| |
| |||||||
Log-Analyse und Auswertung: Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.07.2013, 13:09
| #1 |
 |  Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Hallo alle miteinander!  Ich hoffe ihr könnt mir bei meinem Problem helfen! Ich hatte schon lange vor diesem Problem Virus/Trojaner auf dem Pc. Diese waren aber durch das Virenprogramm "AntiVir" in die Quarantäne verschoben worden! Vorgestern hab ich nun ein anderes Virenprogramm installiert! Es heißt "Zone Alarm AntiVirus"! Ich habe es mir von Chip.de runtergeladen. Schon bei der Installation von Zone Alarm, hat das Programm gemeldet das der Computer geschädigt ist, und hat daraufhin versucht den Computer zu reparieren. Das hat dann mehrere Versuche gedauert, denn das Programm hat sich immer wieder dabei aufgehangen! Zu diesem Zeitpunkt hatte ich schon "Antivir" vom Computer deinstalliert! So, nun hatte ich "Zone Alarm Antivirus" installiert, konnte aber mit dem Programm keine Virusüberprüfung machen, da dabei immer die Fehlermeldung kam, das bei der Installation von "Zone Alarm Antivirus" etwas schief gelaufen wär und eine Neuinstallation von Nöten wär! Da ich mich nich mehr mit diesem Problem beschäftigen wollte, wollte ich mich am nächsten Tag nochmal mit diesem Problem befassen! Nun startet mein Pc nicht mehr! Das heißt, ich komme nicht mehr auf den Desktop von Windows! Nach dem Starten komm ich zu einem Fenster, bei dem ich mich zwischen der "Starthilfe" und einen "normalen Start" entscheiden kann! -> Bei der Starthilfe versucht der Computer sich selbst zu reparieren, jedoch vergeblich - Er startet dann wieder neu! -> Bei der Option "Normal Starten" startet der Pc sofort neu, und ich gelange wieder auf den selben Screen wie zuvor! -> Bei den Abgesicherten Modusen startet der Pc auch immer wieder neu! -> Eine Systemwiederherstellung schlägt immer fehl! Nun weis ich nicht mehr was ich machen soll! Gibt es eine Möglichkeit die Viruse zu entfernen, ohne meine Daten zu verlieren? Da ich ein Anfänger auf diesem Gebiet bin, hoffe ich das ihr mir nich böse seit! Ich hoffe ihr habt alles verstanden! Ich freue mich über jede Hilfe! Danke! |
|
31.07.2013, 13:20
| #2 |
| /// TB-Ausbilder  |  Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich!! Hinweis an Mitlesende !! Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht. Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.  Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:  Bitte lesen:Regeln für die Bereinigung
Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ |
|
31.07.2013, 13:45
| #3 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Erledigt!
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by SYSTEM on 31-07-2013 14:41:39
Running from G:\
Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [MGSysCtrl] - C:\Program Files\System Control Manager\MGSysCtrl.exe [2478080 2010-06-22] (Micro-Star International Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9267816 2010-06-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1481320 2010-06-08] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM\...\Runonce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [x]
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2009-07-14] (Microsoft Corporation)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-22] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-22] ()
HKU\Medion\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\Medion\...\Run: [DriverMax] - [x]
HKU\Medion\...\Run: [DriverMax_RESTART] - [x]
HKU\Medion\...\Run: [UpdateStar Drivers] - C:\Program Files\UpdateStar Drivers\drivers.exe [x]
HKU\Medion\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-06-21] (Skype Technologies S.A.)
========================== Services (Whitelisted) =================
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-12-19] (Advanced Micro Devices, Inc.)
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.)
S2 Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-10-16] ()
S2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
==================== Drivers (Whitelisted) ====================
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-12-15] (Avira GmbH)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-09-21] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [168480 2009-12-02] (Realtek Semiconductor Corp.)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [x]
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-31 14:41 - 2013-07-31 14:41 - 00000000 ____D C:\FRST
2013-07-30 01:11 - 2013-07-31 10:08 - 00000000 ____D C:\Program Files\CheckPoint
2013-07-30 01:11 - 2013-07-31 10:08 - 00000000 ____D C:\Program Files\Check Point Software Technologies LTD
2013-07-30 01:10 - 2013-07-30 01:10 - 00000000 ____D C:\ProgramData\CheckPoint
2013-07-20 00:03 - 2013-07-31 13:23 - 00000000 ____D C:\Windows\System32\MRT
2013-07-15 17:04 - 2013-07-15 17:04 - 00000000 ____D C:\ProgramData\EA Core
2013-07-14 22:09 - 2013-07-14 22:09 - 00000000 ____D C:\Users\Medion\Documents\Electronic Arts
2013-07-03 16:33 - 2013-07-03 16:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-02 16:10 - 2013-07-02 16:10 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
==================== One Month Modified Files and Folders =======
2013-07-31 13:23 - 2013-07-20 00:03 - 00000000 ____D C:\Windows\System32\MRT
2013-07-31 13:23 - 2013-04-07 08:23 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-07-31 13:23 - 2012-02-17 20:56 - 00000000 ____D C:\Users\Medion\AppData\Local\LogMeIn Hamachi
2013-07-31 13:23 - 2012-02-09 19:10 - 00000000 ____D C:\ProgramData\Avira
2013-07-31 13:23 - 2012-02-09 19:10 - 00000000 ____D C:\Program Files\Avira
2013-07-31 13:23 - 2010-09-28 20:48 - 00000000 ____D C:\Users\Medion\AppData\Roaming\Skype
2013-07-31 13:23 - 2010-09-28 20:47 - 00000000 ___RD C:\Program Files\Skype
2013-07-31 13:23 - 2010-09-28 20:46 - 00000000 ____D C:\ProgramData\Skype
2013-07-31 13:23 - 2010-08-02 12:03 - 00000000 ____D C:\users\Medion
2013-07-31 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\wfp
2013-07-31 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF
2013-07-31 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-07-31 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat
2013-07-31 13:22 - 2012-10-10 15:20 - 00000000 ____D C:\Program Files\Steam
2013-07-31 10:08 - 2013-07-30 01:11 - 00000000 ____D C:\Program Files\CheckPoint
2013-07-31 10:08 - 2013-07-30 01:11 - 00000000 ____D C:\Program Files\Check Point Software Technologies LTD
2013-07-30 01:10 - 2013-07-30 01:10 - 00000000 ____D C:\ProgramData\CheckPoint
2013-07-29 19:38 - 2012-09-19 02:46 - 00053142 _____ C:\Windows\setupact.log
2013-07-23 17:22 - 2010-08-02 11:54 - 02026282 _____ C:\Windows\WindowsUpdate.log
2013-07-23 16:04 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:04 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:03 - 2010-06-22 11:24 - 01620684 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-19 13:29 - 2013-06-23 13:42 - 00000000 ____D C:\Users\Medion\Desktop\PAPA
2013-07-18 23:23 - 2011-03-01 18:08 - 00000000 ____D C:\Users\Medion\AppData\Roaming\.minecraft
2013-07-16 22:42 - 2010-10-22 15:56 - 00000000 ____D C:\Users\Medion\Desktop\Programme
2013-07-15 17:04 - 2013-07-15 17:04 - 00000000 ____D C:\ProgramData\EA Core
2013-07-14 22:09 - 2013-07-14 22:09 - 00000000 ____D C:\Users\Medion\Documents\Electronic Arts
2013-07-14 21:50 - 2010-06-22 12:01 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-14 21:47 - 2011-08-27 15:34 - 00000000 ____D C:\Users\Medion\AppData\Local\Adobe
2013-07-14 21:46 - 2012-04-06 18:50 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-14 21:46 - 2011-08-03 12:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-13 18:37 - 2010-06-22 11:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-11 21:03 - 2011-09-28 14:26 - 00000129 _____ C:\Windows\System32\MRT.INI
2013-07-11 20:55 - 2012-09-22 21:05 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-07-09 21:24 - 2012-02-20 17:58 - 00000000 ____D C:\Users\Medion\AppData\Roaming\Mp3tag
2013-07-09 21:05 - 2013-03-19 14:40 - 00000000 ____D C:\Users\Medion\AppData\Roaming\Spotify
2013-07-09 21:03 - 2013-03-19 14:41 - 00000000 ____D C:\Users\Medion\AppData\Local\Spotify
2013-07-03 19:38 - 2012-12-26 23:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-03 16:33 - 2013-07-03 16:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-02 16:10 - 2013-07-02 16:10 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-12 12:48] - [2012-09-06 17:48] - 0245616 ____A (Microsoft Corporation) 59F06B4968E58BC83DFC56CA4517960E
TDL4: custom:26000022 <===== ATTENTION!
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-07-20 00:03:27
Restore point made on: 2013-07-20 18:41:31
Restore point made on: 2013-07-21 00:04:43
Restore point made on: 2013-07-23 16:01:14
Restore point made on: 2013-07-29 19:43:01
Restore point made on: 2013-07-29 20:22:57
Restore point made on: 2013-07-29 20:31:11
Restore point made on: 2013-07-30 00:03:23
Restore point made on: 2013-07-30 00:04:32
Restore point made on: 2013-07-30 00:26:31
Restore point made on: 2013-07-30 00:35:11
Restore point made on: 2013-07-30 00:55:15
Restore point made on: 2013-07-30 00:56:39
Restore point made on: 2013-07-30 01:02:51
Restore point made on: 2013-07-30 01:06:48
Restore point made on: 2013-07-30 14:11:37
Restore point made on: 2013-07-30 15:42:05
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 3839.24 MB
Available physical RAM: 3331.27 MB
Total Pagefile: 3837.52 MB
Available Pagefile: 3334.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.67 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:256.99 GB) (Free:142.5 GB) NTFS
Drive e: (Recover) (Fixed) (Total:40 GB) (Free:30.9 GB) NTFS
Drive g: () (Removable) (Total:3.85 GB) (Free:3.85 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected.
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: F22BA34D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=257 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
LastRegBack: 2013-07-30 02:00
==================== End Of Log ============================
--- --- --- [/CODE] |
|
31.07.2013, 13:49
| #4 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Prima ... ein Rootkit hast du auch noch. Ich kann dir gar nichts versprechen, aber wir versuchen mal den ersten Schritt. Lesestoff: Rootkit-Warnung Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
Teile mir also mit, wie du dich entschieden hast. Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Fix mit FRST
Schritt 2: Achtung dies war ein Entsperrversuch: Das bedeutet, dass wir nicht fertig sind. Sondern: Wenn du wieder normal booten kannst müssen wir noch alle Reste entfernen, sonst wird eine Wiederinfektion eintreten. Berichte also, ob du wieder booten kannst und mache sonst nichts.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
31.07.2013, 14:09
| #5 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Ich würde gern versuchen mit dir mein PC wider auf die Reihe zu kriegen! Wenn ich wieder auf den Desktop komme, werd ich meine wichtigen Dateien auf ein USB-Stick speichern, und den PC definitiev wieder neu aufsetzten! Der Fixlog: Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-07-2013 04
Ran by SYSTEM at 2013-07-31 15:01:25 Run:1
Running from G:\
Boot Mode: Recovery
==============================================
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore => Value deleted successfully.
HKLM\Software\Classes\CLSID\{750fdf10-2a26-11d1-a3ea-080036587f03}\InprocServer32\\Default => Value was restored successfully.
HKU\Medion\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax => Value deleted successfully.
HKU\Medion\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART => Value deleted successfully.
HKU\Medion\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateStar Drivers => Value deleted successfully.
Profos => Service deleted successfully.
Der Vorgang wurde erfolgreich beendet.
Der Vorgang wurde erfolgreich beendet.
==== End of Fixlog ====
Ich habe den PC ohne den USB-Stick gestartet, jedoch komm ich immernoch auf den Screen, bei dem ich zwischen der Option "Windows normal starten" und "Starthilfe benutzen" entscheiden muss! Oder habe ich was falsch gemacht? |
|
31.07.2013, 14:15
| #6 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Nichts, das kommt wenn der letzte Bootvorgang nicht vollständig war. Probiere normal starten. Wenn du ohnehin Neuaufsetzen willst, dann mache es so: Herstellen eines USB-Sticks mit der Kaspersky-Rescue-Disk Du braucht dazu einen USB-Stick (am besten leer) mit mindestens 1 GB Platz.
Starten des Kaspersky Rescue Sticks zur Datensicherung
__________________ --> Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich |
|
31.07.2013, 14:21
| #7 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Ich habe gerade den PC mit der Option "Normal Starten" gestartet! Es war erfolgreich und ich bin nun auf Desktop! Was soll ich jetzt tun? Und danke für deine Hilfe bis hier hin! |
|
31.07.2013, 14:24
| #8 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Also bitte Aber entscheide dich bitte VORHER ob du Neuaufsetzen willst oder nicht!! Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
31.07.2013, 14:36
| #9 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Wenn du mir dabei hilfst denn PC neu Aufzusetzten, dann würd ich das gerne sofort machen! Jedoch würd ich davor noch gern ein paar Fotos/Dateinen behalten/sichern. Kann ich diese zb. einfach auf einen USB-Stick kopieren? Oder können diese Fotos/Dateinen auch infiziert sein? |
|
31.07.2013, 14:43
| #10 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Nein Fotos und Textdokumente sind in den seltensten Fällen kontaminiert.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
31.07.2013, 14:52
| #11 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Okay, dann würd ich jetzt gern alle wichtigen Dateien sichern! Gibt es noch was, was ich beachten sollte? Wenn ich mit dem sichern fertig bin, wie soll ich dann weiter machen? |
|
31.07.2013, 14:57
| #12 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Trotzdem mal TDSSKiller machen, dass wir diesen Schädling noch loskriegen, muss da noch was nachsehen.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
31.07.2013, 15:09
| #13 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Okay, Hier ist die Logfile von TDSSKiller Code:
ATTFilter
16:01:54.0291 3156 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:01:54.0521 3156 ============================================================
16:01:54.0521 3156 Current date / time: 2013/07/31 16:01:54.0521
16:01:54.0521 3156 SystemInfo:
16:01:54.0521 3156
16:01:54.0521 3156 OS Version: 6.1.7600 ServicePack: 0.0
16:01:54.0521 3156 Product type: Workstation
16:01:54.0521 3156 ComputerName: MEDION-PC
16:01:54.0521 3156 UserName: Medion
16:01:54.0521 3156 Windows directory: C:\Windows
16:01:54.0521 3156 System windows directory: C:\Windows
16:01:54.0521 3156 Processor architecture: Intel x86
16:01:54.0521 3156 Number of processors: 2
16:01:54.0521 3156 Page size: 0x1000
16:01:54.0521 3156 Boot type: Normal boot
16:01:54.0521 3156 ============================================================
16:01:55.0655 3156 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:01:55.0655 3156 ============================================================
16:01:55.0655 3156 \Device\Harddisk0\DR0:
16:01:55.0655 3156 MBR partitions:
16:01:55.0655 3156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:01:55.0655 3156 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x201FA800
16:01:55.0655 3156 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2022D000, BlocksNum 0x5000000
16:01:55.0655 3156 ============================================================
16:01:55.0685 3156 C: <-> \Device\Harddisk0\DR0\Partition2
16:01:55.0735 3156 D: <-> \Device\Harddisk0\DR0\Partition3
16:01:55.0735 3156 ============================================================
16:01:55.0735 3156 Initialize success
16:01:55.0735 3156 ============================================================
16:06:28.0040 5820 ============================================================
16:06:28.0040 5820 Scan started
16:06:28.0040 5820 Mode: Manual; SigCheck; TDLFS;
16:06:28.0040 5820 ============================================================
16:06:28.0757 5820 ================ Scan system memory ========================
16:06:28.0757 5820 System memory - ok
16:06:28.0757 5820 ================ Scan services =============================
16:06:28.0944 5820 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:06:29.0022 5820 1394ohci - ok
16:06:29.0054 5820 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:06:29.0085 5820 ACPI - ok
16:06:29.0100 5820 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:06:29.0147 5820 AcpiPmi - ok
16:06:29.0256 5820 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:06:29.0272 5820 AdobeFlashPlayerUpdateSvc - ok
16:06:29.0288 5820 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:06:29.0319 5820 adp94xx - ok
16:06:29.0334 5820 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:06:29.0350 5820 adpahci - ok
16:06:29.0381 5820 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:06:29.0397 5820 adpu320 - ok
16:06:29.0428 5820 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:06:29.0459 5820 AeLookupSvc - ok
16:06:29.0537 5820 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
16:06:29.0568 5820 AFD - ok
16:06:29.0600 5820 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:06:29.0615 5820 agp440 - ok
16:06:29.0662 5820 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:06:29.0678 5820 aic78xx - ok
16:06:29.0709 5820 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:06:29.0740 5820 ALG - ok
16:06:29.0771 5820 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:06:29.0787 5820 aliide - ok
16:06:29.0834 5820 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:06:29.0896 5820 AMD External Events Utility - ok
16:06:29.0974 5820 AMD FUEL Service - ok
16:06:30.0005 5820 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
16:06:30.0021 5820 amdagp - ok
16:06:30.0036 5820 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:06:30.0052 5820 amdide - ok
16:06:30.0068 5820 amdiox86 - ok
16:06:30.0099 5820 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:06:30.0114 5820 AmdK8 - ok
16:06:30.0302 5820 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:06:30.0614 5820 amdkmdag - ok
16:06:30.0692 5820 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:06:30.0707 5820 amdkmdap - ok
16:06:30.0754 5820 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:06:30.0770 5820 AmdPPM - ok
16:06:30.0801 5820 [ AF8E6573058C7B88651E76B4426F9E05 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
16:06:31.0004 5820 amdsata - ok
16:06:31.0035 5820 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:06:31.0050 5820 amdsbs - ok
16:06:31.0082 5820 [ 1FB960FB68C75AAE203C50D6B8004C16 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
16:06:31.0082 5820 amdxata - ok
16:06:31.0253 5820 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:06:31.0253 5820 AntiVirSchedulerService - ok
16:06:31.0331 5820 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:06:31.0347 5820 AntiVirService - ok
16:06:31.0425 5820 [ 66F4DE5876DC1A47BA1ACE909FA9AEEF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
16:06:31.0440 5820 AODDriver4.2 - ok
16:06:31.0487 5820 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
16:06:31.0550 5820 AppID - ok
16:06:31.0596 5820 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:06:31.0706 5820 AppIDSvc - ok
16:06:31.0721 5820 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
16:06:31.0752 5820 Appinfo - ok
16:06:31.0877 5820 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:06:31.0877 5820 Apple Mobile Device - ok
16:06:31.0924 5820 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:06:31.0924 5820 arc - ok
16:06:31.0955 5820 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:06:31.0971 5820 arcsas - ok
16:06:32.0080 5820 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:06:32.0096 5820 aspnet_state - ok
16:06:32.0111 5820 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:06:32.0158 5820 AsyncMac - ok
16:06:32.0205 5820 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:06:32.0220 5820 atapi - ok
16:06:32.0283 5820 [ 6ADC42CF4A6AB84975CA63DCCFAAF5D8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
16:06:32.0298 5820 AtiHDAudioService - ok
16:06:32.0345 5820 [ 8DF873D0587596C1D35A9CECECC61DA1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:06:32.0345 5820 AtiHdmiService - ok
16:06:32.0376 5820 [ 4FFE74E33BD9170950116F0CA46EAC89 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
16:06:32.0392 5820 AtiPcie - ok
16:06:32.0439 5820 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:06:32.0486 5820 AudioEndpointBuilder - ok
16:06:32.0501 5820 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:06:32.0532 5820 Audiosrv - ok
16:06:32.0595 5820 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:06:32.0610 5820 avgntflt - ok
16:06:32.0642 5820 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:06:32.0657 5820 avipbb - ok
16:06:32.0688 5820 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:06:32.0704 5820 avkmgr - ok
16:06:32.0735 5820 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:06:32.0766 5820 AxInstSV - ok
16:06:32.0813 5820 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:06:32.0844 5820 b06bdrv - ok
16:06:32.0891 5820 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:06:32.0907 5820 b57nd60x - ok
16:06:32.0954 5820 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:06:33.0000 5820 BDESVC - ok
16:06:33.0016 5820 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:06:33.0063 5820 Beep - ok
16:06:33.0094 5820 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
16:06:33.0156 5820 BFE - ok
16:06:33.0188 5820 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
16:06:33.0250 5820 BITS - ok
16:06:33.0281 5820 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:06:33.0312 5820 blbdrive - ok
16:06:33.0390 5820 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:06:33.0406 5820 Bonjour Service - ok
16:06:33.0453 5820 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:06:33.0484 5820 bowser - ok
16:06:33.0500 5820 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:06:33.0531 5820 BrFiltLo - ok
16:06:33.0562 5820 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:06:33.0593 5820 BrFiltUp - ok
16:06:33.0609 5820 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
16:06:33.0656 5820 Browser - ok
16:06:33.0687 5820 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:06:33.0734 5820 Brserid - ok
16:06:33.0749 5820 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:06:33.0796 5820 BrSerWdm - ok
16:06:33.0812 5820 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:06:33.0843 5820 BrUsbMdm - ok
16:06:33.0843 5820 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:06:33.0874 5820 BrUsbSer - ok
16:06:33.0890 5820 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:06:33.0921 5820 BTHMODEM - ok
16:06:33.0968 5820 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:06:34.0014 5820 bthserv - ok
16:06:34.0046 5820 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:06:34.0092 5820 cdfs - ok
16:06:34.0139 5820 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:06:34.0170 5820 cdrom - ok
16:06:34.0186 5820 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
16:06:34.0233 5820 CertPropSvc - ok
16:06:34.0264 5820 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:06:34.0295 5820 circlass - ok
16:06:34.0326 5820 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:06:34.0342 5820 CLFS - ok
16:06:34.0404 5820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:06:34.0420 5820 clr_optimization_v2.0.50727_32 - ok
16:06:34.0467 5820 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:06:34.0482 5820 clr_optimization_v4.0.30319_32 - ok
16:06:34.0498 5820 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:06:34.0514 5820 CmBatt - ok
16:06:34.0514 5820 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:06:34.0529 5820 cmdide - ok
16:06:34.0576 5820 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
16:06:34.0607 5820 CNG - ok
16:06:34.0638 5820 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:06:34.0654 5820 Compbatt - ok
16:06:34.0685 5820 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:06:34.0732 5820 CompositeBus - ok
16:06:34.0748 5820 COMSysApp - ok
16:06:34.0763 5820 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:06:34.0763 5820 crcdisk - ok
16:06:34.0810 5820 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:06:34.0826 5820 CryptSvc - ok
16:06:34.0872 5820 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
16:06:34.0919 5820 DcomLaunch - ok
16:06:34.0950 5820 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:06:34.0982 5820 defragsvc - ok
16:06:35.0013 5820 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:06:35.0028 5820 DfsC - ok
16:06:35.0060 5820 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:06:35.0075 5820 Dhcp - ok
16:06:35.0106 5820 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:06:35.0138 5820 discache - ok
16:06:35.0169 5820 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:06:35.0184 5820 Disk - ok
16:06:35.0216 5820 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:06:35.0262 5820 Dnscache - ok
16:06:35.0278 5820 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
16:06:35.0325 5820 dot3svc - ok
16:06:35.0356 5820 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
16:06:35.0387 5820 DPS - ok
16:06:35.0434 5820 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:06:35.0450 5820 drmkaud - ok
16:06:35.0496 5820 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:06:35.0512 5820 dtsoftbus01 - ok
16:06:35.0559 5820 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:06:35.0574 5820 DXGKrnl - ok
16:06:35.0621 5820 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:06:35.0652 5820 EapHost - ok
16:06:35.0902 5820 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:06:35.0980 5820 ebdrv - ok
16:06:36.0011 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
16:06:36.0058 5820 EFS - ok
16:06:36.0105 5820 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:06:36.0167 5820 ehRecvr - ok
16:06:36.0183 5820 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:06:36.0245 5820 ehSched - ok
16:06:36.0292 5820 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:06:36.0308 5820 elxstor - ok
16:06:36.0354 5820 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:06:36.0386 5820 ErrDev - ok
16:06:36.0432 5820 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:06:36.0479 5820 EventSystem - ok
16:06:36.0510 5820 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:06:36.0542 5820 exfat - ok
16:06:36.0573 5820 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:06:36.0620 5820 fastfat - ok
16:06:36.0651 5820 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
16:06:36.0682 5820 Fax - ok
16:06:36.0729 5820 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:06:36.0760 5820 fdc - ok
16:06:36.0791 5820 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:06:36.0838 5820 fdPHost - ok
16:06:36.0869 5820 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:06:36.0900 5820 FDResPub - ok
16:06:36.0916 5820 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:06:36.0932 5820 FileInfo - ok
16:06:36.0947 5820 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:06:36.0994 5820 Filetrace - ok
16:06:37.0025 5820 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:06:37.0056 5820 flpydisk - ok
16:06:37.0089 5820 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:06:37.0104 5820 FltMgr - ok
16:06:37.0135 5820 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
16:06:37.0198 5820 FontCache - ok
16:06:37.0229 5820 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:06:37.0245 5820 FontCache3.0.0.0 - ok
16:06:37.0354 5820 [ D40B85303BCFF96A717392B06FB015C4 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
16:06:37.0369 5820 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
16:06:37.0369 5820 Freemake Improver - detected UnsignedFile.Multi.Generic (1)
16:06:37.0401 5820 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:06:37.0416 5820 FsDepends - ok
16:06:37.0447 5820 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:06:37.0463 5820 Fs_Rec - ok
16:06:37.0510 5820 [ 4732E596BB1C50D9F9188C5074EE7782 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:06:37.0525 5820 fvevol - ok
16:06:37.0557 5820 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:06:37.0572 5820 gagp30kx - ok
16:06:37.0619 5820 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:06:37.0635 5820 GEARAspiWDM - ok
16:06:37.0681 5820 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
16:06:37.0697 5820 ggflt - ok
16:06:37.0697 5820 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
16:06:37.0713 5820 ggsemc - ok
16:06:37.0744 5820 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
16:06:37.0791 5820 gpsvc - ok
16:06:37.0900 5820 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:06:37.0900 5820 gupdate - ok
16:06:37.0931 5820 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:06:37.0947 5820 gupdatem - ok
16:06:37.0978 5820 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:06:37.0993 5820 hamachi - ok
16:06:38.0104 5820 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
16:06:38.0150 5820 Hamachi2Svc - ok
16:06:38.0166 5820 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:06:38.0213 5820 hcw85cir - ok
16:06:38.0260 5820 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:06:38.0275 5820 HdAudAddService - ok
16:06:38.0306 5820 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:06:38.0338 5820 HDAudBus - ok
16:06:38.0353 5820 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:06:38.0384 5820 HidBatt - ok
16:06:38.0416 5820 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:06:38.0447 5820 HidBth - ok
16:06:38.0478 5820 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:06:38.0525 5820 HidIr - ok
16:06:38.0540 5820 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:06:38.0587 5820 hidserv - ok
16:06:38.0618 5820 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:06:38.0634 5820 HidUsb - ok
16:06:38.0665 5820 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:06:38.0696 5820 hkmsvc - ok
16:06:38.0712 5820 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:06:38.0774 5820 HomeGroupListener - ok
16:06:38.0790 5820 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:06:38.0806 5820 HomeGroupProvider - ok
16:06:38.0821 5820 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:06:38.0837 5820 HpSAMD - ok
16:06:38.0884 5820 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:06:38.0915 5820 HTTP - ok
16:06:38.0930 5820 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:06:38.0946 5820 hwpolicy - ok
16:06:38.0977 5820 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:06:38.0993 5820 i8042prt - ok
16:06:39.0040 5820 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:06:39.0055 5820 iaStorV - ok
16:06:39.0118 5820 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:06:39.0149 5820 idsvc - ok
16:06:39.0180 5820 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:06:39.0196 5820 iirsp - ok
16:06:39.0242 5820 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
16:06:39.0305 5820 IKEEXT - ok
16:06:39.0414 5820 [ 5A4AAD2240CB8B50FFEAEDB2BF747ABD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:06:39.0476 5820 IntcAzAudAddService - ok
16:06:39.0492 5820 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:06:39.0508 5820 intelide - ok
16:06:39.0554 5820 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:06:39.0586 5820 intelppm - ok
16:06:39.0617 5820 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:06:39.0664 5820 IPBusEnum - ok
16:06:39.0679 5820 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:06:39.0710 5820 IpFilterDriver - ok
16:06:39.0757 5820 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:06:39.0804 5820 iphlpsvc - ok
16:06:39.0820 5820 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:06:39.0851 5820 IPMIDRV - ok
16:06:39.0866 5820 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:06:39.0913 5820 IPNAT - ok
16:06:39.0944 5820 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:06:39.0976 5820 iPod Service - ok
16:06:39.0991 5820 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:06:40.0038 5820 IRENUM - ok
16:06:40.0069 5820 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:06:40.0085 5820 isapnp - ok
16:06:40.0116 5820 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:06:40.0132 5820 iScsiPrt - ok
16:06:40.0178 5820 [ 858CE8CCD0FA4845AEB1A9C89EC3A0F2 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:06:40.0178 5820 JMCR - ok
16:06:40.0225 5820 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:06:40.0241 5820 kbdclass - ok
16:06:40.0288 5820 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:06:40.0319 5820 kbdhid - ok
16:06:40.0334 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
16:06:40.0350 5820 KeyIso - ok
16:06:40.0397 5820 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:06:40.0412 5820 KSecDD - ok
16:06:40.0444 5820 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:06:40.0459 5820 KSecPkg - ok
16:06:40.0490 5820 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:06:40.0537 5820 KtmRm - ok
16:06:40.0568 5820 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:06:40.0615 5820 LanmanServer - ok
16:06:40.0646 5820 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:06:40.0693 5820 LanmanWorkstation - ok
16:06:40.0740 5820 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:06:40.0771 5820 lltdio - ok
16:06:40.0802 5820 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:06:40.0849 5820 lltdsvc - ok
16:06:40.0880 5820 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:06:40.0912 5820 lmhosts - ok
16:06:40.0990 5820 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:06:41.0005 5820 LSI_FC - ok
16:06:41.0083 5820 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:06:41.0083 5820 LSI_SAS - ok
16:06:41.0161 5820 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:06:41.0224 5820 LSI_SAS2 - ok
16:06:41.0255 5820 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:06:41.0270 5820 LSI_SCSI - ok
16:06:41.0333 5820 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:06:41.0380 5820 luafv - ok
16:06:41.0442 5820 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:06:41.0551 5820 Mcx2Svc - ok
16:06:41.0567 5820 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:06:41.0582 5820 megasas - ok
16:06:41.0598 5820 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:06:41.0614 5820 MegaSR - ok
16:06:41.0676 5820 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
16:06:41.0692 5820 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
16:06:41.0692 5820 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
16:06:41.0707 5820 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:06:41.0754 5820 MMCSS - ok
16:06:41.0770 5820 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:06:41.0785 5820 Modem - ok
16:06:41.0816 5820 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:06:41.0848 5820 monitor - ok
16:06:41.0879 5820 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:06:41.0894 5820 mouclass - ok
16:06:41.0926 5820 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:06:41.0957 5820 mouhid - ok
16:06:41.0988 5820 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:06:42.0004 5820 mountmgr - ok
16:06:42.0082 5820 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:06:42.0097 5820 MozillaMaintenance - ok
16:06:42.0113 5820 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:06:42.0128 5820 mpio - ok
16:06:42.0128 5820 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:06:42.0175 5820 mpsdrv - ok
16:06:42.0222 5820 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
16:06:42.0284 5820 MpsSvc - ok
16:06:42.0300 5820 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:06:42.0331 5820 MRxDAV - ok
16:06:42.0394 5820 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:06:42.0409 5820 mrxsmb - ok
16:06:42.0440 5820 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:06:42.0472 5820 mrxsmb10 - ok
16:06:42.0503 5820 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:06:42.0518 5820 mrxsmb20 - ok
16:06:42.0534 5820 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:06:42.0550 5820 msahci - ok
16:06:42.0581 5820 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:06:42.0596 5820 msdsm - ok
16:06:42.0612 5820 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:06:42.0643 5820 MSDTC - ok
16:06:42.0674 5820 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:06:42.0721 5820 Msfs - ok
16:06:42.0737 5820 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:06:42.0784 5820 mshidkmdf - ok
16:06:42.0799 5820 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:06:42.0815 5820 msisadrv - ok
16:06:42.0830 5820 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:06:42.0862 5820 MSiSCSI - ok
16:06:42.0877 5820 msiserver - ok
16:06:42.0893 5820 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:06:42.0940 5820 MSKSSRV - ok
16:06:42.0940 5820 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:06:42.0971 5820 MSPCLOCK - ok
16:06:43.0018 5820 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:06:43.0064 5820 MSPQM - ok
16:06:43.0080 5820 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:06:43.0096 5820 MsRPC - ok
16:06:43.0127 5820 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:06:43.0127 5820 mssmbios - ok
16:06:43.0142 5820 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:06:43.0174 5820 MSTEE - ok
16:06:43.0189 5820 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:06:43.0220 5820 MTConfig - ok
16:06:43.0252 5820 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:06:43.0267 5820 Mup - ok
16:06:43.0298 5820 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
16:06:43.0345 5820 napagent - ok
16:06:43.0392 5820 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:06:43.0408 5820 NativeWifiP - ok
16:06:43.0454 5820 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:06:43.0486 5820 NDIS - ok
16:06:43.0501 5820 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:06:43.0548 5820 NdisCap - ok
16:06:43.0564 5820 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:06:43.0610 5820 NdisTapi - ok
16:06:43.0642 5820 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:06:43.0688 5820 Ndisuio - ok
16:06:43.0704 5820 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:06:43.0735 5820 NdisWan - ok
16:06:43.0751 5820 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:06:43.0782 5820 NDProxy - ok
16:06:43.0813 5820 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:06:43.0860 5820 NetBIOS - ok
16:06:43.0891 5820 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:06:43.0922 5820 NetBT - ok
16:06:43.0922 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
16:06:43.0938 5820 Netlogon - ok
16:06:43.0985 5820 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:06:44.0032 5820 Netman - ok
16:06:44.0078 5820 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:06:44.0094 5820 NetMsmqActivator - ok
16:06:44.0094 5820 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:06:44.0125 5820 NetPipeActivator - ok
16:06:44.0125 5820 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:06:44.0172 5820 netprofm - ok
16:06:44.0188 5820 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:06:44.0203 5820 NetTcpActivator - ok
16:06:44.0203 5820 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:06:44.0219 5820 NetTcpPortSharing - ok
16:06:44.0250 5820 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:06:44.0266 5820 nfrd960 - ok
16:06:44.0281 5820 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
16:06:44.0328 5820 NlaSvc - ok
16:06:44.0375 5820 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:06:44.0422 5820 Npfs - ok
16:06:44.0437 5820 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:06:44.0484 5820 nsi - ok
16:06:44.0500 5820 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:06:44.0531 5820 nsiproxy - ok
16:06:44.0593 5820 [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:06:44.0640 5820 Ntfs - ok
16:06:44.0656 5820 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:06:44.0671 5820 Null - ok
16:06:44.0702 5820 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:06:44.0718 5820 nvraid - ok
16:06:44.0749 5820 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:06:44.0765 5820 nvstor - ok
16:06:44.0796 5820 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:06:44.0812 5820 nv_agp - ok
16:06:44.0827 5820 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:06:44.0858 5820 ohci1394 - ok
16:06:44.0890 5820 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:06:44.0936 5820 p2pimsvc - ok
16:06:44.0983 5820 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:06:44.0999 5820 p2psvc - ok
16:06:45.0030 5820 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:06:45.0061 5820 Parport - ok
16:06:45.0092 5820 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:06:45.0108 5820 partmgr - ok
16:06:45.0124 5820 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:06:45.0139 5820 Parvdm - ok
16:06:45.0170 5820 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:06:45.0186 5820 PcaSvc - ok
16:06:45.0233 5820 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
16:06:45.0248 5820 pci - ok
16:06:45.0264 5820 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:06:45.0280 5820 pciide - ok
16:06:45.0295 5820 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:06:45.0311 5820 pcmcia - ok
16:06:45.0342 5820 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:06:45.0358 5820 pcw - ok
16:06:45.0389 5820 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:06:45.0436 5820 PEAUTH - ok
16:06:45.0514 5820 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
16:06:45.0576 5820 pla - ok
16:06:45.0607 5820 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:06:45.0654 5820 PlugPlay - ok
16:06:45.0701 5820 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:06:45.0716 5820 PnkBstrA - ok
16:06:45.0732 5820 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:06:45.0763 5820 PNRPAutoReg - ok
16:06:45.0810 5820 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:06:45.0826 5820 PNRPsvc - ok
16:06:45.0841 5820 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:06:45.0888 5820 PolicyAgent - ok
16:06:45.0904 5820 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
16:06:45.0950 5820 Power - ok
16:06:45.0997 5820 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:06:46.0044 5820 PptpMiniport - ok
16:06:46.0075 5820 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:06:46.0106 5820 Processor - ok
16:06:46.0153 5820 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
16:06:46.0200 5820 ProfSvc - ok
16:06:46.0216 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:06:46.0231 5820 ProtectedStorage - ok
16:06:46.0262 5820 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:06:46.0294 5820 Psched - ok
16:06:46.0325 5820 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:06:46.0340 5820 PSI_SVC_2 - ok
16:06:46.0387 5820 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:06:46.0434 5820 ql2300 - ok
16:06:46.0450 5820 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:06:46.0465 5820 ql40xx - ok
16:06:46.0496 5820 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:06:46.0528 5820 QWAVE - ok
16:06:46.0559 5820 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:06:46.0590 5820 QWAVEdrv - ok
16:06:46.0699 5820 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:06:46.0777 5820 RasAcd - ok
16:06:46.0871 5820 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:06:46.0980 5820 RasAgileVpn - ok
16:06:47.0011 5820 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:06:47.0058 5820 RasAuto - ok
16:06:47.0074 5820 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:06:47.0120 5820 Rasl2tp - ok
16:06:47.0152 5820 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
16:06:47.0198 5820 RasMan - ok
16:06:47.0214 5820 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:06:47.0245 5820 RasPppoe - ok
16:06:47.0276 5820 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:06:47.0323 5820 RasSstp - ok
16:06:47.0339 5820 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:06:47.0401 5820 rdbss - ok
16:06:47.0417 5820 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:06:47.0448 5820 rdpbus - ok
16:06:47.0464 5820 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:06:47.0510 5820 RDPCDD - ok
16:06:47.0542 5820 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:06:47.0588 5820 RDPENCDD - ok
16:06:47.0620 5820 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:06:47.0651 5820 RDPREFMP - ok
16:06:47.0682 5820 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:06:47.0713 5820 RDPWD - ok
16:06:47.0760 5820 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:06:47.0776 5820 rdyboost - ok
16:06:47.0807 5820 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:06:47.0838 5820 RemoteAccess - ok
16:06:47.0869 5820 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:06:47.0916 5820 RemoteRegistry - ok
16:06:47.0947 5820 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:06:47.0978 5820 RpcEptMapper - ok
16:06:47.0994 5820 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:06:48.0025 5820 RpcLocator - ok
16:06:48.0056 5820 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
16:06:48.0088 5820 RpcSs - ok
16:06:48.0103 5820 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:06:48.0134 5820 rspndr - ok
16:06:48.0166 5820 [ E38B785802C666782D2880738D01AC10 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
16:06:48.0181 5820 RTHDMIAzAudService - ok
16:06:48.0228 5820 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
16:06:48.0244 5820 RTL8167 - ok
16:06:48.0290 5820 [ B5E9979FBB26FC059BD87A81F763D5DA ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
16:06:48.0322 5820 rtl8192se - ok
16:06:48.0337 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
16:06:48.0353 5820 SamSs - ok
16:06:48.0384 5820 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:06:48.0400 5820 sbp2port - ok
16:06:48.0415 5820 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:06:48.0462 5820 SCardSvr - ok
16:06:48.0493 5820 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:06:48.0540 5820 scfilter - ok
16:06:48.0571 5820 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
16:06:48.0634 5820 Schedule - ok
16:06:48.0649 5820 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:06:48.0680 5820 SCPolicySvc - ok
16:06:48.0712 5820 [ AA826E35F6D28A8E5D1EFEB337F24BA2 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:06:48.0727 5820 sdbus - ok
16:06:48.0758 5820 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:06:48.0805 5820 SDRSVC - ok
16:06:48.0836 5820 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:06:48.0852 5820 secdrv - ok
16:06:48.0868 5820 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:06:48.0914 5820 seclogon - ok
16:06:48.0946 5820 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:06:48.0992 5820 SENS - ok
16:06:49.0008 5820 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:06:49.0055 5820 SensrSvc - ok
16:06:49.0086 5820 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:06:49.0102 5820 Serenum - ok
16:06:49.0117 5820 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:06:49.0164 5820 Serial - ok
16:06:49.0180 5820 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:06:49.0195 5820 sermouse - ok
16:06:49.0226 5820 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
16:06:49.0273 5820 SessionEnv - ok
16:06:49.0289 5820 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:06:49.0304 5820 sffdisk - ok
16:06:49.0320 5820 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:06:49.0351 5820 sffp_mmc - ok
16:06:49.0367 5820 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:06:49.0398 5820 sffp_sd - ok
16:06:49.0429 5820 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:06:49.0460 5820 sfloppy - ok
16:06:49.0507 5820 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:06:49.0538 5820 SharedAccess - ok
16:06:49.0554 5820 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:06:49.0585 5820 ShellHWDetection - ok
16:06:49.0616 5820 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
16:06:49.0632 5820 sisagp - ok
16:06:49.0663 5820 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:06:49.0679 5820 SiSRaid2 - ok
16:06:49.0694 5820 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:06:49.0710 5820 SiSRaid4 - ok
16:06:49.0835 5820 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:06:49.0913 5820 Skype C2C Service - ok
16:06:49.0975 5820 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:06:49.0975 5820 SkypeUpdate - ok
16:06:50.0022 5820 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:06:50.0053 5820 Smb - ok
16:06:50.0100 5820 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:06:50.0116 5820 SNMPTRAP - ok
16:06:50.0209 5820 [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
16:06:50.0225 5820 Sony PC Companion - ok
16:06:50.0240 5820 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:06:50.0256 5820 spldr - ok
16:06:50.0303 5820 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
16:06:50.0350 5820 Spooler - ok
16:06:50.0428 5820 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
16:06:50.0506 5820 sppsvc - ok
16:06:50.0537 5820 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:06:50.0568 5820 sppuinotify - ok
16:06:50.0599 5820 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:06:50.0630 5820 srv - ok
16:06:50.0662 5820 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:06:50.0677 5820 srv2 - ok
16:06:50.0693 5820 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:06:50.0708 5820 srvnet - ok
16:06:50.0724 5820 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:06:50.0755 5820 SSDPSRV - ok
16:06:50.0802 5820 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
16:06:50.0802 5820 ssmdrv - ok
16:06:50.0818 5820 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:06:50.0864 5820 SstpSvc - ok
16:06:50.0911 5820 Steam Client Service - ok
16:06:50.0927 5820 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:06:50.0942 5820 stexstor - ok
16:06:50.0989 5820 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
16:06:51.0036 5820 StiSvc - ok
16:06:51.0052 5820 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:06:51.0067 5820 swenum - ok
16:06:51.0098 5820 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:06:51.0161 5820 swprv - ok
16:06:51.0192 5820 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:06:51.0208 5820 SynTP - ok
16:06:51.0239 5820 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
16:06:51.0286 5820 SysMain - ok
16:06:51.0286 5820 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:06:51.0332 5820 TabletInputService - ok
16:06:51.0348 5820 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
16:06:51.0395 5820 TapiSrv - ok
16:06:51.0426 5820 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:06:51.0457 5820 TBS - ok
16:06:51.0582 5820 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:06:51.0629 5820 Tcpip - ok
16:06:51.0660 5820 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:06:51.0691 5820 TCPIP6 - ok
16:06:51.0738 5820 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:06:51.0785 5820 tcpipreg - ok
16:06:51.0800 5820 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:06:51.0847 5820 TDPIPE - ok
16:06:51.0878 5820 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:06:51.0910 5820 TDTCP - ok
16:06:51.0925 5820 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:06:51.0972 5820 tdx - ok
16:06:51.0988 5820 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:06:52.0003 5820 TermDD - ok
16:06:52.0050 5820 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
16:06:52.0097 5820 TermService - ok
16:06:52.0112 5820 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:06:52.0128 5820 Themes - ok
16:06:52.0128 5820 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:06:52.0159 5820 THREADORDER - ok
16:06:52.0190 5820 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:06:52.0237 5820 TrkWks - ok
16:06:52.0284 5820 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:06:52.0315 5820 TrustedInstaller - ok
16:06:52.0331 5820 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:06:52.0378 5820 tssecsrv - ok
16:06:52.0424 5820 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:06:52.0471 5820 tunnel - ok
16:06:52.0487 5820 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:06:52.0502 5820 uagp35 - ok
16:06:52.0534 5820 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:06:52.0580 5820 udfs - ok
16:06:52.0612 5820 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:06:52.0627 5820 UI0Detect - ok
16:06:52.0643 5820 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:06:52.0658 5820 uliagpkx - ok
16:06:52.0705 5820 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:06:52.0705 5820 umbus - ok
16:06:52.0721 5820 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:06:52.0736 5820 UmPass - ok
16:06:52.0752 5820 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:06:52.0799 5820 upnphost - ok
16:06:52.0846 5820 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:06:52.0892 5820 USBAAPL - ok
16:06:52.0939 5820 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
16:06:52.0970 5820 usbbus - ok
16:06:52.0986 5820 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:06:53.0033 5820 usbccgp - ok
16:06:53.0064 5820 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:06:53.0080 5820 usbcir - ok
16:06:53.0095 5820 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
16:06:53.0126 5820 UsbDiag - ok
16:06:53.0158 5820 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:06:53.0189 5820 usbehci - ok
16:06:53.0236 5820 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:06:53.0236 5820 usbfilter - ok
16:06:53.0251 5820 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:06:53.0267 5820 usbhub - ok
16:06:53.0314 5820 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
16:06:53.0329 5820 USBModem - ok
16:06:53.0345 5820 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:06:53.0360 5820 usbohci - ok
16:06:53.0392 5820 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:06:53.0407 5820 usbprint - ok
16:06:53.0438 5820 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:06:53.0454 5820 usbscan - ok
16:06:53.0470 5820 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:06:53.0485 5820 USBSTOR - ok
16:06:53.0501 5820 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:06:53.0532 5820 usbuhci - ok
16:06:53.0579 5820 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:06:53.0626 5820 usbvideo - ok
16:06:53.0641 5820 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:06:53.0688 5820 UxSms - ok
16:06:53.0704 5820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
16:06:53.0719 5820 VaultSvc - ok
16:06:53.0750 5820 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:06:53.0766 5820 vdrvroot - ok
16:06:53.0797 5820 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
16:06:53.0828 5820 vds - ok
16:06:53.0844 5820 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:06:53.0875 5820 vga - ok
16:06:53.0906 5820 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:06:53.0938 5820 VgaSave - ok
16:06:53.0953 5820 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:06:53.0984 5820 vhdmp - ok
16:06:54.0016 5820 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
16:06:54.0031 5820 viaagp - ok
16:06:54.0047 5820 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:06:54.0078 5820 ViaC7 - ok
16:06:54.0094 5820 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:06:54.0109 5820 viaide - ok
16:06:54.0140 5820 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:06:54.0140 5820 volmgr - ok
16:06:54.0156 5820 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:06:54.0187 5820 volmgrx - ok
16:06:54.0218 5820 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:06:54.0234 5820 volsnap - ok
16:06:54.0281 5820 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:06:54.0296 5820 vsmraid - ok
16:06:54.0343 5820 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
16:06:54.0374 5820 VSS - ok
16:06:54.0390 5820 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:06:54.0406 5820 vwifibus - ok
16:06:54.0437 5820 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:06:54.0452 5820 vwififlt - ok
16:06:54.0484 5820 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:06:54.0499 5820 vwifimp - ok
16:06:54.0515 5820 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:06:54.0562 5820 W32Time - ok
16:06:54.0593 5820 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:06:54.0624 5820 WacomPen - ok
16:06:54.0655 5820 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:06:54.0686 5820 WANARP - ok
16:06:54.0686 5820 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:06:54.0718 5820 Wanarpv6 - ok
16:06:54.0764 5820 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
16:06:54.0811 5820 wbengine - ok
16:06:54.0827 5820 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:06:54.0858 5820 WbioSrvc - ok
16:06:54.0889 5820 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:06:54.0920 5820 wcncsvc - ok
16:06:54.0936 5820 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:06:54.0952 5820 WcsPlugInService - ok
16:06:54.0983 5820 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:06:54.0998 5820 Wd - ok
16:06:55.0030 5820 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:06:55.0061 5820 Wdf01000 - ok
16:06:55.0092 5820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:06:55.0108 5820 WdiServiceHost - ok
16:06:55.0108 5820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:06:55.0123 5820 WdiSystemHost - ok
16:06:55.0154 5820 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
16:06:55.0217 5820 WebClient - ok
16:06:55.0232 5820 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:06:55.0279 5820 Wecsvc - ok
16:06:55.0310 5820 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:06:55.0342 5820 wercplsupport - ok
16:06:55.0373 5820 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:06:55.0404 5820 WerSvc - ok
16:06:55.0435 5820 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:06:55.0482 5820 WfpLwf - ok
16:06:55.0498 5820 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:06:55.0513 5820 WIMMount - ok
16:06:55.0560 5820 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:06:55.0607 5820 WinDefend - ok
16:06:55.0638 5820 WinHttpAutoProxySvc - ok
16:06:55.0685 5820 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:06:55.0716 5820 Winmgmt - ok
16:06:55.0841 5820 WinRing0_1_2_0 - ok
16:06:55.0903 5820 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
16:06:55.0950 5820 WinRM - ok
16:06:56.0012 5820 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:06:56.0044 5820 WinUsb - ok
16:06:56.0075 5820 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:06:56.0106 5820 Wlansvc - ok
16:06:56.0246 5820 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:06:56.0278 5820 wlidsvc - ok
16:06:56.0309 5820 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:06:56.0324 5820 WmiAcpi - ok
16:06:56.0356 5820 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:06:56.0387 5820 wmiApSrv - ok
16:06:56.0449 5820 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:06:56.0496 5820 WMPNetworkSvc - ok
16:06:56.0527 5820 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:06:56.0543 5820 WPCSvc - ok
16:06:56.0558 5820 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:06:56.0574 5820 WPDBusEnum - ok
16:06:56.0590 5820 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:06:56.0621 5820 ws2ifsl - ok
16:06:56.0652 5820 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
16:06:56.0683 5820 wscsvc - ok
16:06:56.0683 5820 WSearch - ok
16:06:56.0777 5820 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:06:56.0839 5820 wuauserv - ok
16:06:56.0902 5820 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:06:56.0948 5820 WudfPf - ok
16:06:56.0964 5820 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:06:56.0980 5820 WUDFRd - ok
16:06:57.0026 5820 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:06:57.0058 5820 wudfsvc - ok
16:06:57.0120 5820 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:06:57.0182 5820 WwanSvc - ok
16:06:57.0292 5820 ================ Scan global ===============================
16:06:57.0338 5820 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
16:06:57.0370 5820 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
16:06:57.0385 5820 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
16:06:57.0401 5820 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:06:57.0416 5820 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:06:57.0416 5820 [Global] - ok
16:06:57.0416 5820 ================ Scan MBR ==================================
16:06:57.0432 5820 [ 2E0FE7FC299470E30383716B164CF901 ] \Device\Harddisk0\DR0
16:07:00.0614 5820 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:07:00.0614 5820 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:07:00.0614 5820 ================ Scan VBR ==================================
16:07:00.0614 5820 [ 4D75DBDC030CA555655257F55C4A99D1 ] \Device\Harddisk0\DR0\Partition1
16:07:00.0614 5820 \Device\Harddisk0\DR0\Partition1 - ok
16:07:00.0646 5820 [ BD29996C33DB52346718D851CCE667D0 ] \Device\Harddisk0\DR0\Partition2
16:07:00.0646 5820 \Device\Harddisk0\DR0\Partition2 - ok
16:07:00.0661 5820 [ 61375CEDF3F16A0F785B2177108CDCAE ] \Device\Harddisk0\DR0\Partition3
16:07:00.0661 5820 \Device\Harddisk0\DR0\Partition3 - ok
16:07:00.0661 5820 ============================================================
16:07:00.0661 5820 Scan finished
16:07:00.0661 5820 ============================================================
16:07:00.0708 4956 Detected object count: 3
16:07:00.0708 4956 Actual detected object count: 3
16:07:42.0001 4956 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:42.0001 4956 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:42.0001 4956 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:42.0001 4956 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:42.0001 4956 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:07:42.0001 4956 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
31.07.2013, 16:33
| #14 |
| /// TB-Ausbilder | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Ja so hab ich mir das gedacht. Also: - Nachdem du wirklich alles gesichert hast machst du - Nochmal TDSSKiller und lässt das TDSS File System killen. - Boote jetzt mit deinem Installationsmedium. - In der Installation: Lösche alle vorhandenen Partitionen. - und lass dann neue vom Setup anlegen - dann sollte alles von selbst gehen.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
31.07.2013, 18:13
| #15 |
| | Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich Okay, hab alles gesichert! Aber muss ich vor dem Scan, ein Häckchen vor das "TDSS File System" machen oder nicht? Ich hatte es einmal ohne das Häckchen durchlaufen lassen, und es hatte nix verdächtiges gefunden! Geändert von D3tmanamaps (31.07.2013 um 18:22 Uhr) |
|
| Themen zu Virus: PC fährt nicht mehr hoch - Abgesicherter Modus, Systemwiederherstellung etc. Nicht möglich |
| alarm, anderes, anfänger, antivir, antivirus, aufgehangen, chip.de, computer, desktop, entfernen, fehlermeldung, gelaufen, gen, installation, neuinstallation, nicht mehr, nicht möglich, problem, programm, quarantäne, screen, starten, startet, systemwiederherstellung, verlieren, virus, virus troja hochfahren reparieren, windows, zone, zone alarm |
+ R Taste und schreibe notepad in das Ausführen Fenster.
Linear-Darstellung
