Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Virencheck nach Virenbefall (https://www.trojaner-board.de/113290-virencheck-virenbefall.html)

cosinus 09.04.2012 22:10
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2011.04.30 18:28:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.25 17:34:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.04.07 14:53:09 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-1.xml
[2009.08.05 10:45:39 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-10.xml
[2009.09.11 22:35:57 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-11.xml
[2009.10.29 07:17:15 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-12.xml
[2009.12.20 11:45:26 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-13.xml
[2010.01.08 12:10:00 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-14.xml
[2008.12.17 13:26:08 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-2.xml
[2009.02.07 15:09:50 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-3.xml
[2009.03.06 07:14:33 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-4.xml
[2009.03.29 14:55:31 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-5.xml
[2009.04.24 06:26:10 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-6.xml
[2009.04.28 19:57:15 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-7.xml
[2009.06.12 12:47:56 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-8.xml
[2009.07.23 19:47:47 | 000,000,950 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-9.xml
[2008.11.18 14:56:02 | 000,000,944 | ---- | M] () -- C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin.xml
[2012.04.09 01:24:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2008.12.14 16:35:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.02.10 20:42:31 | 000,002,194 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O3 - HKU\S-1-5-21-1877079746-2264202069-1773246446-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1fd3a3ce-2b38-11de-b425-001d6007f610}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\remove.exe
O33 - MountPoints2\{a10cf943-c4a2-11df-b504-001d6007f610}\Shell\AutoRun\command - "" = G:\installer.exe
O33 - MountPoints2\{bcb7c604-0373-11de-8ee0-001d6007f610}\Shell\AutoRun\command - "" = H:\ImageTools.exe
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\ImageTools.exe
MsConfig - StartUpFolder: C:^Users^Bauer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ch8l0.exe.lnk -  - File not found
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Blackduster 09.04.2012 22:36
Hat geklappt. Ist der PC jetzt Virenfrei?

cosinus 10.04.2012 10:14
Nein!
Du hast das Log nicht gepostet

Blackduster 10.04.2012 17:52
Oh.. irgentwie komme ich mir bei euch immer wie ein blutiger Anänger vor...

LOG:
Code:
All processes killed
========== OTL ==========
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Bauer\AppData\Roaming\mozilla\Firefox\Profiles\9x5xnoar.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Bauer\AppData\Roaming\Mozilla\Firefox\Profiles\9x5xnoar.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\mozilla firefox\extensions folder moved successfully.
Folder C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
C:\Program Files\mozilla firefox\searchplugins\babylon.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-1877079746-2264202069-1773246446-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fd3a3ce-2b38-11de-b425-001d6007f610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1fd3a3ce-2b38-11de-b425-001d6007f610}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\remove.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a10cf943-c4a2-11df-b504-001d6007f610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a10cf943-c4a2-11df-b504-001d6007f610}\ not found.
File G:\installer.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bcb7c604-0373-11de-8ee0-001d6007f610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bcb7c604-0373-11de-8ee0-001d6007f610}\ not found.
File H:\ImageTools.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
File H:\ImageTools.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Users^Bauer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ch8l0.exe.lnk\ deleted successfully.
C:\Windows\pss\ch8l0.exe.lnk.Startup moved successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Bauer
->Temp folder emptied: 16814114 bytes
->Temporary Internet Files folder emptied: 34857883 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 569168922 bytes
->Flash cache emptied: 3123011 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7494631 bytes
RecycleBin emptied: 272108962 bytes
 
Total Files Cleaned = 862,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Bauer
->Flash cache emptied: 0 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04092012_232533

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 10.04.2012 19:05
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Blackduster 10.04.2012 19:23
Code:
20:11:56.0739 4896        TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:11:56.0926 4896        ============================================================
20:11:56.0926 4896        Current date / time: 2012/04/10 20:11:56.0926
20:11:56.0926 4896        SystemInfo:
20:11:56.0926 4896       
20:11:56.0926 4896        OS Version: 6.0.6002 ServicePack: 2.0
20:11:56.0926 4896        Product type: Workstation
20:11:56.0926 4896        ComputerName: NOTEBOOK
20:11:56.0926 4896        UserName: Bauer
20:11:56.0926 4896        Windows directory: C:\Windows
20:11:56.0926 4896        System windows directory: C:\Windows
20:11:56.0926 4896        Processor architecture: Intel x86
20:11:56.0926 4896        Number of processors: 2
20:11:56.0926 4896        Page size: 0x1000
20:11:56.0926 4896        Boot type: Normal boot
20:11:56.0926 4896        ============================================================
20:11:58.0579 4896        Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x6EEC8, SectorsPerTrack: 0x4, TracksPerCylinder: 0x81, Type 'K0', Flags 0x00000050
20:11:58.0595 4896        \Device\Harddisk0\DR0:
20:11:58.0595 4896        MBR used
20:11:58.0595 4896        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xDAC800, BlocksNum 0x6FCA000
20:11:58.0611 4896        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7D77000, BlocksNum 0x621D000
20:11:58.0720 4896        Initialize success
20:11:58.0720 4896        ============================================================
20:12:28.0360 5656        ============================================================
20:12:28.0360 5656        Scan started
20:12:28.0360 5656        Mode: Manual; SigCheck; TDLFS;
20:12:28.0360 5656        ============================================================
20:12:28.0953 5656        ACEDRV06        (44010948bde6ade50dd1386657c73e83) C:\Windows\system32\drivers\ACEDRV06.sys
20:12:29.0202 5656        ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
20:12:29.0218 5656        ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
20:12:29.0343 5656        acedrv09        (bd4e8c841716d5f2804ce000cfe61524) C:\Windows\system32\drivers\acedrv09.sys
20:12:29.0904 5656        acedrv09 - ok
20:12:29.0998 5656        acehlp09        (7b19e528f2f40524e2c40f754a571eb8) C:\Windows\system32\drivers\acehlp09.sys
20:12:30.0045 5656        acehlp09 - ok
20:12:30.0169 5656        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:12:30.0216 5656        ACPI - ok
20:12:30.0357 5656        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:12:30.0403 5656        AdobeFlashPlayerUpdateSvc - ok
20:12:30.0513 5656        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:12:30.0606 5656        adp94xx - ok
20:12:30.0715 5656        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:12:30.0762 5656        adpahci - ok
20:12:30.0840 5656        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:12:30.0871 5656        adpu160m - ok
20:12:30.0934 5656        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:12:30.0981 5656        adpu320 - ok
20:12:31.0074 5656        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:12:31.0137 5656        AeLookupSvc - ok
20:12:31.0277 5656        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:12:31.0371 5656        AFD - ok
20:12:31.0464 5656        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:12:31.0495 5656        agp440 - ok
20:12:31.0589 5656        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:12:31.0620 5656        aic78xx - ok
20:12:31.0729 5656        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:12:31.0823 5656        ALG - ok
20:12:31.0885 5656        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:12:31.0901 5656        aliide - ok
20:12:32.0010 5656        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:12:32.0041 5656        amdagp - ok
20:12:32.0119 5656        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:12:32.0151 5656        amdide - ok
20:12:32.0260 5656        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:12:32.0494 5656        AmdK7 - ok
20:12:32.0572 5656        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:12:32.0665 5656        AmdK8 - ok
20:12:32.0743 5656        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:12:32.0806 5656        Appinfo - ok
20:12:32.0931 5656        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:12:32.0962 5656        arc - ok
20:12:33.0040 5656        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:12:33.0071 5656        arcsas - ok
20:12:33.0149 5656        ASLDRService    (66597ad6098352d11239c0c42100b176) C:\Program Files\ATK Hotkey\ASLDRSrv.exe
20:12:33.0165 5656        ASLDRService ( UnsignedFile.Multi.Generic ) - warning
20:12:33.0165 5656        ASLDRService - detected UnsignedFile.Multi.Generic (1)
20:12:33.0196 5656        ASMMAP          (f1a1b8c0e3b2542a2a9ec78ec0b3a591) C:\Program Files\ATKGFNEX\ASMMAP.sys
20:12:33.0243 5656        ASMMAP ( UnsignedFile.Multi.Generic ) - warning
20:12:33.0243 5656        ASMMAP - detected UnsignedFile.Multi.Generic (1)
20:12:33.0352 5656        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:12:33.0445 5656        AsyncMac - ok
20:12:33.0555 5656        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:12:33.0586 5656        atapi - ok
20:12:33.0711 5656        athr            (44362605f5fff00c9b7696b47680a8c5) C:\Windows\system32\DRIVERS\athr.sys
20:12:33.0867 5656        athr - ok
20:12:33.0945 5656        ATKGFNEXSrv    (b607e1315332639b0fca261f861fdd5f) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
20:12:33.0960 5656        ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
20:12:33.0960 5656        ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
20:12:34.0085 5656        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:12:34.0163 5656        AudioEndpointBuilder - ok
20:12:34.0194 5656        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:12:34.0257 5656        Audiosrv - ok
20:12:34.0631 5656        AVGIDSAgent    (f5689fba4360be50839999882e0a9d99) C:\Program Files\AVG\AVG2012\avgidsagent.exe
20:12:35.0505 5656        AVGIDSAgent - ok
20:12:35.0645 5656        AVGIDSDriver    (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:12:35.0676 5656        AVGIDSDriver - ok
20:12:35.0739 5656        AVGIDSEH        (f4050c31e6a83cf1e4cdc80d165f7f08) C:\Windows\system32\DRIVERS\avgidsehx.sys
20:12:35.0770 5656        AVGIDSEH - ok
20:12:35.0832 5656        AVGIDSFilter    (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
20:12:35.0848 5656        AVGIDSFilter - ok
20:12:35.0910 5656        AVGIDSShim      (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:12:35.0926 5656        AVGIDSShim - ok
20:12:36.0019 5656        Avgldx86        (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
20:12:36.0066 5656        Avgldx86 - ok
20:12:36.0129 5656        Avgmfx86        (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:12:36.0160 5656        Avgmfx86 - ok
20:12:36.0300 5656        Avgrkx86        (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:12:36.0316 5656        Avgrkx86 - ok
20:12:36.0409 5656        Avgtdix        (b2fc9d4de6a2e57a4dfb5a11440c5b85) C:\Windows\system32\DRIVERS\avgtdix.sys
20:12:36.0472 5656        Avgtdix - ok
20:12:36.0581 5656        avgwd          (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:12:36.0612 5656        avgwd - ok
20:12:36.0768 5656        A_USBETHMP      (cfad896f667d497873a1b28d50847d41) C:\Windows\system32\Drivers\usbethmp.sys
20:12:36.0831 5656        A_USBETHMP - ok
20:12:36.0971 5656        B-Service      (c3edb060c0427607eb9344ec861585ff) C:\Users\Bauer\Downloads\B-Service.exe
20:12:37.0002 5656        B-Service - ok
20:12:37.0158 5656        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:12:37.0236 5656        Beep - ok
20:12:37.0361 5656        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:12:37.0486 5656        BFE - ok
20:12:37.0657 5656        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:12:37.0782 5656        BITS - ok
20:12:37.0860 5656        blbdrive - ok
20:12:37.0938 5656        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:12:38.0001 5656        bowser - ok
20:12:38.0172 5656        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:12:38.0250 5656        BrFiltLo - ok
20:12:38.0313 5656        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:12:38.0406 5656        BrFiltUp - ok
20:12:38.0484 5656        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:12:38.0593 5656        Browser - ok
20:12:38.0796 5656        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:12:38.0952 5656        Brserid - ok
20:12:38.0983 5656        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:12:39.0124 5656        BrSerWdm - ok
20:12:39.0186 5656        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:12:39.0327 5656        BrUsbMdm - ok
20:12:39.0389 5656        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:12:39.0514 5656        BrUsbSer - ok
20:12:39.0654 5656        BthEnum        (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
20:12:39.0701 5656        BthEnum - ok
20:12:39.0795 5656        BTHMODEM        (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
20:12:39.0873 5656        BTHMODEM - ok
20:12:39.0966 5656        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:12:40.0075 5656        BthPan - ok
20:12:40.0372 5656        BTHPORT        (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
20:12:40.0481 5656        BTHPORT - ok
20:12:40.0543 5656        BthServ        (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
20:12:40.0621 5656        BthServ - ok
20:12:40.0731 5656        BTHUSB          (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
20:12:40.0793 5656        BTHUSB - ok
20:12:40.0887 5656        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:12:40.0980 5656        cdfs - ok
20:12:41.0074 5656        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:12:41.0136 5656        cdrom - ok
20:12:41.0277 5656        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:12:41.0339 5656        CertPropSvc - ok
20:12:41.0417 5656        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:12:41.0573 5656        circlass - ok
20:12:41.0682 5656        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:12:41.0713 5656        CLFS - ok
20:12:41.0791 5656        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:12:41.0807 5656        clr_optimization_v2.0.50727_32 - ok
20:12:41.0979 5656        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:12:42.0010 5656        clr_optimization_v4.0.30319_32 - ok
20:12:42.0103 5656        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:12:42.0197 5656        CmBatt - ok
20:12:42.0259 5656        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:12:42.0291 5656        cmdide - ok
20:12:42.0353 5656        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:12:42.0384 5656        Compbatt - ok
20:12:42.0462 5656        COMSysApp - ok
20:12:42.0509 5656        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:12:42.0540 5656        crcdisk - ok
20:12:42.0634 5656        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:12:42.0805 5656        Crusoe - ok
20:12:42.0961 5656        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
20:12:43.0024 5656        CryptSvc - ok
20:12:43.0149 5656        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:12:43.0273 5656        DcomLaunch - ok
20:12:43.0367 5656        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:12:43.0429 5656        DfsC - ok
20:12:43.0663 5656        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:12:44.0007 5656        DFSR - ok
20:12:44.0178 5656        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:12:44.0256 5656        Dhcp - ok
20:12:44.0381 5656        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:12:44.0412 5656        disk - ok
20:12:44.0506 5656        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:12:44.0568 5656        Dnscache - ok
20:12:44.0662 5656        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:12:44.0740 5656        dot3svc - ok
20:12:44.0833 5656        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:12:44.0927 5656        DPS - ok
20:12:45.0067 5656        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:12:45.0130 5656        drmkaud - ok
20:12:45.0239 5656        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:12:45.0333 5656        DXGKrnl - ok
20:12:45.0520 5656        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:12:45.0660 5656        E1G60 - ok
20:12:45.0738 5656        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:12:45.0816 5656        EapHost - ok
20:12:45.0910 5656        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:12:45.0941 5656        Ecache - ok
20:12:46.0003 5656        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:12:46.0081 5656        ehRecvr - ok
20:12:46.0144 5656        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:12:46.0222 5656        ehSched - ok
20:12:46.0237 5656        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:12:46.0300 5656        ehstart - ok
20:12:46.0409 5656        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:12:46.0471 5656        elxstor - ok
20:12:46.0596 5656        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:12:46.0659 5656        EMDMgmt - ok
20:12:46.0752 5656        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:12:46.0846 5656        EventSystem - ok
20:12:46.0939 5656        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:12:47.0002 5656        exfat - ok
20:12:47.0064 5656        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:12:47.0142 5656        fastfat - ok
20:12:47.0220 5656        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:12:47.0376 5656        fdc - ok
20:12:47.0454 5656        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:12:47.0532 5656        fdPHost - ok
20:12:47.0626 5656        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:12:47.0766 5656        FDResPub - ok
20:12:47.0860 5656        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:12:47.0891 5656        FileInfo - ok
20:12:47.0938 5656        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:12:48.0031 5656        Filetrace - ok
20:12:48.0219 5656        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\MAGIX\Common\Database\bin\fbserver.exe
20:12:48.0437 5656        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
20:12:48.0437 5656        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
20:12:48.0562 5656        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:12:48.0702 5656        flpydisk - ok
20:12:48.0843 5656        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:12:48.0889 5656        FltMgr - ok
20:12:49.0030 5656        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:12:49.0155 5656        FontCache - ok
20:12:49.0264 5656        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:12:49.0295 5656        FontCache3.0.0.0 - ok
20:12:49.0389 5656        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:12:49.0467 5656        Fs_Rec - ok
20:12:49.0545 5656        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:12:49.0576 5656        gagp30kx - ok
20:12:49.0654 5656        GEARAspiWDM    (f2f431d1573ee632975c524418655b84) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:12:49.0669 5656        GEARAspiWDM - ok
20:12:49.0763 5656        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:12:49.0888 5656        gpsvc - ok
20:12:49.0997 5656        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:12:50.0028 5656        gupdate - ok
20:12:50.0044 5656        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:12:50.0075 5656        gupdatem - ok
20:12:50.0184 5656        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
20:12:50.0247 5656        HdAudAddService - ok
20:12:50.0356 5656        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:12:50.0465 5656        HDAudBus - ok
20:12:50.0559 5656        HidBth          (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
20:12:50.0621 5656        HidBth - ok
20:12:50.0730 5656        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:12:50.0871 5656        HidIr - ok
20:12:50.0949 5656        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:12:50.0995 5656        hidserv - ok
20:12:51.0073 5656        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:12:51.0151 5656        HidUsb - ok
20:12:51.0229 5656        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:12:51.0307 5656        hkmsvc - ok
20:12:51.0401 5656        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:12:51.0432 5656        HpCISSs - ok
20:12:51.0526 5656        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:12:51.0635 5656        HTTP - ok
20:12:51.0697 5656        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:12:51.0729 5656        i2omp - ok
20:12:51.0838 5656        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:12:51.0916 5656        i8042prt - ok
20:12:52.0025 5656        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:12:52.0072 5656        iaStorV - ok
20:12:52.0165 5656        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:12:52.0306 5656        idsvc - ok
20:12:52.0384 5656        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:12:52.0415 5656        iirsp - ok
20:12:52.0493 5656        IJPLMSVC        (51516252dbbfed36f70b341dba263167) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:12:52.0524 5656        IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning
20:12:52.0524 5656        IJPLMSVC - detected UnsignedFile.Multi.Generic (1)
20:12:52.0618 5656        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:12:52.0743 5656        IKEEXT - ok
20:12:52.0852 5656        InCDfs          (aea4c9bb21c12e8be4078d836dd98f86) C:\Windows\system32\drivers\InCDFs.sys
20:12:52.0883 5656        InCDfs - ok
20:12:52.0945 5656        InCDPass        (507ca5b34ccee17fe5af5b14a718775b) C:\Windows\system32\drivers\InCDPass.sys
20:12:52.0977 5656        InCDPass - ok
20:12:53.0055 5656        InCDrec        (2e977f77a1d479cf12950fc1ed70b415) C:\Windows\system32\drivers\InCDrec.sys
20:12:53.0070 5656        InCDrec - ok
20:12:53.0117 5656        incdrm          (3b98d9eb9e63f5affb532f977c09162f) C:\Windows\system32\drivers\InCDRm.sys
20:12:53.0148 5656        incdrm - ok
20:12:53.0289 5656        InCDsrv        (219cd67ac3547b0b29b7cda0513e50ba) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
20:12:53.0413 5656        InCDsrv - ok
20:12:53.0507 5656        IntcAzAudAddService - ok
20:12:53.0616 5656        intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:12:53.0647 5656        intelide - ok
20:12:53.0710 5656        intelppm        (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:12:53.0850 5656        intelppm - ok
20:12:53.0928 5656        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:12:54.0006 5656        IPBusEnum - ok
20:12:54.0084 5656        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:12:54.0162 5656        IpFilterDriver - ok
20:12:54.0303 5656        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:12:54.0349 5656        iphlpsvc - ok
20:12:54.0396 5656        IpInIp - ok
20:12:54.0474 5656        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:12:54.0615 5656        IPMIDRV - ok
20:12:54.0693 5656        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:12:54.0771 5656        IPNAT - ok
20:12:54.0833 5656        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:12:54.0911 5656        IRENUM - ok
20:12:55.0020 5656        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:12:55.0051 5656        isapnp - ok
20:12:55.0145 5656        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:12:55.0192 5656        iScsiPrt - ok
20:12:55.0270 5656        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:12:55.0301 5656        iteatapi - ok
20:12:55.0363 5656        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:12:55.0395 5656        iteraid - ok
20:12:55.0504 5656        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:12:55.0535 5656        kbdclass - ok
20:12:55.0613 5656        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:12:55.0660 5656        kbdhid - ok
20:12:55.0753 5656        kbfiltr        (cc2a86d7bbf14977340dca61bbcba771) C:\Windows\system32\DRIVERS\kbfiltr.sys
20:12:55.0831 5656        kbfiltr - ok
20:12:55.0941 5656        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:12:55.0987 5656        KeyIso - ok
20:12:56.0097 5656        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:12:56.0175 5656        KSecDD - ok
20:12:56.0284 5656        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:12:56.0409 5656        KtmRm - ok
20:12:56.0549 5656        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:12:56.0627 5656        LanmanServer - ok
20:12:56.0705 5656        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:12:56.0767 5656        LanmanWorkstation - ok
20:12:56.0845 5656        LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:12:56.0861 5656        LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:12:56.0861 5656        LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:12:56.0939 5656        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:12:57.0033 5656        lltdio - ok
20:12:57.0142 5656        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:12:57.0251 5656        lltdsvc - ok
20:12:57.0329 5656        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:12:57.0485 5656        lmhosts - ok
20:12:57.0579 5656        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:12:57.0610 5656        LSI_FC - ok
20:12:57.0657 5656        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:12:57.0688 5656        LSI_SAS - ok
20:12:57.0813 5656        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:12:57.0844 5656        LSI_SCSI - ok
20:12:57.0937 5656        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:12:58.0000 5656        luafv - ok
20:12:58.0078 5656        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:12:58.0125 5656        Mcx2Svc - ok
20:12:58.0218 5656        MDM            (c7ed6d73dfc9362624ce7a6ea85b0920) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
20:12:58.0249 5656        MDM ( UnsignedFile.Multi.Generic ) - warning
20:12:58.0249 5656        MDM - detected UnsignedFile.Multi.Generic (1)
20:12:58.0374 5656        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:12:58.0405 5656        megasas - ok
20:12:58.0499 5656        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:12:58.0593 5656        MMCSS - ok
20:12:58.0655 5656        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:12:58.0749 5656        Modem - ok
20:12:58.0889 5656        MODEMCSA        (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
20:12:58.0983 5656        MODEMCSA - ok
20:12:59.0061 5656        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:12:59.0139 5656        monitor - ok
20:12:59.0217 5656        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:12:59.0248 5656        mouclass - ok
20:12:59.0326 5656        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:12:59.0404 5656        mouhid - ok
20:12:59.0529 5656        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:12:59.0560 5656        MountMgr - ok
20:12:59.0638 5656        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:12:59.0669 5656        mpio - ok
20:12:59.0763 5656        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:12:59.0825 5656        mpsdrv - ok
20:12:59.0965 5656        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:13:00.0106 5656        MpsSvc - ok
20:13:00.0184 5656        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:13:00.0215 5656        Mraid35x - ok
20:13:00.0340 5656        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:13:00.0387 5656        MRxDAV - ok
20:13:00.0496 5656        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:13:00.0574 5656        mrxsmb - ok
20:13:00.0652 5656        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:13:00.0714 5656        mrxsmb10 - ok
20:13:00.0761 5656        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:13:00.0808 5656        mrxsmb20 - ok
20:13:00.0870 5656        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:13:00.0901 5656        msahci - ok
20:13:00.0995 5656        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:13:01.0042 5656        msdsm - ok
20:13:01.0120 5656        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:13:01.0213 5656        MSDTC - ok
20:13:01.0307 5656        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:13:01.0385 5656        Msfs - ok
20:13:01.0479 5656        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:13:01.0510 5656        msisadrv - ok
20:13:01.0603 5656        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:13:01.0697 5656        MSiSCSI - ok
20:13:01.0744 5656        msiserver - ok
20:13:01.0806 5656        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:13:01.0884 5656        MSKSSRV - ok
20:13:01.0962 5656        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:13:02.0040 5656        MSPCLOCK - ok
20:13:02.0103 5656        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:13:02.0196 5656        MSPQM - ok
20:13:02.0321 5656        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:13:02.0368 5656        MsRPC - ok
20:13:02.0446 5656        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:13:02.0477 5656        mssmbios - ok
20:13:02.0555 5656        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:13:02.0649 5656        MSTEE - ok
20:13:02.0727 5656        MTsensor        (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
20:13:02.0773 5656        MTsensor - ok
20:13:02.0883 5656        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:13:02.0914 5656        Mup - ok
20:13:03.0007 5656        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:13:03.0117 5656        napagent - ok
20:13:03.0226 5656        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:13:03.0288 5656        NativeWifiP - ok
20:13:03.0429 5656        NBService      (8f3357621d24ed31d98f96e18147fdaf) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:13:03.0538 5656        NBService - ok
20:13:03.0678 5656        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:13:03.0741 5656        NDIS - ok
20:13:03.0819 5656        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:13:03.0897 5656        NdisTapi - ok
20:13:03.0990 5656        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:13:04.0068 5656        Ndisuio - ok
20:13:04.0177 5656        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:13:04.0255 5656        NdisWan - ok
20:13:04.0349 5656        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:13:04.0411 5656        NDProxy - ok
20:13:04.0505 5656        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:13:04.0599 5656        NetBIOS - ok
20:13:04.0692 5656        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:13:04.0786 5656        netbt - ok
20:13:04.0879 5656        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:13:04.0911 5656        Netlogon - ok
20:13:04.0989 5656        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:13:05.0098 5656        Netman - ok
20:13:05.0176 5656        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:13:05.0285 5656        netprofm - ok
20:13:05.0379 5656        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:13:05.0410 5656        NetTcpPortSharing - ok
20:13:05.0597 5656        NETw3v32        (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
20:13:05.0956 5656        NETw3v32 - ok
20:13:06.0081 5656        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:13:06.0112 5656        nfrd960 - ok
20:13:06.0190 5656        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:13:06.0283 5656        NlaSvc - ok
20:13:06.0393 5656        NMIndexingService (ffd209ea219a2599f2f551b80ae6b0bf) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:13:06.0424 5656        NMIndexingService - ok
20:13:06.0533 5656        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:13:06.0627 5656        Npfs - ok
20:13:06.0705 5656        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:13:06.0783 5656        nsi - ok
20:13:06.0829 5656        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:13:06.0923 5656        nsiproxy - ok
20:13:07.0048 5656        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:13:07.0204 5656        Ntfs - ok
20:13:07.0344 5656        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:13:07.0485 5656        ntrigdigi - ok
20:13:07.0547 5656        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:13:07.0625 5656        Null - ok
20:13:07.0765 5656        NVENETFD        (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:13:07.0906 5656        NVENETFD - ok
20:13:08.0374 5656        nvlddmkm        (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:13:09.0528 5656        nvlddmkm - ok
20:13:09.0669 5656        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:13:09.0700 5656        nvraid - ok
20:13:09.0778 5656        nvsmu          (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
20:13:09.0840 5656        nvsmu - ok
20:13:09.0903 5656        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:13:09.0918 5656        nvstor - ok
20:13:10.0059 5656        nvsvc          (a1da6d6d706ba55348db4ba688f37ca5) C:\Windows\system32\nvvsvc.exe
20:13:10.0105 5656        nvsvc - ok
20:13:10.0183 5656        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:13:10.0215 5656        nv_agp - ok
20:13:10.0261 5656        NwlnkFlt - ok
20:13:10.0324 5656        NwlnkFwd - ok
20:13:10.0417 5656        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
20:13:10.0558 5656        ohci1394 - ok
20:13:10.0651 5656        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:13:10.0683 5656        ose - ok
20:13:10.0979 5656        osppsvc        (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:13:11.0806 5656        osppsvc - ok
20:13:11.0977 5656        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:13:12.0071 5656        p2pimsvc - ok
20:13:12.0133 5656        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:13:12.0211 5656        p2psvc - ok
20:13:12.0321 5656        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:13:12.0477 5656        Parport - ok
20:13:12.0601 5656        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:13:12.0633 5656        partmgr - ok
20:13:12.0711 5656        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:13:12.0851 5656        Parvdm - ok
20:13:12.0929 5656        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:13:13.0007 5656        PcaSvc - ok
20:13:13.0101 5656        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:13:13.0132 5656        pci - ok
20:13:13.0241 5656        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:13:13.0272 5656        pciide - ok
20:13:13.0350 5656        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:13:13.0381 5656        pcmcia - ok
20:13:13.0491 5656        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:13:13.0647 5656        PEAUTH - ok
20:13:13.0881 5656        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:13:14.0115 5656        pla - ok
20:13:14.0239 5656        PLCNDIS5        (2aba2f545b35f9c6cc2cfc4e1d539a80) C:\Windows\system32\plcndis5.sys
20:13:14.0271 5656        PLCNDIS5 ( UnsignedFile.Multi.Generic ) - warning
20:13:14.0271 5656        PLCNDIS5 - detected UnsignedFile.Multi.Generic (1)
20:13:14.0349 5656        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:13:14.0427 5656        PlugPlay - ok
20:13:14.0520 5656        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:13:14.0583 5656        PNRPAutoReg - ok
20:13:14.0645 5656        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:13:14.0723 5656        PNRPsvc - ok
20:13:14.0817 5656        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:13:14.0926 5656        PolicyAgent - ok
20:13:15.0066 5656        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:13:15.0175 5656        PptpMiniport - ok
20:13:15.0253 5656        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:13:15.0378 5656        Processor - ok
20:13:15.0456 5656        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:13:15.0534 5656        ProfSvc - ok
20:13:15.0628 5656        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:13:15.0675 5656        ProtectedStorage - ok
20:13:15.0784 5656        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:13:15.0846 5656        PSched - ok
20:13:15.0987 5656        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:13:16.0127 5656        ql2300 - ok
20:13:16.0267 5656        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:13:16.0299 5656        ql40xx - ok
20:13:16.0408 5656        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:13:16.0470 5656        QWAVE - ok
20:13:16.0533 5656        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:13:16.0579 5656        QWAVEdrv - ok
20:13:16.0689 5656        RapiMgr        (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
20:13:16.0767 5656        RapiMgr - ok
20:13:16.0891 5656        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:13:16.0985 5656        RasAcd - ok
20:13:17.0032 5656        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:13:17.0141 5656        RasAuto - ok
20:13:17.0203 5656        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:13:17.0281 5656        Rasl2tp - ok
20:13:17.0359 5656        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:13:17.0453 5656        RasMan - ok
20:13:17.0578 5656        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:13:17.0640 5656        RasPppoe - ok
20:13:17.0703 5656        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:13:17.0734 5656        RasSstp - ok
20:13:17.0843 5656        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:13:17.0921 5656        rdbss - ok
20:13:17.0983 5656        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:13:18.0061 5656        RDPCDD - ok
20:13:18.0171 5656        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:13:18.0311 5656        rdpdr - ok
20:13:18.0420 5656        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:13:18.0498 5656        RDPENCDD - ok
20:13:18.0607 5656        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
20:13:18.0670 5656        RDPWD - ok
20:13:18.0779 5656        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:13:18.0873 5656        RemoteAccess - ok
20:13:18.0982 5656        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:13:19.0060 5656        RemoteRegistry - ok
20:13:19.0153 5656        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
20:13:19.0231 5656        RFCOMM - ok
20:13:19.0309 5656        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:13:19.0372 5656        RpcLocator - ok
20:13:19.0497 5656        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:13:19.0575 5656        RpcSs - ok
20:13:19.0668 5656        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:13:19.0762 5656        rspndr - ok
20:13:19.0840 5656        RTL8169        (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
20:13:19.0980 5656        RTL8169 - ok
20:13:20.0089 5656        RTSTOR          (43bfcad27999b694652512521851888b) C:\Windows\system32\drivers\RTSTOR.SYS
20:13:20.0152 5656        RTSTOR - ok
20:13:20.0230 5656        s0016bus        (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
20:13:20.0261 5656        s0016bus - ok
20:13:20.0355 5656        s0016mdfl      (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
20:13:20.0386 5656        s0016mdfl - ok
20:13:20.0448 5656        s0016mdm        (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
20:13:20.0479 5656        s0016mdm - ok
20:13:20.0604 5656        s0016mgmt      (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
20:13:20.0635 5656        s0016mgmt - ok
20:13:20.0729 5656        s0016nd5        (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
20:13:20.0760 5656        s0016nd5 - ok
20:13:20.0838 5656        s0016obex      (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
20:13:20.0854 5656        s0016obex - ok
20:13:20.0932 5656        s0016unic      (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
20:13:20.0963 5656        s0016unic - ok
20:13:21.0103 5656        s0017bus        (6381d7fac6ce956f37aa76031939f8cc) C:\Windows\system32\DRIVERS\s0017bus.sys
20:13:21.0119 5656        s0017bus - ok
20:13:21.0228 5656        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:13:21.0259 5656        SamSs - ok
20:13:21.0353 5656        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:13:21.0384 5656        sbp2port - ok
20:13:21.0478 5656        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:13:21.0556 5656        SCardSvr - ok
20:13:21.0681 5656        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:13:21.0805 5656        Schedule - ok
20:13:21.0883 5656        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:13:21.0930 5656        SCPolicySvc - ok
20:13:22.0024 5656        sdbus          (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
20:13:22.0164 5656        sdbus - ok
20:13:22.0273 5656        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:13:22.0336 5656        SDRSVC - ok
20:13:22.0383 5656        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:13:22.0523 5656        secdrv - ok
20:13:22.0570 5656        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:13:22.0648 5656        seclogon - ok
20:13:22.0741 5656        seehcri        (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
20:13:22.0804 5656        seehcri - ok
20:13:22.0913 5656        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:13:23.0007 5656        SENS - ok
20:13:23.0085 5656        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:13:23.0209 5656        Serenum - ok
20:13:23.0272 5656        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:13:23.0428 5656        Serial - ok
20:13:23.0490 5656        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:13:23.0568 5656        sermouse - ok
20:13:23.0662 5656        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:13:23.0755 5656        SessionEnv - ok
20:13:23.0849 5656        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:13:23.0989 5656        sffdisk - ok
20:13:24.0067 5656        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:13:24.0208 5656        sffp_mmc - ok
20:13:24.0286 5656        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:13:24.0426 5656        sffp_sd - ok
20:13:24.0473 5656        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
20:13:24.0613 5656        sfloppy - ok
20:13:24.0738 5656        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:13:24.0816 5656        SharedAccess - ok
20:13:24.0910 5656        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:13:24.0972 5656        ShellHWDetection - ok
20:13:25.0050 5656        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:13:25.0081 5656        sisagp - ok
20:13:25.0144 5656        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:13:25.0175 5656        SiSRaid2 - ok
20:13:25.0284 5656        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:13:25.0315 5656        SiSRaid4 - ok
20:13:25.0549 5656        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:13:25.0815 5656        slsvc - ok
20:13:25.0877 5656        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:13:25.0939 5656        SLUINotify - ok
20:13:26.0002 5656        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:13:26.0064 5656        Smb - ok
20:13:26.0220 5656        smserial        (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
20:13:26.0423 5656        smserial - ok
20:13:26.0532 5656        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:13:26.0595 5656        SNMPTRAP - ok
20:13:26.0657 5656        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:13:26.0688 5656        spldr - ok
20:13:26.0766 5656        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:13:26.0829 5656        Spooler - ok
20:13:26.0938 5656        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:13:27.0016 5656        srv - ok
20:13:27.0094 5656        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:13:27.0172 5656        srv2 - ok
20:13:27.0250 5656        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:13:27.0297 5656        srvnet - ok
20:13:27.0390 5656        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:13:27.0484 5656        SSDPSRV - ok
20:13:27.0577 5656        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
20:13:27.0593 5656        ssmdrv - ok
20:13:27.0687 5656        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:13:27.0749 5656        SstpSvc - ok
20:13:27.0874 5656        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:13:27.0967 5656        stisvc - ok
20:13:28.0061 5656        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:13:28.0092 5656        swenum - ok
20:13:28.0186 5656        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:13:28.0279 5656        swprv - ok
20:13:28.0389 5656        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:13:28.0420 5656        Symc8xx - ok
20:13:28.0482 5656        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:13:28.0513 5656        Sym_hi - ok
20:13:28.0607 5656        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:13:28.0638 5656        Sym_u3 - ok
20:13:28.0732 5656        SynTP          (760e4f5a1e754bbe4a1bd2a0b54f6aa6) C:\Windows\system32\DRIVERS\SynTP.sys
20:13:28.0763 5656        SynTP - ok
20:13:28.0888 5656        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:13:28.0981 5656        SysMain - ok
20:13:29.0059 5656        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:13:29.0106 5656        TabletInputService - ok
20:13:29.0215 5656        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:13:29.0293 5656        TapiSrv - ok
20:13:29.0418 5656        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:13:29.0512 5656        TBS - ok
20:13:29.0652 5656        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
20:13:29.0761 5656        Tcpip - ok
20:13:29.0933 5656        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
20:13:30.0058 5656        Tcpip6 - ok
20:13:30.0136 5656        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:13:30.0183 5656        tcpipreg - ok
20:13:30.0261 5656        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:13:30.0354 5656        TDPIPE - ok
20:13:30.0417 5656        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:13:30.0495 5656        TDTCP - ok
20:13:30.0619 5656        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:13:30.0666 5656        tdx - ok
20:13:30.0744 5656        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:13:30.0775 5656        TermDD - ok
20:13:30.0853 5656        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:13:30.0963 5656        TermService - ok
20:13:31.0072 5656        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:13:31.0119 5656        Themes - ok
20:13:31.0228 5656        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:13:31.0306 5656        THREADORDER - ok
20:13:31.0399 5656        TPM            (6d9ad3534a9cf7e4b86c6eae8bc335f6) C:\Windows\system32\drivers\tpm.sys
20:13:31.0431 5656        TPM - ok
20:13:31.0493 5656        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:13:31.0602 5656        TrkWks - ok
20:13:31.0665 5656        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:13:31.0727 5656        TrustedInstaller - ok
20:13:31.0852 5656        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:13:31.0945 5656        tssecsrv - ok
20:13:32.0039 5656        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:13:32.0101 5656        tunmp - ok
20:13:32.0179 5656        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:13:32.0226 5656        tunnel - ok
20:13:32.0335 5656        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:13:32.0367 5656        uagp35 - ok
20:13:32.0491 5656        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:13:32.0554 5656        udfs - ok
20:13:32.0647 5656        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:13:32.0741 5656        UI0Detect - ok
20:13:32.0819 5656        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:13:32.0850 5656        uliagpkx - ok
20:13:32.0959 5656        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:13:33.0006 5656        uliahci - ok
20:13:33.0115 5656        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:13:33.0147 5656        UlSata - ok
20:13:33.0225 5656        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:13:33.0256 5656        ulsata2 - ok
20:13:33.0334 5656        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:13:33.0427 5656        umbus - ok
20:13:33.0505 5656        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:13:33.0599 5656        upnphost - ok
20:13:33.0755 5656        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:13:33.0802 5656        usbccgp - ok
20:13:33.0895 5656        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:13:34.0051 5656        usbcir - ok
20:13:34.0114 5656        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:13:34.0176 5656        usbehci - ok
20:13:34.0254 5656        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:13:34.0332 5656        usbhub - ok
20:13:34.0441 5656        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:13:34.0504 5656        usbohci - ok
20:13:34.0582 5656        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:13:34.0675 5656        usbprint - ok
20:13:34.0753 5656        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:13:34.0831 5656        usbscan - ok
20:13:34.0909 5656        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:13:34.0972 5656        USBSTOR - ok
20:13:35.0097 5656        usbuhci        (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:13:35.0237 5656        usbuhci - ok
20:13:35.0331 5656        usb_rndisx      (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
20:13:35.0409 5656        usb_rndisx - ok
20:13:35.0471 5656        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:13:35.0533 5656        UxSms - ok
20:13:35.0611 5656        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:13:35.0721 5656        vds - ok
20:13:35.0830 5656        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:13:35.0970 5656        vga - ok
20:13:36.0048 5656        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:13:36.0142 5656        VgaSave - ok
20:13:36.0220 5656        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:13:36.0251 5656        viaagp - ok
20:13:36.0313 5656        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:13:36.0469 5656        ViaC7 - ok
20:13:36.0594 5656        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:13:36.0625 5656        viaide - ok
20:13:36.0719 5656        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:13:36.0750 5656        volmgr - ok
20:13:36.0844 5656        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:13:36.0891 5656        volmgrx - ok
20:13:36.0969 5656        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:13:37.0000 5656        volsnap - ok
20:13:37.0125 5656        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:13:37.0156 5656        vsmraid - ok
20:13:37.0265 5656        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:13:37.0437 5656        VSS - ok
20:13:37.0546 5656        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:13:37.0639 5656        W32Time - ok
20:13:37.0733 5656        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:13:37.0858 5656        WacomPen - ok
20:13:37.0983 5656        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:38.0045 5656        Wanarp - ok
20:13:38.0061 5656        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:38.0123 5656        Wanarpv6 - ok
20:13:38.0201 5656        WcesComm        (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
20:13:38.0279 5656        WcesComm - ok
20:13:38.0373 5656        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:13:38.0482 5656        wcncsvc - ok
20:13:38.0607 5656        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:13:38.0669 5656        WcsPlugInService - ok
20:13:38.0747 5656        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:13:38.0778 5656        Wd - ok
20:13:38.0872 5656        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:13:38.0934 5656        Wdf01000 - ok
20:13:39.0012 5656        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:13:39.0106 5656        WdiServiceHost - ok
20:13:39.0121 5656        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:13:39.0199 5656        WdiSystemHost - ok
20:13:39.0293 5656        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:13:39.0355 5656        WebClient - ok
20:13:39.0496 5656        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:13:39.0558 5656        Wecsvc - ok
20:13:39.0652 5656        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:13:39.0730 5656        wercplsupport - ok
20:13:39.0823 5656        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:13:39.0886 5656        WerSvc - ok
20:13:39.0995 5656        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:13:40.0042 5656        WinDefend - ok
20:13:40.0073 5656        WinHttpAutoProxySvc - ok
20:13:40.0557 5656        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:13:40.0635 5656        Winmgmt - ok
20:13:40.0822 5656        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:13:41.0009 5656        WinRM - ok
20:13:41.0259 5656        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
20:13:41.0337 5656        winusb - ok
20:13:41.0508 5656        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:13:41.0571 5656        Wlansvc - ok
20:13:41.0664 5656        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:13:41.0820 5656        WmiAcpi - ok
20:13:41.0945 5656        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:13:42.0023 5656        wmiApSrv - ok
20:13:42.0179 5656        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:13:42.0319 5656        WMPNetworkSvc - ok
20:13:42.0444 5656        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:13:42.0522 5656        WPCSvc - ok
20:13:42.0647 5656        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:13:42.0709 5656        WPDBusEnum - ok
20:13:42.0834 5656        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:13:42.0865 5656        WpdUsb - ok
20:13:43.0084 5656        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:13:43.0162 5656        WPFFontCache_v0400 - ok
20:13:43.0271 5656        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:13:43.0365 5656        ws2ifsl - ok
20:13:43.0443 5656        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:13:43.0505 5656        wscsvc - ok
20:13:43.0567 5656        WSearch - ok
20:13:43.0755 5656        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:13:44.0051 5656        wuauserv - ok
20:13:44.0223 5656        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:13:44.0316 5656        WUDFRd - ok
20:13:44.0363 5656        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:13:44.0457 5656        wudfsvc - ok
20:13:44.0597 5656        MBR (0x1B8)    (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0
20:13:44.0800 5656        \Device\Harddisk0\DR0 - ok
20:13:44.0815 5656        Boot (0x1200)  (2b89b5a0f7f9db93846bd1bf41cc2451) \Device\Harddisk0\DR0\Partition0
20:13:44.0815 5656        \Device\Harddisk0\DR0\Partition0 - ok
20:13:44.0862 5656        Boot (0x1200)  (1f0d68319fe15cbe2dca4bf6fb971ffa) \Device\Harddisk0\DR0\Partition1
20:13:44.0862 5656        \Device\Harddisk0\DR0\Partition1 - ok
20:13:44.0862 5656        ============================================================
20:13:44.0862 5656        Scan finished
20:13:44.0862 5656        ============================================================
20:13:44.0909 5980        Detected object count: 9
20:13:44.0909 5980        Actual detected object count: 9
20:14:11.0601 5980        ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0601 5980        ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0601 5980        ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0616 5980        ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0616 5980        ASMMAP ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0616 5980        ASMMAP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0616 5980        ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0616 5980        ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0632 5980        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0632 5980        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0632 5980        IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0632 5980        IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0647 5980        LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0647 5980        LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0647 5980        MDM ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0647 5980        MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:11.0663 5980        PLCNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:11.0663 5980        PLCNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 11.04.2012 10:25
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:19 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19