 2004  MsRPC - ok
17:06:11.0664 2004  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:06:11.0680 2004  mssmbios - ok
17:06:11.0695 2004  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:06:11.0773 2004  MSTEE - ok
17:06:11.0789 2004  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:06:11.0820 2004  MTConfig - ok
17:06:11.0882 2004  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:06:11.0898 2004  Mup - ok
17:06:11.0945 2004  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
17:06:12.0023 2004  napagent - ok
17:06:12.0085 2004  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:06:12.0132 2004  NativeWifiP - ok
17:06:12.0194 2004  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:06:12.0257 2004  NDIS - ok
17:06:12.0304 2004  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:06:12.0350 2004  NdisCap - ok
17:06:12.0413 2004  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:06:12.0475 2004  NdisTapi - ok
17:06:12.0522 2004  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:06:12.0584 2004  Ndisuio - ok
17:06:12.0600 2004  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:06:12.0662 2004  NdisWan - ok
17:06:12.0678 2004  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:06:12.0740 2004  NDProxy - ok
17:06:12.0756 2004  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:06:12.0834 2004  NetBIOS - ok
17:06:12.0850 2004  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:06:12.0912 2004  NetBT - ok
17:06:12.0928 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
17:06:12.0943 2004  Netlogon - ok
17:06:13.0006 2004  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:06:13.0084 2004  Netman - ok
17:06:13.0115 2004  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:06:13.0193 2004  netprofm - ok
17:06:13.0224 2004  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:06:13.0240 2004  NetTcpPortSharing - ok
17:06:13.0318 2004  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:06:13.0333 2004  nfrd960 - ok
17:06:13.0380 2004  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:06:13.0442 2004  NlaSvc - ok
17:06:13.0505 2004  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:06:13.0552 2004  Npfs - ok
17:06:13.0598 2004  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:06:13.0661 2004  nsi - ok
17:06:13.0676 2004  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:06:13.0739 2004  nsiproxy - ok
17:06:13.0848 2004  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:06:13.0926 2004  Ntfs - ok
17:06:13.0942 2004  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:06:14.0004 2004  Null - ok
17:06:14.0082 2004  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:06:14.0098 2004  nvraid - ok
17:06:14.0176 2004  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:06:14.0191 2004  nvstor - ok
17:06:14.0222 2004  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
17:06:14.0238 2004  nv_agp - ok
17:06:14.0238 2004  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
17:06:14.0269 2004  ohci1394 - ok
17:06:14.0316 2004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:06:14.0378 2004  p2pimsvc - ok
17:06:14.0410 2004  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:06:14.0441 2004  p2psvc - ok
17:06:14.0472 2004  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:06:14.0488 2004  Parport - ok
17:06:14.0534 2004  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:06:14.0550 2004  partmgr - ok
17:06:14.0581 2004  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:06:14.0612 2004  PcaSvc - ok
17:06:14.0659 2004  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
17:06:14.0675 2004  pci - ok
17:06:14.0706 2004  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
17:06:14.0722 2004  pciide - ok
17:06:14.0737 2004  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:06:14.0753 2004  pcmcia - ok
17:06:14.0784 2004  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:06:14.0800 2004  pcw - ok
17:06:14.0831 2004  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:06:14.0909 2004  PEAUTH - ok
17:06:14.0971 2004  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:06:15.0065 2004  PeerDistSvc - ok
17:06:15.0174 2004  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:06:15.0268 2004  PerfHost - ok
17:06:15.0361 2004  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
17:06:15.0470 2004  pla - ok
17:06:15.0548 2004  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:06:15.0611 2004  PlugPlay - ok
17:06:15.0626 2004  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:06:15.0658 2004  PNRPAutoReg - ok
17:06:15.0673 2004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:06:15.0704 2004  PNRPsvc - ok
17:06:15.0736 2004  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:06:15.0814 2004  PolicyAgent - ok
17:06:15.0860 2004  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:06:15.0923 2004  Power - ok
17:06:15.0985 2004  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:06:16.0048 2004  PptpMiniport - ok
17:06:16.0079 2004  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:06:16.0094 2004  Processor - ok
17:06:16.0141 2004  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
17:06:16.0172 2004  ProfSvc - ok
17:06:16.0204 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:06:16.0219 2004  ProtectedStorage - ok
17:06:16.0282 2004  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:06:16.0344 2004  Psched - ok
17:06:16.0453 2004  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:06:16.0531 2004  ql2300 - ok
17:06:16.0547 2004  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:06:16.0562 2004  ql40xx - ok
17:06:16.0594 2004  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:06:16.0625 2004  QWAVE - ok
17:06:16.0640 2004  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:06:16.0672 2004  QWAVEdrv - ok
17:06:16.0703 2004  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:06:16.0765 2004  RasAcd - ok
17:06:16.0843 2004  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:06:16.0890 2004  RasAgileVpn - ok
17:06:16.0921 2004  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:06:16.0984 2004  RasAuto - ok
17:06:16.0999 2004  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:06:17.0046 2004  Rasl2tp - ok
17:06:17.0077 2004  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
17:06:17.0155 2004  RasMan - ok
17:06:17.0171 2004  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:06:17.0233 2004  RasPppoe - ok
17:06:17.0296 2004  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:06:17.0358 2004  RasSstp - ok
17:06:17.0389 2004  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:06:17.0467 2004  rdbss - ok
17:06:17.0483 2004  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:06:17.0498 2004  rdpbus - ok
17:06:17.0514 2004  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:06:17.0561 2004  RDPCDD - ok
17:06:17.0608 2004  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:06:17.0623 2004  RDPDR - ok
17:06:17.0670 2004  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:06:17.0732 2004  RDPENCDD - ok
17:06:17.0748 2004  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:06:17.0795 2004  RDPREFMP - ok
17:06:17.0873 2004  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:06:17.0920 2004  RDPWD - ok
17:06:17.0982 2004  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:06:17.0998 2004  rdyboost - ok
17:06:18.0044 2004  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:06:18.0107 2004  RemoteAccess - ok
17:06:18.0154 2004  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:06:18.0216 2004  RemoteRegistry - ok
17:06:18.0247 2004  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:06:18.0310 2004  RpcEptMapper - ok
17:06:18.0341 2004  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:06:18.0356 2004  RpcLocator - ok
17:06:18.0388 2004  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
17:06:18.0450 2004  RpcSs - ok
17:06:18.0512 2004  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:06:18.0575 2004  rspndr - ok
17:06:18.0590 2004  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:06:18.0622 2004  RTL8167 - ok
17:06:18.0653 2004  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
17:06:18.0700 2004  s3cap - ok
17:06:18.0731 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
17:06:18.0746 2004  SamSs - ok
17:06:18.0778 2004  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
17:06:18.0793 2004  sbp2port - ok
17:06:18.0824 2004  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:06:18.0887 2004  SCardSvr - ok
17:06:18.0902 2004  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:06:18.0949 2004  scfilter - ok
17:06:19.0027 2004  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
17:06:19.0105 2004  Schedule - ok
17:06:19.0136 2004  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:06:19.0183 2004  SCPolicySvc - ok
17:06:19.0214 2004  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:06:19.0261 2004  SDRSVC - ok
17:06:19.0308 2004  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:06:19.0370 2004  secdrv - ok
17:06:19.0386 2004  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
17:06:19.0448 2004  seclogon - ok
17:06:19.0480 2004  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:06:19.0542 2004  SENS - ok
17:06:19.0558 2004  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:06:19.0589 2004  SensrSvc - ok
17:06:19.0620 2004  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:06:19.0636 2004  Serenum - ok
17:06:19.0651 2004  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:06:19.0682 2004  Serial - ok
17:06:19.0698 2004  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:06:19.0729 2004  sermouse - ok
17:06:19.0807 2004  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
17:06:19.0870 2004  SessionEnv - ok
17:06:19.0885 2004  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
17:06:19.0916 2004  sffdisk - ok
17:06:19.0963 2004  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:06:19.0994 2004  sffp_mmc - ok
17:06:20.0010 2004  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
17:06:20.0026 2004  sffp_sd - ok
17:06:20.0057 2004  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:06:20.0072 2004  sfloppy - ok
17:06:20.0104 2004  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:06:20.0166 2004  SharedAccess - ok
17:06:20.0197 2004  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:06:20.0244 2004  ShellHWDetection - ok
17:06:20.0306 2004  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:06:20.0322 2004  SiSRaid2 - ok
17:06:20.0338 2004  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:06:20.0369 2004  SiSRaid4 - ok
17:06:20.0478 2004  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:06:20.0494 2004  SkypeUpdate - ok
17:06:20.0525 2004  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:06:20.0587 2004  Smb - ok
17:06:20.0650 2004  [ 7AE8BCA90539ECBDE87AC45BA1436BE3 ] smserial        C:\Windows\system32\DRIVERS\SmSerl64.sys
17:06:20.0712 2004  smserial - ok
17:06:20.0774 2004  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:06:20.0806 2004  SNMPTRAP - ok
17:06:20.0837 2004  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:06:20.0852 2004  spldr - ok
17:06:20.0915 2004  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
17:06:20.0977 2004  Spooler - ok
17:06:21.0118 2004  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:06:21.0289 2004  sppsvc - ok
17:06:21.0320 2004  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:06:21.0383 2004  sppuinotify - ok
17:06:21.0445 2004  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:06:21.0492 2004  srv - ok
17:06:21.0523 2004  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:06:21.0554 2004  srv2 - ok
17:06:21.0617 2004  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:06:21.0648 2004  srvnet - ok
17:06:21.0710 2004  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:06:21.0788 2004  SSDPSRV - ok
17:06:21.0804 2004  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:06:21.0866 2004  SstpSvc - ok
17:06:21.0898 2004  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:06:21.0913 2004  stexstor - ok
17:06:21.0991 2004  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
17:06:22.0038 2004  stisvc - ok
17:06:22.0069 2004  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
17:06:22.0085 2004  storflt - ok
17:06:22.0100 2004  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
17:06:22.0116 2004  storvsc - ok
17:06:22.0147 2004  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:06:22.0163 2004  swenum - ok
17:06:22.0194 2004  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:06:22.0272 2004  swprv - ok
17:06:22.0350 2004  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
17:06:22.0459 2004  SysMain - ok
17:06:22.0475 2004  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:06:22.0490 2004  TabletInputService - ok
17:06:22.0537 2004  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:06:22.0615 2004  TapiSrv - ok
17:06:22.0631 2004  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:06:22.0678 2004  TBS - ok
17:06:22.0787 2004  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:06:22.0896 2004  Tcpip - ok
17:06:22.0958 2004  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:06:23.0005 2004  TCPIP6 - ok
17:06:23.0068 2004  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:06:23.0114 2004  tcpipreg - ok
17:06:23.0177 2004  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:06:23.0224 2004  TDPIPE - ok
17:06:23.0270 2004  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:06:23.0302 2004  TDTCP - ok
17:06:23.0348 2004  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:06:23.0411 2004  tdx - ok
17:06:23.0426 2004  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:06:23.0442 2004  TermDD - ok
17:06:23.0504 2004  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
17:06:23.0582 2004  TermService - ok
17:06:23.0598 2004  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:06:23.0645 2004  Themes - ok
17:06:23.0660 2004  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:06:23.0707 2004  THREADORDER - ok
17:06:23.0738 2004  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:06:23.0801 2004  TrkWks - ok
17:06:23.0848 2004  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:06:23.0879 2004  TrustedInstaller - ok
17:06:23.0910 2004  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:06:23.0957 2004  tssecsrv - ok
17:06:24.0035 2004  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:06:24.0097 2004  tunnel - ok
17:06:24.0113 2004  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:06:24.0128 2004  uagp35 - ok
17:06:24.0160 2004  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:06:24.0238 2004  udfs - ok
17:06:24.0331 2004  [ 54A4A93A984E5C30B5CAB9257A0A05BF ] UDisk Monitor   C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
17:06:24.0362 2004  UDisk Monitor ( UnsignedFile.Multi.Generic ) - warning
17:06:24.0362 2004  UDisk Monitor - detected UnsignedFile.Multi.Generic (1)
17:06:24.0409 2004  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:06:24.0440 2004  UI0Detect - ok
17:06:24.0456 2004  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
17:06:24.0472 2004  uliagpkx - ok
17:06:24.0534 2004  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:06:24.0550 2004  umbus - ok
17:06:24.0565 2004  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:06:24.0596 2004  UmPass - ok
17:06:24.0659 2004  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:06:24.0690 2004  UmRdpService - ok
17:06:24.0721 2004  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:06:24.0799 2004  upnphost - ok
17:06:24.0846 2004  [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:06:24.0893 2004  usbccgp - ok
17:06:24.0955 2004  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
17:06:25.0002 2004  usbcir - ok
17:06:25.0049 2004  [ 92969BA5AC44E229C55A332864F79677 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:06:25.0064 2004  usbehci - ok
17:06:25.0096 2004  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:06:25.0127 2004  usbhub - ok
17:06:25.0158 2004  [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:06:25.0189 2004  usbohci - ok
17:06:25.0205 2004  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:06:25.0236 2004  usbprint - ok
17:06:25.0298 2004  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:06:25.0345 2004  USBSTOR - ok
17:06:25.0361 2004  [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:06:25.0376 2004  usbuhci - ok
17:06:25.0439 2004  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:06:25.0486 2004  usbvideo - ok
17:06:25.0532 2004  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:06:25.0595 2004  UxSms - ok
17:06:25.0610 2004  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
17:06:25.0626 2004  VaultSvc - ok
17:06:25.0688 2004  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
17:06:25.0704 2004  vdrvroot - ok
17:06:25.0735 2004  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
17:06:25.0798 2004  vds - ok
17:06:25.0860 2004  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:06:25.0876 2004  vga - ok
17:06:25.0907 2004  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:06:25.0969 2004  VgaSave - ok
17:06:26.0000 2004  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
17:06:26.0016 2004  vhdmp - ok
17:06:26.0047 2004  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
17:06:26.0063 2004  viaide - ok
17:06:26.0110 2004  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
17:06:26.0125 2004  vmbus - ok
17:06:26.0156 2004  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
17:06:26.0172 2004  VMBusHID - ok
17:06:26.0203 2004  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
17:06:26.0219 2004  volmgr - ok
17:06:26.0250 2004  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:06:26.0266 2004  volmgrx - ok
17:06:26.0328 2004  [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:06:26.0344 2004  volsnap - ok
17:06:26.0390 2004  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:06:26.0422 2004  vsmraid - ok
17:06:26.0484 2004  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
17:06:26.0578 2004  VSS - ok
17:06:26.0609 2004  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:06:26.0640 2004  vwifibus - ok
17:06:26.0656 2004  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:06:26.0687 2004  vwififlt - ok
17:06:26.0718 2004  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:06:26.0780 2004  W32Time - ok
17:06:26.0796 2004  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:06:26.0827 2004  WacomPen - ok
17:06:26.0874 2004  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:06:26.0936 2004  WANARP - ok
17:06:26.0968 2004  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:06:27.0014 2004  Wanarpv6 - ok
17:06:27.0108 2004  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:06:27.0170 2004  WatAdminSvc - ok
17:06:27.0248 2004  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
17:06:27.0358 2004  wbengine - ok
17:06:27.0389 2004  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:06:27.0420 2004  WbioSrvc - ok
17:06:27.0498 2004  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:06:27.0545 2004  wcncsvc - ok
17:06:27.0576 2004  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:06:27.0607 2004  WcsPlugInService - ok
17:06:27.0638 2004  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:06:27.0654 2004  Wd - ok
17:06:27.0732 2004  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:06:27.0794 2004  Wdf01000 - ok
17:06:27.0826 2004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:06:27.0872 2004  WdiServiceHost - ok
17:06:27.0872 2004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:06:27.0904 2004  WdiSystemHost - ok
17:06:27.0950 2004  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
17:06:27.0997 2004  WebClient - ok
17:06:28.0028 2004  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:06:28.0091 2004  Wecsvc - ok
17:06:28.0106 2004  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:06:28.0169 2004  wercplsupport - ok
17:06:28.0216 2004  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:06:28.0278 2004  WerSvc - ok
17:06:28.0340 2004  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:06:28.0387 2004  WfpLwf - ok
17:06:28.0418 2004  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:06:28.0434 2004  WIMMount - ok
17:06:28.0465 2004  WinDefend - ok
17:06:28.0496 2004  WinHttpAutoProxySvc - ok
17:06:28.0574 2004  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:06:28.0637 2004  Winmgmt - ok
17:06:28.0730 2004  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:06:28.0886 2004  WinRM - ok
17:06:28.0980 2004  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:06:28.0996 2004  WinUsb - ok
17:06:29.0042 2004  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:06:29.0105 2004  Wlansvc - ok
17:06:29.0183 2004  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:06:29.0198 2004  wlcrasvc - ok
17:06:29.0339 2004  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:06:29.0464 2004  wlidsvc - ok
17:06:29.0479 2004  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:06:29.0510 2004  WmiAcpi - ok
17:06:29.0557 2004  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:06:29.0588 2004  wmiApSrv - ok
17:06:29.0604 2004  WMPNetworkSvc - ok
17:06:29.0651 2004  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:06:29.0682 2004  WPCSvc - ok
17:06:29.0698 2004  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:06:29.0744 2004  WPDBusEnum - ok
17:06:29.0776 2004  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:06:29.0838 2004  ws2ifsl - ok
17:06:29.0885 2004  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:06:29.0932 2004  wscsvc - ok
17:06:29.0932 2004  WSearch - ok
17:06:30.0056 2004  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:06:30.0181 2004  wuauserv - ok
17:06:30.0228 2004  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:06:30.0259 2004  WudfPf - ok
17:06:30.0322 2004  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:06:30.0353 2004  WUDFRd - ok
17:06:30.0415 2004  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:06:30.0446 2004  wudfsvc - ok
17:06:30.0478 2004  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:06:30.0602 2004  WwanSvc - ok
17:06:30.0634 2004  ================ Scan global ===============================
17:06:30.0680 2004  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:06:30.0727 2004  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
17:06:30.0743 2004  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
17:06:30.0790 2004  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:06:30.0836 2004  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:06:30.0836 2004  [Global] - ok
17:06:30.0836 2004  ================ Scan MBR ==================================
17:06:30.0868 2004  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:06:31.0523 2004  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:06:31.0523 2004  \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:06:31.0538 2004  ================ Scan VBR ==================================
17:06:31.0570 2004  [ B627C7AD21213D05F2CB4A9FDD560A5C ] \Device\Harddisk0\DR0\Partition1
17:06:31.0585 2004  \Device\Harddisk0\DR0\Partition1 - ok
17:06:31.0585 2004  [ 1127B5A3A7C27466FC128B4E28EC54E5 ] \Device\Harddisk0\DR0\Partition2
17:06:31.0585 2004  \Device\Harddisk0\DR0\Partition2 - ok
17:06:31.0632 2004  [ D7DC185A9F30D5920E8EF54F17ED85F7 ] \Device\Harddisk0\DR0\Partition3
17:06:31.0632 2004  \Device\Harddisk0\DR0\Partition3 - ok
17:06:31.0632 2004  ============================================================
17:06:31.0632 2004  Scan finished
17:06:31.0632 2004  ============================================================
17:06:31.0648 0408  Detected object count: 2
17:06:31.0648 0408  Actual detected object count: 2
17:06:38.0839 0408  UDisk Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:06:38.0839 0408  UDisk Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:06:38.0839 0408  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:06:38.0839 0408  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
17:06:41.0491 1628  Deinitialize success

aswMBR:

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-05 17:07:45
-----------------------------
17:07:45.047    OS Version: Windows x64 6.1.7600 
17:07:45.047    Number of processors: 2 586 0x6801
17:07:45.047    ComputerName: JAYOKDAONE-PC  UserName: JayokDaOne
17:07:45.577    Initialize success
17:08:07.012    AVAST engine defs: 13030400
17:08:21.691    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:08:21.691    Disk 0 Vendor: WDC_WD2500BEVS-22UST0 01.01A01 Size: 238475MB BusType: 3
17:08:21.754    Disk 0 MBR read successfully
17:08:21.754    Disk 0 MBR scan
17:08:21.769    Disk 0 Windows 7 default MBR code
17:08:21.800    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS        12000 MB offset 2048
17:08:21.832    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       151650 MB offset 24578048
17:08:21.863    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        74823 MB offset 335157248
17:08:21.925    Disk 0 scanning C:\Windows\system32\drivers
17:08:35.638    Service scanning
17:09:06.510    Modules scanning
17:09:06.526    Disk 0 trace - called modules:
17:09:06.572    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
17:09:06.588    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80025b3740]
17:09:06.604    3 CLASSPNP.SYS[fffff8800191043f] -> nt!IofCallDriver -> [0xfffffa80024ade40]
17:09:06.604    5 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8001729680]
17:09:06.619    Scan finished successfully
17:09:39.239    Disk 0 MBR has been saved successfully to "C:\Users\JayokDaOne\Desktop\MBR.dat"
17:09:39.239    The log file has been saved successfully to "C:\Users\JayokDaOne\Desktop\aswMBR.txt"

cosinus · 06.03.2013, 01:01

Zitat:

17:06:38.0839 0408 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Diesen Eintrag bitte mit dem TDSS-Killer fixen. Aber bitte nur diesen Eintrag!

Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue

Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.

jayokdaone · 06.03.2013, 13:20

OK...hab alles gemacht.

Code:

ATTFilter

13:17:00.0874 0336  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:17:01.0217 0336  ============================================================
13:17:01.0217 0336  Current date / time: 2013/03/06 13:17:01.0217
13:17:01.0217 0336  SystemInfo:
13:17:01.0217 0336  
13:17:01.0217 0336  OS Version: 6.1.7600 ServicePack: 0.0
13:17:01.0217 0336  Product type: Workstation
13:17:01.0217 0336  ComputerName: JAYOKDAONE-PC
13:17:01.0217 0336  UserName: JayokDaOne
13:17:01.0217 0336  Windows directory: C:\Windows
13:17:01.0217 0336  System windows directory: C:\Windows
13:17:01.0217 0336  Running under WOW64
13:17:01.0217 0336  Processor architecture: Intel x64
13:17:01.0217 0336  Number of processors: 2
13:17:01.0217 0336  Page size: 0x1000
13:17:01.0217 0336  Boot type: Safe boot with network
13:17:01.0217 0336  ============================================================
13:17:02.0372 0336  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:17:02.0387 0336  ============================================================
13:17:02.0387 0336  \Device\Harddisk0\DR0:
13:17:02.0387 0336  MBR partitions:
13:17:02.0387 0336  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1770000
13:17:02.0387 0336  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x12831000
13:17:02.0387 0336  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13FA1800, BlocksNum 0x9223800
13:17:02.0387 0336  ============================================================
13:17:02.0418 0336  C: <-> \Device\Harddisk0\DR0\Partition2
13:17:02.0450 0336  D: <-> \Device\Harddisk0\DR0\Partition1
13:17:02.0528 0336  E: <-> \Device\Harddisk0\DR0\Partition3
13:17:02.0528 0336  ============================================================
13:17:02.0528 0336  Initialize success
13:17:02.0528 0336  ============================================================
13:17:07.0332 1568  ============================================================
13:17:07.0332 1568  Scan started
13:17:07.0332 1568  Mode: Manual; SigCheck; TDLFS; 
13:17:07.0332 1568  ============================================================
13:17:08.0346 1568  ================ Scan system memory ========================
13:17:08.0346 1568  System memory - ok
13:17:08.0346 1568  ================ Scan services =============================
13:17:08.0565 1568  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:17:08.0627 1568  1394ohci - ok
13:17:08.0705 1568  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:17:08.0721 1568  ACPI - ok
13:17:08.0736 1568  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:17:08.0752 1568  AcpiPmi - ok
13:17:08.0955 1568  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:17:08.0970 1568  AdobeARMservice - ok
13:17:09.0220 1568  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:17:09.0236 1568  AdobeFlashPlayerUpdateSvc - ok
13:17:09.0314 1568  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:17:09.0329 1568  adp94xx - ok
13:17:09.0454 1568  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:17:09.0470 1568  adpahci - ok
13:17:09.0501 1568  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:17:09.0532 1568  adpu320 - ok
13:17:09.0594 1568  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:17:09.0641 1568  AeLookupSvc - ok
13:17:09.0735 1568  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
13:17:09.0750 1568  AFD - ok
13:17:09.0813 1568  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:17:09.0828 1568  agp440 - ok
13:17:09.0844 1568  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:17:09.0875 1568  ALG - ok
13:17:09.0922 1568  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:17:09.0938 1568  aliide - ok
13:17:09.0953 1568  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:17:09.0969 1568  amdide - ok
13:17:10.0016 1568  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:17:10.0031 1568  AmdK8 - ok
13:17:10.0078 1568  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:17:10.0094 1568  AmdPPM - ok
13:17:10.0140 1568  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:17:10.0156 1568  amdsata - ok
13:17:10.0203 1568  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:17:10.0218 1568  amdsbs - ok
13:17:10.0250 1568  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:17:10.0265 1568  amdxata - ok
13:17:10.0406 1568  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:17:10.0421 1568  AntiVirSchedulerService - ok
13:17:10.0452 1568  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:17:10.0468 1568  AntiVirService - ok
13:17:10.0546 1568  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
13:17:10.0562 1568  AppID - ok
13:17:10.0608 1568  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:17:10.0671 1568  AppIDSvc - ok
13:17:10.0702 1568  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
13:17:10.0718 1568  Appinfo - ok
13:17:10.0811 1568  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:17:10.0842 1568  AppMgmt - ok
13:17:10.0905 1568  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:17:10.0920 1568  arc - ok
13:17:10.0936 1568  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:17:10.0952 1568  arcsas - ok
13:17:11.0014 1568  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:17:11.0061 1568  AsyncMac - ok
13:17:11.0108 1568  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:17:11.0123 1568  atapi - ok
13:17:11.0217 1568  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:17:11.0264 1568  athr - ok
13:17:11.0342 1568  [ CA4A0176FA380EFD45DE9D0ACB9E1F86 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:17:11.0373 1568  Ati External Event Utility - ok
13:17:11.0700 1568  [ AEAE4ABE6419923C037A0B2A157E1FC6 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:17:11.0794 1568  atikmdag - ok
13:17:11.0888 1568  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:17:11.0950 1568  AudioEndpointBuilder - ok
13:17:11.0981 1568  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:17:12.0044 1568  AudioSrv - ok
13:17:12.0090 1568  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:17:12.0106 1568  avgntflt - ok
13:17:12.0137 1568  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:17:12.0153 1568  avipbb - ok
13:17:12.0200 1568  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:17:12.0215 1568  avkmgr - ok
13:17:12.0278 1568  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:17:12.0293 1568  AxInstSV - ok
13:17:12.0356 1568  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:17:12.0371 1568  b06bdrv - ok
13:17:12.0465 1568  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:17:12.0496 1568  b57nd60a - ok
13:17:12.0558 1568  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:17:12.0574 1568  BDESVC - ok
13:17:12.0605 1568  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:17:12.0652 1568  Beep - ok
13:17:12.0714 1568  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
13:17:12.0777 1568  BFE - ok
13:17:12.0902 1568  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
13:17:12.0980 1568  BITS - ok
13:17:13.0042 1568  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:17:13.0058 1568  blbdrive - ok
13:17:13.0120 1568  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:17:13.0136 1568  bowser - ok
13:17:13.0182 1568  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:17:13.0214 1568  BrFiltLo - ok
13:17:13.0229 1568  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:17:13.0245 1568  BrFiltUp - ok
13:17:13.0307 1568  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
13:17:13.0323 1568  Browser - ok
13:17:13.0370 1568  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:17:13.0401 1568  Brserid - ok
13:17:13.0432 1568  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:17:13.0463 1568  BrSerWdm - ok
13:17:13.0479 1568  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:17:13.0510 1568  BrUsbMdm - ok
13:17:13.0557 1568  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:17:13.0572 1568  BrUsbSer - ok
13:17:13.0635 1568  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:17:13.0650 1568  BTHMODEM - ok
13:17:13.0713 1568  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:17:13.0760 1568  bthserv - ok
13:17:13.0838 1568  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:17:13.0884 1568  cdfs - ok
13:17:13.0947 1568  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:17:13.0978 1568  cdrom - ok
13:17:14.0025 1568  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:17:14.0072 1568  CertPropSvc - ok
13:17:14.0118 1568  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:17:14.0134 1568  circlass - ok
13:17:14.0165 1568  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:17:14.0181 1568  CLFS - ok
13:17:14.0508 1568  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:17:14.0524 1568  clr_optimization_v2.0.50727_32 - ok
13:17:14.0649 1568  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:17:14.0664 1568  clr_optimization_v2.0.50727_64 - ok
13:17:14.0836 1568  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:17:14.0852 1568  clr_optimization_v4.0.30319_32 - ok
13:17:14.0930 1568  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:17:14.0945 1568  clr_optimization_v4.0.30319_64 - ok
13:17:15.0008 1568  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:17:15.0039 1568  CmBatt - ok
13:17:15.0070 1568  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:17:15.0086 1568  cmdide - ok
13:17:15.0164 1568  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:17:15.0195 1568  CNG - ok
13:17:15.0242 1568  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:17:15.0257 1568  Compbatt - ok
13:17:15.0320 1568  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:17:15.0335 1568  CompositeBus - ok
13:17:15.0366 1568  COMSysApp - ok
13:17:15.0429 1568  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:17:15.0429 1568  crcdisk - ok
13:17:15.0507 1568  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:17:15.0538 1568  CryptSvc - ok
13:17:15.0600 1568  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
13:17:15.0616 1568  CSC - ok
13:17:15.0663 1568  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
13:17:15.0694 1568  CscService - ok
13:17:15.0756 1568  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:17:15.0819 1568  DcomLaunch - ok
13:17:15.0881 1568  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:17:15.0959 1568  defragsvc - ok
13:17:16.0037 1568  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:17:16.0053 1568  DfsC - ok
13:17:16.0131 1568  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:17:16.0162 1568  Dhcp - ok
13:17:16.0209 1568  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:17:16.0256 1568  discache - ok
13:17:16.0302 1568  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:17:16.0318 1568  Disk - ok
13:17:16.0396 1568  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:17:16.0412 1568  Dnscache - ok
13:17:16.0458 1568  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
13:17:16.0521 1568  dot3svc - ok
13:17:16.0552 1568  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
13:17:16.0614 1568  DPS - ok
13:17:16.0692 1568  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:17:16.0708 1568  drmkaud - ok
13:17:16.0802 1568  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:17:16.0833 1568  DXGKrnl - ok
13:17:16.0864 1568  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:17:16.0926 1568  EapHost - ok
13:17:17.0051 1568  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:17:17.0114 1568  ebdrv - ok
13:17:17.0160 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
13:17:17.0176 1568  EFS - ok
13:17:17.0270 1568  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:17:17.0301 1568  ehRecvr - ok
13:17:17.0348 1568  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:17:17.0363 1568  ehSched - ok
13:17:17.0426 1568  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:17:17.0457 1568  elxstor - ok
13:17:17.0472 1568  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:17:17.0504 1568  ErrDev - ok
13:17:17.0597 1568  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:17:17.0644 1568  EventSystem - ok
13:17:17.0675 1568  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:17:17.0738 1568  exfat - ok
13:17:17.0769 1568  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:17:17.0831 1568  fastfat - ok
13:17:17.0909 1568  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
13:17:17.0925 1568  Fax - ok
13:17:17.0972 1568  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:17:17.0987 1568  fdc - ok
13:17:18.0050 1568  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:17:18.0096 1568  fdPHost - ok
13:17:18.0128 1568  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:17:18.0174 1568  FDResPub - ok
13:17:18.0206 1568  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:17:18.0237 1568  FileInfo - ok
13:17:18.0252 1568  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:17:18.0315 1568  Filetrace - ok
13:17:18.0346 1568  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:17:18.0362 1568  flpydisk - ok
13:17:18.0408 1568  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:17:18.0424 1568  FltMgr - ok
13:17:18.0502 1568  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
13:17:18.0549 1568  FontCache - ok
13:17:18.0611 1568  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:17:18.0627 1568  FontCache3.0.0.0 - ok
13:17:18.0674 1568  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:17:18.0689 1568  FsDepends - ok
13:17:18.0736 1568  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:17:18.0752 1568  fssfltr - ok
13:17:18.0892 1568  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:17:18.0939 1568  fsssvc - ok
13:17:19.0017 1568  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:17:19.0032 1568  Fs_Rec - ok
13:17:19.0142 1568  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:17:19.0157 1568  fvevol - ok
13:17:19.0220 1568  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:17:19.0235 1568  gagp30kx - ok
13:17:19.0329 1568  [ 22B6BE519C112FD9C6ADA3C96B54EC15 ] Generalusbserialser20675 C:\Windows\system32\DRIVERS\CT_U_USBSER.sys
13:17:19.0360 1568  Generalusbserialser20675 - ok
13:17:19.0422 1568  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
13:17:19.0438 1568  ggflt - ok
13:17:19.0532 1568  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
13:17:19.0532 1568  ggsemc - ok
13:17:19.0594 1568  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
13:17:19.0625 1568  gpsvc - ok
13:17:19.0672 1568  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:17:19.0688 1568  hcw85cir - ok
13:17:19.0781 1568  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:17:19.0797 1568  HdAudAddService - ok
13:17:19.0875 1568  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:17:19.0890 1568  HDAudBus - ok
13:17:19.0922 1568  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:17:19.0937 1568  HidBatt - ok
13:17:19.0953 1568  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:17:19.0984 1568  HidBth - ok
13:17:20.0000 1568  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:17:20.0031 1568  HidIr - ok
13:17:20.0062 1568  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:17:20.0124 1568  hidserv - ok
13:17:20.0171 1568  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:17:20.0202 1568  HidUsb - ok
13:17:20.0249 1568  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:17:20.0312 1568  hkmsvc - ok
13:17:20.0358 1568  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:17:20.0390 1568  HomeGroupListener - ok
13:17:20.0436 1568  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:17:20.0452 1568  HomeGroupProvider - ok
13:17:20.0483 1568  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:17:20.0499 1568  HpSAMD - ok
13:17:20.0592 1568  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:17:20.0655 1568  HTTP - ok
13:17:20.0686 1568  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:17:20.0702 1568  hwpolicy - ok
13:17:20.0748 1568  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:17:20.0764 1568  i8042prt - ok
13:17:20.0858 1568  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:17:20.0873 1568  iaStorV - ok
13:17:20.0982 1568  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:17:21.0014 1568  idsvc - ok
13:17:21.0029 1568  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:17:21.0029 1568  iirsp - ok
13:17:21.0092 1568  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:17:21.0170 1568  IKEEXT - ok
13:17:21.0201 1568  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:17:21.0216 1568  intelide - ok
13:17:21.0279 1568  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:17:21.0294 1568  intelppm - ok
13:17:21.0326 1568  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:17:21.0372 1568  IPBusEnum - ok
13:17:21.0404 1568  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:17:21.0450 1568  IpFilterDriver - ok
13:17:21.0482 1568  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:17:21.0544 1568  iphlpsvc - ok
13:17:21.0591 1568  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:17:21.0606 1568  IPMIDRV - ok
13:17:21.0622 1568  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:17:21.0700 1568  IPNAT - ok
13:17:21.0762 1568  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:17:21.0794 1568  IRENUM - ok
13:17:21.0825 1568  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:17:21.0840 1568  isapnp - ok
13:17:21.0903 1568  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:17:21.0918 1568  iScsiPrt - ok
13:17:21.0965 1568  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:17:21.0981 1568  kbdclass - ok
13:17:22.0043 1568  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:17:22.0059 1568  kbdhid - ok
13:17:22.0074 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
13:17:22.0090 1568  KeyIso - ok
13:17:22.0152 1568  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:17:22.0168 1568  KSecDD - ok
13:17:22.0184 1568  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:17:22.0215 1568  KSecPkg - ok
13:17:22.0230 1568  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:17:22.0277 1568  ksthunk - ok
13:17:22.0324 1568  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:17:22.0386 1568  KtmRm - ok
13:17:22.0433 1568  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:17:22.0464 1568  LanmanServer - ok
13:17:22.0496 1568  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:17:22.0542 1568  LanmanWorkstation - ok
13:17:22.0605 1568  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:17:22.0652 1568  lltdio - ok
13:17:22.0698 1568  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:17:22.0761 1568  lltdsvc - ok
13:17:22.0808 1568  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:17:22.0870 1568  lmhosts - ok
13:17:22.0932 1568  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:17:22.0948 1568  LSI_FC - ok
13:17:22.0979 1568  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:17:23.0010 1568  LSI_SAS - ok
13:17:23.0042 1568  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:17:23.0057 1568  LSI_SAS2 - ok
13:17:23.0073 1568  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:17:23.0088 1568  LSI_SCSI - ok
13:17:23.0120 1568  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:17:23.0166 1568  luafv - ok
13:17:23.0244 1568  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:17:23.0244 1568  MBAMProtector - ok
13:17:23.0369 1568  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:17:23.0400 1568  MBAMScheduler - ok
13:17:23.0447 1568  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:17:23.0478 1568  MBAMService - ok
13:17:23.0510 1568  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:17:23.0525 1568  Mcx2Svc - ok
13:17:23.0556 1568  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:17:23.0572 1568  megasas - ok
13:17:23.0603 1568  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:17:23.0634 1568  MegaSR - ok
13:17:23.0681 1568  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:17:23.0728 1568  MMCSS - ok
13:17:23.0744 1568  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:17:23.0790 1568  Modem - ok
13:17:23.0853 1568  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:17:23.0868 1568  monitor - ok
13:17:23.0931 1568  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:17:23.0946 1568  mouclass - ok
13:17:23.0993 1568  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:17:24.0009 1568  mouhid - ok
13:17:24.0024 1568  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:17:24.0040 1568  mountmgr - ok
13:17:24.0071 1568  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:17:24.0087 1568  mpio - ok
13:17:24.0118 1568  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:17:24.0165 1568  mpsdrv - ok
13:17:24.0212 1568  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:17:24.0274 1568  MpsSvc - ok
13:17:24.0305 1568  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:17:24.0321 1568  MRxDAV - ok
13:17:24.0383 1568  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:17:24.0414 1568  mrxsmb - ok
13:17:24.0461 1568  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:17:24.0477 1568  mrxsmb10 - ok
13:17:24.0524 1568  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:17:24.0539 1568  mrxsmb20 - ok
13:17:24.0570 1568  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:17:24.0586 1568  msahci - ok
13:17:24.0602 1568  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:17:24.0633 1568  msdsm - ok
13:17:24.0648 1568  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:17:24.0680 1568  MSDTC - ok
13:17:24.0726 1568  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:17:24.0773 1568  Msfs - ok
13:17:24.0820 1568  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:17:24.0867 1568  mshidkmdf - ok
13:17:24.0898 1568  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:17:24.0914 1568  msisadrv - ok
13:17:24.0945 1568  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:17:25.0007 1568  MSiSCSI - ok
13:17:25.0007 1568  msiserver - ok
13:17:25.0054 1568  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:17:25.0116 1568  MSKSSRV - ok
13:17:25.0163 1568  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:17:25.0210 1568  MSPCLOCK - ok
13:17:25.0241 1568  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:17:25.0288 1568  MSPQM - ok
13:17:25.0319 1568  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:17:25.0335 1568  MsRPC - ok
13:17:25.0366 1568  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:17:25.0382 1568  mssmbios - ok
13:17:25.0413 1568  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:17:25.0460 1568  MSTEE - ok
13:17:25.0491 1568  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:17:25.0506 1568  MTConfig - ok
13:17:25.0553 1568  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:17:25.0569 1568  Mup - ok
13:17:25.0631 1568  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
13:17:25.0694 1568  napagent - ok
13:17:25.0756 1568  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:17:25.0787 1568  NativeWifiP - ok
13:17:25.0850 1568  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:17:25.0896 1568  NDIS - ok
13:17:25.0928 1568  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:17:25.0990 1568  NdisCap - ok
13:17:26.0052 1568  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:17:26.0099 1568  NdisTapi - ok
13:17:26.0146 1568  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:17:26.0193 1568  Ndisuio - ok
13:17:26.0208 1568  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:17:26.0255 1568  NdisWan - ok
13:17:26.0302 1568  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:17:26.0349 1568  NDProxy - ok
13:17:26.0396 1568  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:17:26.0442 1568  NetBIOS - ok
13:17:26.0458 1568  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:17:26.0520 1568  NetBT - ok
13:17:26.0536 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
13:17:26.0567 1568  Netlogon - ok
13:17:26.0630 1568  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:17:26.0692 1568  Netman - ok
13:17:26.0723 1568  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:17:26.0770 1568  netprofm - ok
13:17:26.0817 1568  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:17:26.0832 1568  NetTcpPortSharing - ok
13:17:26.0864 1568  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:17:26.0879 1568  nfrd960 - ok
13:17:26.0942 1568  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:17:26.0988 1568  NlaSvc - ok
13:17:27.0066 1568  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:17:27.0113 1568  Npfs - ok
13:17:27.0144 1568  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:17:27.0191 1568  nsi - ok
13:17:27.0207 1568  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:17:27.0269 1568  nsiproxy - ok
13:17:27.0363 1568  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:17:27.0425 1568  Ntfs - ok
13:17:27.0441 1568  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:17:27.0488 1568  Null - ok
13:17:27.0550 1568  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:17:27.0566 1568  nvraid - ok
13:17:27.0628 1568  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:17:27.0644 1568  nvstor - ok
13:17:27.0690 1568  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:17:27.0706 1568  nv_agp - ok
13:17:27.0722 1568  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:17:27.0737 1568  ohci1394 - ok
13:17:27.0784 1568  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:17:27.0800 1568  p2pimsvc - ok
13:17:27.0831 1568  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:17:27.0862 1568  p2psvc - ok
13:17:27.0878 1568  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:17:27.0893 1568  Parport - ok
13:17:27.0940 1568  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:17:27.0971 1568  partmgr - ok
13:17:27.0987 1568  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:17:28.0002 1568  PcaSvc - ok
13:17:28.0034 1568  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:17:28.0049 1568  pci - ok
13:17:28.0080 1568  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:17:28.0096 1568  pciide - ok
13:17:28.0127 1568  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:17:28.0143 1568  pcmcia - ok
13:17:28.0174 1568  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:17:28.0190 1568  pcw - ok
13:17:28.0221 1568  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:17:28.0268 1568  PEAUTH - ok
13:17:28.0330 1568  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:17:28.0377 1568  PeerDistSvc - ok
13:17:28.0486 1568  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:17:28.0517 1568  PerfHost - ok
13:17:28.0611 1568  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
13:17:28.0673 1568  pla - ok
13:17:28.0751 1568  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:17:28.0782 1568  PlugPlay - ok
13:17:28.0798 1568  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:17:28.0814 1568  PNRPAutoReg - ok
13:17:28.0860 1568  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:17:28.0876 1568  PNRPsvc - ok
13:17:28.0954 1568  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:17:29.0016 1568  PolicyAgent - ok
13:17:29.0048 1568  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:17:29.0110 1568  Power - ok
13:17:29.0157 1568  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:17:29.0204 1568  PptpMiniport - ok
13:17:29.0235 1568  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:17:29.0250 1568  Processor - ok
13:17:29.0297 1568  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
13:17:29.0313 1568  ProfSvc - ok
13:17:29.0328 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:17:29.0344 1568  ProtectedStorage - ok
13:17:29.0422 1568  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:17:29.0469 1568  Psched - ok
13:17:29.0594 1568  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:17:29.0640 1568  ql2300 - ok
13:17:29.0640 1568  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:17:29.0656 1568  ql40xx - ok
13:17:29.0703 1568  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:17:29.0734 1568  QWAVE - ok
13:17:29.0734 1568  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:17:29.0765 1568  QWAVEdrv - ok
13:17:29.0781 1568  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:17:29.0843 1568  RasAcd - ok
13:17:29.0890 1568  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:17:29.0937 1568  RasAgileVpn - ok
13:17:29.0968 1568  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:17:30.0015 1568  RasAuto - ok
13:17:30.0046 1568  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:30.0093 1568  Rasl2tp - ok
13:17:30.0124 1568  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
13:17:30.0171 1568  RasMan - ok
13:17:30.0202 1568  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:30.0249 1568  RasPppoe - ok
13:17:30.0327 1568  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:17:30.0374 1568  RasSstp - ok
13:17:30.0420 1568  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:17:30.0467 1568  rdbss - ok
13:17:30.0483 1568  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:17:30.0514 1568  rdpbus - ok
13:17:30.0545 1568  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:30.0592 1568  RDPCDD - ok
13:17:30.0639 1568  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:17:30.0654 1568  RDPDR - ok
13:17:30.0701 1568  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:17:30.0748 1568  RDPENCDD - ok
13:17:30.0779 1568  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:17:30.0826 1568  RDPREFMP - ok
13:17:30.0873 1568  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:17:30.0888 1568  RDPWD - ok
13:17:30.0904 1568  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:17:30.0935 1568  rdyboost - ok
13:17:30.0966 1568  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:17:31.0013 1568  RemoteAccess - ok
13:17:31.0044 1568  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:17:31.0107 1568  RemoteRegistry - ok
13:17:31.0122 1568  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:17:31.0169 1568  RpcEptMapper - ok
13:17:31.0200 1568  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:17:31.0216 1568  RpcLocator - ok
13:17:31.0263 1568  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
13:17:31.0325 1568  RpcSs - ok
13:17:31.0356 1568  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:17:31.0403 1568  rspndr - ok
13:17:31.0466 1568  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:17:31.0481 1568  RTL8167 - ok
13:17:31.0512 1568  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
13:17:31.0528 1568  s3cap - ok
13:17:31.0559 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
13:17:31.0575 1568  SamSs - ok
13:17:31.0606 1568  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:17:31.0622 1568  sbp2port - ok
13:17:31.0653 1568  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:17:31.0700 1568  SCardSvr - ok
13:17:31.0715 1568  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:17:31.0762 1568  scfilter - ok
13:17:31.0840 1568  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
13:17:31.0871 1568  Schedule - ok
13:17:31.0902 1568  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:17:31.0949 1568  SCPolicySvc - ok
13:17:31.0980 1568  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:17:32.0012 1568  SDRSVC - ok
13:17:32.0058 1568  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:17:32.0105 1568  secdrv - ok
13:17:32.0121 1568  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
13:17:32.0183 1568  seclogon - ok
13:17:32.0214 1568  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:17:32.0261 1568  SENS - ok
13:17:32.0277 1568  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:17:32.0308 1568  SensrSvc - ok
13:17:32.0324 1568  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:17:32.0339 1568  Serenum - ok
13:17:32.0386 1568  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:17:32.0402 1568  Serial - ok
13:17:32.0433 1568  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:17:32.0448 1568  sermouse - ok
13:17:32.0495 1568  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
13:17:32.0542 1568  SessionEnv - ok
13:17:32.0558 1568  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:17:32.0589 1568  sffdisk - ok
13:17:32.0604 1568  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:17:32.0620 1568  sffp_mmc - ok
13:17:32.0651 1568  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:17:32.0667 1568  sffp_sd - ok
13:17:32.0698 1568  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:17:32.0714 1568  sfloppy - ok
13:17:32.0745 1568  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:17:32.0807 1568  SharedAccess - ok
13:17:32.0838 1568  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:17:32.0870 1568  ShellHWDetection - ok
13:17:32.0885 1568  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:17:32.0901 1568  SiSRaid2 - ok
13:17:32.0916 1568  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:17:32.0932 1568  SiSRaid4 - ok
13:17:33.0026 1568  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:17:33.0041 1568  SkypeUpdate - ok
13:17:33.0088 1568  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:17:33.0135 1568  Smb - ok
13:17:33.0228 1568  [ 7AE8BCA90539ECBDE87AC45BA1436BE3 ] smserial        C:\Windows\system32\DRIVERS\SmSerl64.sys
13:17:33.0260 1568  smserial - ok
13:17:33.0338 1568  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:17:33.0353 1568  SNMPTRAP - ok
13:17:33.0369 1568  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:17:33.0384 1568  spldr - ok
13:17:33.0447 1568  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
13:17:33.0478 1568  Spooler - ok
13:17:33.0603 1568  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:17:33.0681 1568  sppsvc - ok
13:17:33.0712 1568  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:17:33.0759 1568  sppuinotify - ok
13:17:33.0821 1568  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:17:33.0837 1568  srv - ok
13:17:33.0868 1568  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:17:33.0899 1568  srv2 - ok
13:17:33.0946 1568  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:17:33.0962 1568  srvnet - ok
13:17:34.0024 1568  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:17:34.0086 1568  SSDPSRV - ok
13:17:34.0102 1568  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:17:34.0149 1568  SstpSvc - ok
13:17:34.0180 1568  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:17:34.0196 1568  stexstor - ok
13:17:34.0258 1568  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
13:17:34.0289 1568  stisvc - ok
13:17:34.0320 1568  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
13:17:34.0336 1568  storflt - ok
13:17:34.0352 1568  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
13:17:34.0367 1568  storvsc - ok
13:17:34.0398 1568  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:17:34.0414 1568  swenum - ok
13:17:34.0445 1568  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:17:34.0508 1568  swprv - ok
13:17:34.0570 1568  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
13:17:34.0617 1568  SysMain - ok
13:17:34.0632 1568  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:17:34.0664 1568  TabletInputService - ok
13:17:34.0695 1568  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:17:34.0757 1568  TapiSrv - ok
13:17:34.0788 1568  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:17:34.0835 1568  TBS - ok
13:17:34.0944 1568  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:17:35.0007 1568  Tcpip - ok
13:17:35.0100 1568  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:17:35.0147 1568  TCPIP6 - ok
13:17:35.0210 1568  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:17:35.0256 1568  tcpipreg - ok
13:17:35.0303 1568  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:17:35.0319 1568  TDPIPE - ok
13:17:35.0366 1568  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:17:35.0381 1568  TDTCP - ok
13:17:35.0412 1568  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:17:35.0459 1568  tdx - ok
13:17:35.0475 1568  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:17:35.0490 1568  TermDD - ok
13:17:35.0537 1568  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
13:17:35.0600 1568  TermService - ok
13:17:35.0615 1568  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:17:35.0646 1568  Themes - ok
13:17:35.0662 1568  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:17:35.0709 1568  THREADORDER - ok
13:17:35.0740 1568  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:17:35.0787 1568  TrkWks - ok
13:17:35.0849 1568  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:17:35.0865 1568  TrustedInstaller - ok
13:17:35.0912 1568  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:35.0958 1568  tssecsrv - ok
13:17:36.0021 1568  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:17:36.0068 1568  tunnel - ok
13:17:36.0099 1568  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:17:36.0114 1568  uagp35 - ok
13:17:36.0146 1568  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:17:36.0192 1568  udfs - ok
13:17:36.0302 1568  [ 54A4A93A984E5C30B5CAB9257A0A05BF ] UDisk Monitor   C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
13:17:36.0317 1568  UDisk Monitor ( UnsignedFile.Multi.Generic ) - warning
13:17:36.0317 1568  UDisk Monitor - detected UnsignedFile.Multi.Generic (1)
13:17:36.0348 1568  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:17:36.0380 1568  UI0Detect - ok
13:17:36.0442 1568  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:17:36.0458 1568  uliagpkx - ok
13:17:36.0473 1568  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:17:36.0489 1568  umbus - ok
13:17:36.0504 1568  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:17:36.0520 1568  UmPass - ok
13:17:36.0567 1568  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:17:36.0582 1568  UmRdpService - ok
13:17:36.0629 1568  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:17:36.0692 1568  upnphost - ok
13:17:36.0723 1568  [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:17:36.0738 1568  usbccgp - ok
13:17:36.0785 1568  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:17:36.0801 1568  usbcir - ok
13:17:36.0863 1568  [ 92969BA5AC44E229C55A332864F79677 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:17:36.0879 1568  usbehci - ok
13:17:36.0972 1568  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:17:36.0988 1568  usbhub - ok
13:17:37.0019 1568  [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:17:37.0035 1568  usbohci - ok
13:17:37.0050 1568  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:17:37.0066 1568  usbprint - ok
13:17:37.0113 1568  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:37.0144 1568  USBSTOR - ok
13:17:37.0160 1568  [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:17:37.0175 1568  usbuhci - ok
13:17:37.0238 1568  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:17:37.0269 1568  usbvideo - ok
13:17:37.0284 1568  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:17:37.0347 1568  UxSms - ok
13:17:37.0362 1568  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
13:17:37.0378 1568  VaultSvc - ok
13:17:37.0409 1568  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:17:37.0409 1568  vdrvroot - ok
13:17:37.0456 1568  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
13:17:37.0472 1568  vds - ok
13:17:37.0550 1568  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:37.0565 1568  vga - ok
13:17:37.0596 1568  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:17:37.0643 1568  VgaSave - ok
13:17:37.0674 1568  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:17:37.0690 1568  vhdmp - ok
13:17:37.0721 1568  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:17:37.0737 1568  viaide - ok
13:17:37.0784 1568  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
13:17:37.0799 1568  vmbus - ok
13:17:37.0830 1568  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
13:17:37.0846 1568  VMBusHID - ok
13:17:37.0862 1568  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:17:37.0877 1568  volmgr - ok
13:17:37.0908 1568  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:17:37.0940 1568  volmgrx - ok
13:17:37.0986 1568  [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:17:38.0002 1568  volsnap - ok
13:17:38.0033 1568  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:17:38.0064 1568  vsmraid - ok
13:17:38.0142 1568  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
13:17:38.0189 1568  VSS - ok
13:17:38.0205 1568  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:17:38.0220 1568  vwifibus - ok
13:17:38.0283 1568  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:17:38.0298 1568  vwififlt - ok
13:17:38.0345 1568  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:17:38.0408 1568  W32Time - ok
13:17:38.0423 1568  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:17:38.0439 1568  WacomPen - ok
13:17:38.0501 1568  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:17:38.0548 1568  WANARP - ok
13:17:38.0579 1568  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:17:38.0626 1568  Wanarpv6 - ok
13:17:38.0735 1568  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:17:38.0782 1568  WatAdminSvc - ok
13:17:38.0844 1568  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
13:17:38.0891 1568  wbengine - ok
13:17:38.0922 1568  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:17:38.0938 1568  WbioSrvc - ok
13:17:39.0000 1568  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:17:39.0032 1568  wcncsvc - ok
13:17:39.0047 1568  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:17:39.0063 1568  WcsPlugInService - ok
13:17:39.0094 1568  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:17:39.0110 1568  Wd - ok
13:17:39.0172 1568  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:17:39.0203 1568  Wdf01000 - ok
13:17:39.0219 1568  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:17:39.0250 1568  WdiServiceHost - ok
13:17:39.0266 1568  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:17:39.0281 1568  WdiSystemHost - ok
13:17:39.0328 1568  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
13:17:39.0359 1568  WebClient - ok
13:17:39.0390 1568  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:17:39.0437 1568  Wecsvc - ok
13:17:39.0468 1568  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:17:39.0515 1568  wercplsupport - ok
13:17:39.0562 1568  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:17:39.0624 1568  WerSvc - ok
13:17:39.0640 1568  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:17:39.0687 1568  WfpLwf - ok
13:17:39.0718 1568  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:17:39.0718 1568  WIMMount - ok
13:17:39.0734 1568  WinDefend - ok
13:17:39.0780 1568  WinHttpAutoProxySvc - ok
13:17:39.0858 1568  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:17:39.0905 1568  Winmgmt - ok
13:17:39.0999 1568  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:17:40.0077 1568  WinRM - ok
13:17:40.0170 1568  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:17:40.0186 1568  WinUsb - ok
13:17:40.0248 1568  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:17:40.0280 1568  Wlansvc - ok
13:17:40.0373 1568  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:17:40.0389 1568  wlcrasvc - ok
13:17:40.0514 1568  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:17:40.0576 1568  wlidsvc - ok
13:17:40.0607 1568  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:17:40.0623 1568  WmiAcpi - ok
13:17:40.0670 1568  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:17:40.0701 1568  wmiApSrv - ok
13:17:40.0748 1568  WMPNetworkSvc - ok
13:17:40.0779 1568  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:17:40.0794 1568  WPCSvc - ok
13:17:40.0810 1568  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:17:40.0841 1568  WPDBusEnum - ok
13:17:40.0872 1568  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:17:40.0919 1568  ws2ifsl - ok
13:17:40.0966 1568  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:17:40.0982 1568  wscsvc - ok
13:17:41.0013 1568  WSearch - ok
13:17:41.0122 1568  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:17:41.0200 1568  wuauserv - ok
13:17:41.0247 1568  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:17:41.0278 1568  WudfPf - ok
13:17:41.0325 1568  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:41.0340 1568  WUDFRd - ok
13:17:41.0387 1568  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:17:41.0403 1568  wudfsvc - ok
13:17:41.0481 1568  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:17:41.0512 1568  WwanSvc - ok
13:17:41.0543 1568  ================ Scan global ===============================
13:17:41.0574 1568  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:17:41.0621 1568  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
13:17:41.0637 1568  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
13:17:41.0684 1568  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:17:41.0715 1568  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:17:41.0730 1568  [Global] - ok
13:17:41.0730 1568  ================ Scan MBR ==================================
13:17:41.0746 1568  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:17:42.0479 1568  \Device\Harddisk0\DR0 - ok
13:17:42.0479 1568  ================ Scan VBR ==================================
13:17:42.0510 1568  [ B627C7AD21213D05F2CB4A9FDD560A5C ] \Device\Harddisk0\DR0\Partition1
13:17:42.0510 1568  \Device\Harddisk0\DR0\Partition1 - ok
13:17:42.0526 1568  [ 1127B5A3A7C27466FC128B4E28EC54E5 ] \Device\Harddisk0\DR0\Partition2
13:17:42.0526 1568  \Device\Harddisk0\DR0\Partition2 - ok
13:17:42.0557 1568  [ D7DC185A9F30D5920E8EF54F17ED85F7 ] \Device\Harddisk0\DR0\Partition3
13:17:42.0557 1568  \Device\Harddisk0\DR0\Partition3 - ok
13:17:42.0557 1568  ============================================================
13:17:42.0557 1568  Scan finished
13:17:42.0557 1568  ============================================================
13:17:42.0588 1520  Detected object count: 1
13:17:42.0588 1520  Actual detected object count: 1
13:17:55.0848 1520  UDisk Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
13:17:55.0848 1520  UDisk Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:17:59.0280 0948  Deinitialize success

04.03.2013, 17:10	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Laptop plötzlich extrem langsam und Browser stürzen ab Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten! __________________ Logfiles bitte immer in CODE-Tags posten

Laptop plötzlich extrem langsam und Browser stürzen ab

Plagegeister aller Art und deren Bekämpfung: Laptop plötzlich extrem langsam und Browser stürzen ab